Re: Zenmap and remote Nmap agents

[Daniel Miller <bonsaiviking () gmail com>]

On Fri, Nov 28, 2014 at 11:27 AM, Niel Skousen <nskousen () ecsecurityinc com>
wrote:

> Maybe missing something, but would be very handy to manage a remote nmap
> scanner via Zenmap local client.   found one web guide from 2010.
>
> Am I missing a capability ?
>
> Background:  My corporate environment is distributed across multiple
> sites, and is Windows based by decree.  At each site I have a CentOS cyber
> system with NMap and other tools.   My VPN access must be from a corporate
> windows laptop.
>
> I'd like to manage and aggregate scans from multiple remote nmap agents
> via the Zenmap on my local Windows LT.
>
> Any suggests or solutions ?

Niel,

Understanding how Zenmap works with the nmap executable will help you
understand your options for using Zenmap and nmap on separate machines.

Zenmap can help you manage your Nmap command lines with saved profiles and
interactive NSE script argument documentation. The command line gets built
in the Command box, and can be edited, copied, and saved. When you hit the
Scan button, Zenmap spawns an nmap process with a couple extra arguments to
generate XML output, then shows a syntax-highlighted scrolling view of the
output.

The only interaction with the nmap process is the execution and the reading
of output. All of Zenmap's fancy views and topology maps are built from the
XML output, which can be imported directly. The scrolling output window has
given some users memory problems in the past; I'm pretty sure we've worked
around that (by dropping the output window when it gets too big), but I
still recommend that people run their Nmap scans from a console and import
the results into Zenmap for viewing.

So here are some options:

1. Install the Windows version of Nmap and Zenmap and just scan from your
Windows machine. Nmap on Windows is well supported and works for just about
everything except SYN scan of localhost.

2. Run your scans via SSH or VPN or something from your CentOS machine,
using the -oA or -oX options to save XML output. Then move the output files
to your Windows machine for viewing with Zenmap. (You'll still have to have
Nmap installed to get Zenmap, or you could use the zipfile instead of the
installer and just copy out the Zenmap part).

3. Rename the nmap.exe on your Windows system to nmap-bin.exe and replace
it with nmap.bat that calls some command-line SSH utility with public-key
authentication to your CentOS machine and runs Nmap there. With a little
work, it could be transparent to Zenmap, though you'd have to do some file
path mangling to get your remote nmap to output XML to a file share while
tricking Zenmap into picking it up from the same file share.

Hope that helps! I'd be interested to see the guide you referred to, and
I'm sure the rest of the list subscribers would like to hear your solution
when you get there.

Dan

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/