Re: How to aggregate output of NMAP

["Robert Rich" <rrich () gstisecurity com>]

If you go the XML route, you can skip the database and use XSLT to transform
the nmap output directly into a report.
If you need an intro, there are quite a few good tutorials out there that
will get you moving in a day or two (there's a great set at Builder.com).

For your specific application you could count elements then write them in a
list/table/etc.  Nice thing is that you can output HTML directly for
reports, or to ASCII to feed into other applications.

Bob

----- Original Message -----
From: "Rayburn, Gordon" <grayburn () firstam com>
To: <PEN-TEST () securityfocus com>
Sent: Monday, February 11, 2002 10:12 PM
Subject: RE: How to aggregate output of NMAP


> Using xml output, I'd stick it into a db and write some quick n dirty
> crystal reports.  This could be automated quite easily and with little
> headache, IMO.
>
> > -----Original Message-----
> > From: George Lewis [SMTP:schvin () schvin net]
> > Sent: Tuesday, February 05, 2002 3:29 PM
> > To: Carmelo Floridia
> > Cc: PEN-TEST () securityfocus com
> > Subject: Re: How to aggregate output of NMAP
> >
> > Carmelo Floridia (cfloridia () lex unict it) wrote:
> > > I used nmap -sS -p80,25,110,21 172.31.*.* -oN output
> > > do you know if exist any tool to summarize the result in order to know
> > (for
> > > example):
> > >
> > > how may WEB answered
> > > who are the web server
> > >
> > > hom many FTP
> > > who are ftp
> > >
> > > I used nlog....any other tool?
> >
> > Another thought is that nmap has an xml output option... it might
> > be better to output to xml and have a perl or python or some other
> > xml parser pull it in and compare... that would probably be a pretty
> > clean/graceful solution.
> >
> > --
> > http://schvin.net/
>
> --------------------------------------------------------------------------
> > --
> > This list is provided by the SecurityFocus Security Intelligence Alert
> > (SIA)
> > Service. For more information on SecurityFocus' SIA service which
> > automatically alerts you to the latest security vulnerabilities please
> > see:
> > https://alerts.securityfocus.com/
>
> "MMS <firstam.com>" made the following
>  annotations on 02/11/02 19:13:43
> --------------------------------------------------------------------------
----
> "THIS E-MAIL MESSAGE AND ANY FILES TRANSMITTED HEREWITH, ARE INTENDED
SOLELY FOR THE USE OF THE INDIVIDUAL(S) ADDRESSED AND MAY CONTAIN
CONFIDENTIAL, PROPRIETARY OR PRIVILEGED INFORMATION.  IF YOU ARE NOT THE
ADDRESSEE INDICATED IN THIS MESSAGE (OR RESPONSIBLE FOR DELIVERY OF THIS
MESSAGE TO SUCH PERSON) YOU MAY NOT REVIEW, USE, DISCLOSE OR DISTRIBUTE THIS
MESSAGE OR ANY FILES TRANSMITTED HEREWITH.  IF YOU RECEIVE THIS MESSAGE IN
ERROR, PLEASE CONTACT THE SENDER BY REPLY E-MAIL AND DELETE THIS MESSAGE AND
ALL COPIES OF IT FROM YOUR SYSTEM."
>
============================================================================
==
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/