Penetration Testing mailing list archives
RE: Port Scanner Reports
From: jgervacio () seguridad unam mx
Date: Mon, 17 Oct 2005 09:34:46 -0500
or maybe nmapsql http://www.linuxjournal.com/article/7314 sourceforge.net/projects/nmapsql G3 Quoting Michael Gargiullo <mgargiullo () pvtpt com>:
-----Original Message-----Jeff Brossette wrote: > All, > > I am looking for a port scanning tool (software or hardware, open > source or commercial) that I can configure to run on a regularly > scheduled basis, say > once a week or once a month, for around 500 internal servers and > workstations (Unix/Linux, Windows and Novell). > > The goal is to produce a "diff" report that will identify any new > ports that have been opened on any of the servers or workstationsfrom> the previous scan. > > This would need to be a completely automatic process that would> out the results after each scan cycle. > > Are there any products that can perform this task? > The best [IMHO] is nmap, you can save the output, use cron to schedule it at different times, then use diff to view the changes. That way, you can create a history. If nmap is too complicated, use nmapfe [nmap front end] to generate the command line and plug in cron. Products like GFI scanner, create beautiful web pages to show the customer, "but nmap is still the king." -- Thanks http://www.911networks.com When the network has to work Cisco/Microsoft<snip> I ended up writing a perl wrapper around nmap to feed IP addresses from a database, and store the nmap output into a different table. This way I can query the database and pull a custom diff based on scan date. I also do this with nessus scans. All you need in Linux, perl, mysql, and nmap. -Mike ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Port Scanner Reports, (continued)
- Re: Port Scanner Reports Fco. Jose Garrido Matamoros (Oct 08)
- Re: Port Scanner Reports Satanic.Brain (Oct 08)
- RE: Port Scanner Reports Cory Michal (Oct 08)
- Re: Port Scanner Reports Richard Farina (Oct 11)
- Re: Port Scanner Reports Packet Man (Oct 13)
- Re: Port Scanner Reports Daniel Miessler (Oct 31)
- RE: Port Scanner Reports Hayes, Ian (Oct 08)
- RE: Port Scanner Reports Michael Gargiullo (Oct 10)
- .Net XSS DokFLeed (Oct 11)
- RE: Port Scanner Reports Michael Gargiullo (Oct 15)
- RE: Port Scanner Reports jgervacio (Oct 18)