Penetration Testing mailing list archives
Re: Port Scanner Reports
From: Joachim Schipper <j.schipper () math uu nl>
Date: Sat, 8 Oct 2005 10:34:11 +0200
On Thu, Oct 06, 2005 at 02:51:00PM -0500, Jeff Brossette wrote:
All, I am looking for a port scanning tool (software or hardware, open source or commercial) that I can configure to run on a regularly scheduled basis, say once a week or once a month, for around 500 internal servers and workstations (Unix/Linux, Windows and Novell). The goal is to produce a "diff" report that will identify any new ports that have been opened on any of the servers or workstations from the previous scan. This would need to be a completely automatic process that would email out the results after each scan cycle. Are there any products that can perform this task? Thanks, Jeff B.
Pretty much anything that outputs plain text can be trivially scripted to do this. Try something like the following (untested): #!/bin/sh OLD_FILE=/var/nmap.scanned MY_NET=192.168.0.0/16 TMPFILE=`mktemp /tmp/nmap.XXXXXXXX` || exit 1 nmap -T1 -sT $MYNET > $TMPFILE 2>&1 diff $TMPFILE $OLD_FILE mv $OLD_FILE $OLD_FILE.old mv $TMPFILE $OLD_FILE And run it from cron. You may even wish to use nmap -T1 -sT $MYNET 2>&1 | tee $TMPFILE, as this will also show you the full report. I really don't see why this is so hard, unless you want to do really strange things. Joachim ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Port Scanner Reports Jeff Brossette (Oct 07)
- RE: Port Scanner Reports Brian Loe (Oct 08)
- Re: Port Scanner Reports Joachim Schipper (Oct 08)
- Re: Port Scanner Reports Syv Ritch (Oct 12)
- Re: Port Scanner Reports Serg Belokamen (Oct 13)
- xp_cmdshell with low permission Frederic Charpentier (Oct 15)
- Re: xp_cmdshell with low permission Hanserl (Oct 16)
- Re: Port Scanner Reports Serg Belokamen (Oct 13)
- <Possible follow-ups>
- Port Scanner Reports jeff . brossette (Oct 07)
- Re: Port Scanner Reports Gary E. Miller (Oct 08)
- Re: Port Scanner Reports Fco. Jose Garrido Matamoros (Oct 08)
- Re: Port Scanner Reports Satanic.Brain (Oct 08)
- RE: Port Scanner Reports Cory Michal (Oct 08)
- Re: Port Scanner Reports Richard Farina (Oct 11)