Security Basics mailing list archives
Re: Network Resource Mapping Reporting
From: "Joseph McCray" <joe () learnsecurityonline com>
Date: Mon, 25 Sep 2006 11:01:06 -0400 (EDT)
We'll see if this helps you. I'm not much for tools that you pay for so these will all be open-source options. When I was an intrusion analyst I had to do a lot of scanning really large networks. You know, "Hey Joe can you scan these 10 class Bs for port 4444, and oh yeah scan these 2 class As for port 56789". Man I'm glad those days are over. I like a tool called multimap.pl. It's a nice little wrapper for nmap/amap. Tool Description: multimap is a multithreaded wrapper for nmap designed to run a number of concurrent nmap scans and speed up the scan of large networks. Optionally it will launch amap on the open ports and generate an HTML file of the results. Tested with nmap 3.27, 3.30 and amap 4.2. Tool Location: http://packetstormsecurity.org/UNIX/audit/multimap.pl Since you sound like you are scanning a LAN and you want info about shares and stuff like that you may want to consider Nessus with MySQL integration. I did this for a customer recently. There are a lot of different ways you can do it so here are a few links that you may find useful. Options like: NessQuik Nessus-php ossim autoscan Here are some websites you might want to take a look at: http://www.samag.com/documents/s=7933/sam0305e/0305e.htm <- General Info http://enterprise.bidmc.harvard.edu/pub/nessus-php/ http://www.atriskonline.com/archives/00000048.shtml http://sourceforge.net/projects/os-sim http://sourceforge.net/projects/autoscan <-- Probably the one you should try http://sourceforge.net/projects/inprotect http://sourceforge.net/projects/gherkin http://sourceforge.net/projects/vscweb Hope this helps... -- Joe McCray Toll Free: 1-866-892-2132 Email: joe () learnsecurityonline com Web: http://www.learnsecurityonline.com
I was wondering if anyone could recommend a utility that will map out a network. Give detailed information about IP, hostname, shares, permissions, and other useful info. I know there are many out there and Ive used a couple but none that were great. It will run on a large domain and I dont want something that will crash the network either. Also if it could look for missing updates that would be cool too. (I know how to Google Im just curious what others have had success using and recommend) Thank you, Jeff Dixon --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Network Resource Mapping Reporting Jeff Dixon (Sep 25)
- Re: Network Resource Mapping Reporting Joseph McCray (Sep 26)
- <Possible follow-ups>
- RE: Network Resource Mapping Reporting Beauford, Jason (Sep 26)
- Re: Network Resource Mapping Reporting krymson (Sep 26)
- RE: Network Resource Mapping Reporting William Woodhams (Sep 26)