Nmap Announce mailing list archives
Re: Nmap and xlogmaster
From: ajax <ajax () mobis com>
Date: Thu, 28 Jan 1999 19:49:10 -0600 (EST)
Hi, in regard to your question about an append option to the -o option, it seems easy enough. The solution lies around ~198 of nmap.c: case 'o': if (o.logfd != NULL) fatal("Only one log filename allowed"); o.logfd = fopen(optarg, "w"); if (!o.logfd) fatal("Failed to open output file %s for writing", optarg); break; You want to replace the second parameter to fopen with a "a" instead of a "w". later, ajax () mobis com | The skill of accurate perception Unix Network Admin | is called cynicism by those who Mobile Internet Services, Inc. | don't possess it. On Thu, 28 Jan 1999, Erik Parker wrote:
On a machine of ours, I tested using xlogmaster and nmap.. This could have been done several ways, but since we run xlogmaster, this is how I did it. We run tcplog on the machine, and when a connection attempt occurs it shows: Jan 28 15:39:33 auth4 tcplog[68]: ssh connection attempt from localhost (127.0.0.1):1059 So.. Using xlogmaster, anytime it see's "ssh connection attempt" it executes /root/program /root/program contains: tail /var/log/messages | grep -i "ssh connection attempt from" |awk '{print $10}'|xargs nmap -O >> /root/nmaplog That way it logs all the open ports, and tries to guess their OS. Two things... Is there a way to get it to show the actual fingerprint that it comes back with, in addition to its guess? ANd using the -o option, for output to logfile, is there, or plans for an append option to that. I don't want to lose the logs everytime it tries, so for now I'll use >> Erik Parker netmask () 303 org http://radio.cuervocon.org/ramgen/encoder/live.rm Real Audio G2 - Wednesday Nights 10pm-2am CST. "Signals from Dementia" - By Dj-Netmask Industrial / Hard Rock / Techno / Psycho Stories
Current thread:
- Nmap and xlogmaster Erik Parker (Jan 28)
- Re: Nmap and xlogmaster Max Vision (Jan 28)
- Re: Nmap and xlogmaster Adam Shostack (Jan 28)
- Re: Nmap and xlogmaster Lamont Granquist (Jan 28)
- Re: Nmap and xlogmaster Erik Parker (Jan 28)
- Re: Nmap and xlogmaster HD Moore (Jan 28)
- Re: Nmap and xlogmaster Lamont Granquist (Jan 29)
- Re: Nmap and xlogmaster Steve Palmer (Jan 28)
- Re: Nmap and xlogmaster Lamont Granquist (Jan 29)
- Re: Nmap and xlogmaster Dave Dittrich (Jan 29)
- Re: Nmap and xlogmaster Max Vision (Jan 28)