Nmap Announce mailing list archives
tcl script using nmap to verify services
From: Philip Ehrens <pehrens () ligo caltech edu>
Date: Mon, 10 Jan 2000 11:28:13 -0800
Hi All, I was asked to write this as a sys-admin tool. It is actually an early version of the tool we are using, which is rather site specific. I thought somebody might find it educational or even useful. ~~~~snip~~~~ #!/ldcg/bin/tclsh # This is a simple script which parses the output of # the nmap program to determine whether required services # are in fact running on a machine. Output is written as # an html formatted log file with a sensible default name. # Two arguments are accepted: # # service_check [ hostname ] [ polling interval ] # # where polling interval is given in seconds. # Note that there is considerable time overhead when # running nmap in "Polite mode, so times less than 100 sec # may be significantly longer than they should be! ;## no checking is done for bad values. if { [ llength $argv ] == 2 } { set host [ lindex $argv 0 ] set interval [ lindex $argv 1 ] } else { set host $::env(HOST) set interval 10 } ;## if a single arg is given, if it is an integer, assume ;## it is an interval, else it is a hostname. if { [ llength $argv ] == 1 } { if { [ regexp {^\d+$} [ lindex $argv 0 ] ] } { set interval [ lindex $argv 0 ] } else { set host [ lindex $argv 0 ] } } set log [ file join ${host}_servicelog.html ] array set services { 7 echo 9 discard 13 daytime 19 chargen 22 ssh 25 smtp 37 time 111 sunrpc 512 exec 514 shell 515 printer 540 uucp 6000 X11 6112 dtspc 7100 font-service 10000 LDAS-manager-operator-port } set ports [ join [ lsort -integer [ array names services ] ] , ] set fid [ open $log a+ ] proc run {} { set msg "<b>$::host</b> [ clock format [ clock seconds ] ]<br><ul>\n" set data [ exec nmap -T Polite -p $::ports $::host ] foreach port [ array names ::services ] { set name $::services($port) if { ! [ regexp "$port\[a-z \]+$name" $data ] } { append msg "<item><font color=red><b>$name</b></font> not running on $::host port $port<br>\n" } } puts $::fid "$msg<br></ul>\n" flush $::fid after [ expr { $::interval * 1000 } ] run } run vwait enter-mainloop ~~~~snip~~~~ -- Phil Ehrens <pehrens () ligo caltech edu>| Fun stuff: The LIGO Laboratory, MS 18-34 | http://www.ralphmag.org California Institute of Technology | http://www.yellow5.com 1200 East California Blvd. | ftp://ftp.no.pgpi.com/pub/pgp Pasadena, CA 91125 USA | http://slashdot.org Phone:(626)395-8518 Fax:(626)793-9744 | http://freshmeat.net
Current thread:
- tcl script using nmap to verify services Philip Ehrens (Jan 10)