Nmap Development mailing list archives
RE: output question/suggestion
From: Dion Stempfley <Dion () riptech com>
Date: Thu, 25 Jul 2002 07:17:21 -0400
Here is a script that I threw together some time ago. It parses machine output and creates a tab delimited file that imports nicely into excel. Sorry its not clean or efficient. I wrote it late one night and have done little with it since. But here you go. ########## #!/usr/bin/perl %STATUS=(closed=>'C',open=>'O',filtered=>'F'); # sort ips sub byip { #its probably more efficient to pack and compare numerically #but I'm being to lazy to workout that code @A=split(/\./,$a); @B=split(/\./,$b); for ($x=0;$x<4;$x++){ $cmp=$A[$x]<=>$B[$x]; return $cmp if ($cmp != 0); } return $cmp; } sub byport { # there's better ways to sort this, should optimize @A=split(/\//,$a); @B=split(/\//,$b); $cmp=$A[0]<=>$B[0]; return $cmp if ($cmp != 0); return 0 if $A[1] eq $B[1]; return ($A[1] lt $B[1]); } while (<>){ if (m/^Host: (\d+\.\d+\.\d+\.\d+) \((.*)\)\tPorts: (.*\/)\t.*/){ $host=$1; $hname=$2; $ports=$3; # I'm throwing away the hostname, fix it if you want this $ports=~s/\s//g; # get rid of white space in port record foreach $prec (split (/,/,$ports)){ if ($prec=~m/open/){ #want filtered or closed fix the regex ($pnum,$pstate,$prot,$j1,$pname,$j2)=split("/",$prec); $head{"$pnum/$prot"}++; $hrec{$host}->{"$pnum/$prot"}=$STATUS{$pstate}; } } } } foreach $p (sort byport keys %head ){ $h1.="$p\t"; $h2.="$head{$p}\t"; } print "HOST\t$h1\n\t$h2\n" if defined ($h1); foreach $host (sort byip keys %hrec ){ print "$host\t"; foreach $p (sort byport keys %head){ if (defined $hrec{$host}->{$p}) { print "$hrec{$host}->{$p}\t"; } else { print " \t"; } } print "\n"; } ########## Dion -----Original Message----- From: Fredrich P. Maney To: nmap-dev () insecure org; nmap-hackers () insecure org Sent: 7/24/2002 10:22 AM Subject: output question/suggestion Hello all, I was just recently handed a project of having to document all of the open ports on an internal network of servers and provide a definition and justification for all of the open ports. My first thought was to use nmap to scan all of the machines and then simply go through and write a short justification for each open port. Unfortunately the management types want this done in a nice pretty (useless) spreadsheet for each machine. Since the output of nmap only lists the number, status, name and owner of the open ports it finds, I have go through each report individually to add the definition and justification. What I would like to have (and it may be available and I'm just missing it) is a way to get the output to list all of the information found in the nmap-services line plus the status of the port. For example, currently nmap returns the following line when finding port 22 open: 22/tcp open ssh However, this is what is in the distributed nmap-services file for that port: ssh 22/tcp # Secure Shell Login ssh 22/udp # Secure Shell Login I'd like to see all of the fields in the nmap-services file be present in the output (even if only as an option, perhaps as part of the -v?). Then the output would be similar to the following: open ssh 22/tcp # Secure Shell Login open ssh 22/udp # Secure Shell Login This way sites could customize the last field in the nmap-services file to provide things like definitions/descriptions/justifications for the ports that are open. FWIW, I'm using the nmap V. 2.54BETA28 package from www.sunfreeware.com. fpsm . --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org). --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- output question/suggestion Fredrich P. Maney (Jul 24)
- Re: output question/suggestion William McVey (Jul 24)
- Re: output question/suggestion Dean Povey (Jul 24)
- Re: output question/suggestion Trez (Jul 24)
- Re: output question/suggestion Mrcorp (Jul 26)
- <Possible follow-ups>
- RE: output question/suggestion Dion Stempfley (Jul 25)
- RE: output question/suggestion Max Schubert (Jul 25)
- visual c++ compilation Avkash (Jul 25)
- port scaning question Avkash (Jul 25)
- How to analyse nmap result? Avkash (Jul 28)