Penetration Testing mailing list archives

Re: run nmap automatically from index.html (??)

From: Guillaume Friloux <guillaume.friloux () asp64 com>
Date: Wed, 16 Nov 2011 15:56:56 +0100

On 16/11/2011 15:09, Kathy Simm wrote:

We are doing a pen test for a small company and wish to automate some things.  We have a website inside their Intranet 
that
when employees scan or visit it  we'd like to nmap the box they came from  trying to see if anyone hooks up an 
authorized computer to their intranet. Any ideas of how to get=
  nmap to run automatically?

Getting a perl script to run nmap is already done but I'm trying to figure out whether we should monitor the libpcap 
data or the  apache log files
etc.  I'm sure someone else has done this already - can you share some ideas?                                      
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Hi, it really looks like a strange idea.

Why not restricting IP adresses or MAC adresses that can reach wwwservice using iptables ?

But if you REALLY want to do that thing, you can configure syslog to doactions depending on regex matching logs.So it would be a regex over apache with a specific url, that would thensend a request to a "nmap manager" that would nmap IPs if not alreadydone in the XX last minutes, for example.


But REALLY, it looks like a very strange idea.

Attachment: guillaume_friloux.vcf
Description:

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

run nmap automatically from index.html (??) Kathy Simm (Nov 16)
- Re: run nmap automatically from index.html (??) John Mason Jr (Nov 16)
- Re: run nmap automatically from index.html (??) Guillaume Friloux (Nov 16)
- Re: run nmap automatically from index.html (??) Justin Rogosky (Nov 16)
  - Re: run nmap automatically from index.html (??) Sarah Loyd (Nov 16)
- RE: run nmap automatically from index.html (??) Kettlewell, Nate (Kansas City) (Nov 16)
- Re: run nmap automatically from index.html (??) securityfocus (Nov 16)
  - Re: run nmap automatically from index.html (??) Daniel Miller (Nov 16)
- Re: run nmap automatically from index.html (??) Mihai Nitulescu (Nov 16)
- RE: run nmap automatically from index.html (??) Ward, Jon (Nov 16)
  - RE: run nmap automatically from index.html (??) Ward, Jon (Nov 17)
  - Re: run nmap automatically from index.html (??) arvind doraiswamy (Nov 17)