Penetration Testing mailing list archives
Re: run nmap automatically from index.html (??)
From: Guillaume Friloux <guillaume.friloux () asp64 com>
Date: Wed, 16 Nov 2011 15:56:56 +0100
On 16/11/2011 15:09, Kathy Simm wrote:
We are doing a pen test for a small company and wish to automate some things. We have a website inside their Intranet that when employees scan or visit it we'd like to nmap the box they came from trying to see if anyone hooks up an authorized computer to their intranet. Any ideas of how to get= nmap to run automatically? Getting a perl script to run nmap is already done but I'm trying to figure out whether we should monitor the libpcap data or the apache log files etc. I'm sure someone else has done this already - can you share some ideas? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Hi, it really looks like a strange idea.Why not restricting IP adresses or MAC adresses that can reach www service using iptables ?
But if you REALLY want to do that thing, you can configure syslog to do actions depending on regex matching logs. So it would be a regex over apache with a specific url, that would then send a request to a "nmap manager" that would nmap IPs if not already done in the XX last minutes, for example.
But REALLY, it looks like a very strange idea.
Attachment:
guillaume_friloux.vcf
Description:
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- run nmap automatically from index.html (??) Kathy Simm (Nov 16)
- Re: run nmap automatically from index.html (??) John Mason Jr (Nov 16)
- Re: run nmap automatically from index.html (??) Guillaume Friloux (Nov 16)
- Re: run nmap automatically from index.html (??) Justin Rogosky (Nov 16)
- Re: run nmap automatically from index.html (??) Sarah Loyd (Nov 16)
- RE: run nmap automatically from index.html (??) Kettlewell, Nate (Kansas City) (Nov 16)
- Re: run nmap automatically from index.html (??) securityfocus (Nov 16)
- Re: run nmap automatically from index.html (??) Daniel Miller (Nov 16)
- Re: run nmap automatically from index.html (??) Mihai Nitulescu (Nov 16)
- RE: run nmap automatically from index.html (??) Ward, Jon (Nov 16)
- RE: run nmap automatically from index.html (??) Ward, Jon (Nov 17)
- Re: run nmap automatically from index.html (??) arvind doraiswamy (Nov 17)