Re: output question/suggestion

[Dean Povey <povey () wedgetail com>]

The following shell/perl script will do more or less what you want:

mynmap.sh:
#!/bin/sh
nmap $* | perl -p -e '
if (/(\d+\/\S+)\s+(\S+)\s*(.*)/) { 
  my $service=`grep " $1 " /usr/local/share/nmap/nmap-services`;
  chomp $service;
  if ($service) {
    $_="$2\t$service\n";
  } else {
    $_="$2\t                  $1    #$3\n";
  }
} elsif (/^Port/) {$_="State\tService           Port\n";} 
'

Tweak to your hearts content.

Dean.


On Wed, 24 Jul 2002 10:22:13 -0400, "Fredrich P. Maney" wrote: 
> Hello all,
>
> I was just recently handed a project of having to document all of the
> open ports on an internal network of servers and provide a definition
> and justification for all of the open ports. My first thought was to
> use nmap to scan all of the machines and then simply go through and
> write a short justification for each open port.
>
> Unfortunately the management types want this done in a nice pretty
> (useless) spreadsheet for each machine. Since the output of nmap
> only lists the number, status, name and owner of the open ports
> it finds, I have go through each report individually to add the
> definition and justification.
>
> What I would like to have (and it may be available and I'm just missing
> it) is a way to get the output to list all of the information found
> in the nmap-services line plus the status of the port.
>
> For example, currently nmap returns the following line when finding
> port 22 open:
>
> 22/tcp     open        ssh
>
> However, this is what is in the distributed nmap-services file for
> that port:
>
> ssh               22/tcp     # Secure Shell Login
> ssh               22/udp     # Secure Shell Login
>
> I'd like to see all of the fields in the nmap-services file be present
> in the output (even if only as an option, perhaps as part of the -v?).
> Then the output would be similar to the following:
>
> open     ssh      22/tcp     # Secure Shell Login
> open     ssh      22/udp     # Secure Shell Login
>
> This way sites could customize the last field in the nmap-services
> file to provide things like definitions/descriptions/justifications
> for the ports that are open.
>
> FWIW, I'm using the nmap V. 2.54BETA28 package from www.sunfreeware.com.
>
> fpsm
> .
>
> --------------------------------------------------
> For help using this (nmap-hackers) mailing list, send a blank email to 
> nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

-- 
Dean Povey,             |em: povey () wedgetail com|JCSI: Java security toolkit
Wedgetail Communications|ph:  +61 7 3023 5139   |uPKI: Embedded/C PKI toolkit
Level 14, 388 Queen St, |fax: +61 7 3864 1282   |uSSL: Embedded/C SSL toolkit
Brisbane, Australia     |www: www.wedgetail.com |XML Security: XML Signatures 



---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).