Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Syslog Inquiry

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 01 Jul 2010 12:30:16 -0500
On 06/30/2010 11:21 AM, David Fifield wrote:

On Wed, Jun 30, 2010 at 11:59:56PM +0800, Roberto Yatco wrote:

Good day! I would like to ask help from you in using nmap. Here's the
situation. I am trying to use these options:

nmap -T4 -A -oS OS 127.0.0.1

I want that OS file (or its contents) to automatically be sent to UDP
port 514 (Syslog) of our Syslog Server for it to be logged. How can I
achieve this? We're doing this for our thesis right now. I hope you
can help us.

You might try this:

mkfifo OS
ncat --udp syslog-server 514<  OS
nmap -T4 -A -oS OS 127.0.0.1

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Though it won't work for Roberto, since he's on a Windows system (from his later post), you can do the same thing in Bash with: 

nmap -T4 -A -oS - 127.0.0.1 >/dev/udp/syslog-server/514
Though care should be taken with IPv4 vs IPv6 (My system defaults to 6, with no obvious way to change to 4. Not a problem if the target service is listening on 6, but it threw me for a loop when trying to test with ncat --udp -l -p 514) 

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: