Penetration Testing mailing list archives
RE: Nmap output
From: "Cheng, Derek (US - San Jose)" <dcheng () deloitte com>
Date: Tue, 28 Oct 2003 12:04:35 -0600
Hi there. Try using Nlog. It seems to work relatively well to manage Nmap output using a web-based GUI. http://lists.insecure.org/lists/nmap-hackers/1998/Oct-Dec/0079.html Derek Cheng Deloitte & Touche NLog is a set of PERL scripts for managing and analyzing your nmap 2.0+ log files. It allows you to keep all of your scan logs in a single searchable database. The CGI interface for viewing your scan logs is completly customizable and easy to modify and improve. The core CGI script allows you to add your own extension scripts for different services, so all hosts with a certain service running will have a hyperlink to the extension script. An Overview: ------------------ Basically this is a multi-purpose web-based nmap log browser. The extension scripts allow you to get detailed information about specific services like netbios, the RPC services, the finger service, and BIND version of a DNS server. It is extremely easy to create your own extensions for things like a snmpwalk wrapper, a popper vulnerablility check, etc. Nlog provides a standard database format to build your own scripts for any purpose. Whether to provide a graphical representation of a network or as a web based service gateway to an internal network. Included are the example CGI scripts, the nmap log to database conversion tool, a sample template for building your own PERL scripts, and couple extra scripts for dumping IP's from a domain and the like. A possible use of nlog is for a network administrator who scans his local network regularly, to make sure none of the machines are listening on wierd ports and that they all are running the services they should be. A cron script could scan his internal network, convert the log files to the database format and store them on a web server by time or date. The adminstrator could then load the nlog search form page preferably protected by the normal http authentication methods and run comparisons between databases collected on different dates or at different times from anywhere. If the web server is on a gateway machine, he could run RPC or finger requests on the internal hosts through the CGI interface thus removing his need to be on the possibly firewalled or masqued network to check a hosts status. -----Original Message----- From: a55mnky () yahoo com [mailto:a55mnky () yahoo com] Sent: Tuesday, October 28, 2003 6:43 AM To: pen-test () securityfocus com Subject: Nmap output I am in the midst of a wide scale Pentest egangement for a client - they have 7 class C networks. We are overwhelmed with the output from nmap. Does anybody know of a tool to manage the output - preferably in a graphical format. I tried the XML output but cannot figure out what to do with that. J ------------------------------------------------------------------------ --- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ------------------------------------------------------------------------ ---- This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register at http://www.securityfocus.com/sponsor/RSA_pen-test_031023 and use priority code SF4. ----------------------------------------------------------------------------
Current thread:
- Nmap output a55mnky (Oct 28)
- Re: Nmap output Jeremiah Cornelius (Oct 29)
- Re: Nmap output Gene Cronk (Oct 29)
- Re: Nmap output Javier Fernandez-Sanguino (Oct 30)
- RE: Nmap output Hasnain Atique (Oct 31)
- RE: Nmap output nate (Oct 29)
- Re: Nmap output Valter Santos (Oct 30)
- <Possible follow-ups>
- RE: Nmap output Cheng, Derek (US - San Jose) (Oct 29)