Penetration Testing mailing list archives
RE: Port Scanner Reports
From: Michael Gargiullo <mgargiullo () pvtpt com>
Date: Fri, 14 Oct 2005 09:26:35 -0400
-----Original Message-----
Jeff Brossette wrote:All, I am looking for a port scanning tool (software or hardware, open source or commercial) that I can configure to run on a regularly scheduled basis, say once a week or once a month, for around 500 internal servers and workstations (Unix/Linux, Windows and Novell). The goal is to produce a "diff" report that will identify any new ports that have been opened on any of the servers or workstations
from
the previous scan. This would need to be a completely automatic process that would
out the results after each scan cycle. Are there any products that can perform this task?The best [IMHO] is nmap, you can save the output, use cron to schedule it at different times, then use diff to view the changes. That way, you can create a history. If nmap is too complicated, use nmapfe [nmap front end] to generate the command line and plug in cron. Products like GFI scanner, create beautiful web pages to show the customer, "but nmap is still the king." -- Thanks http://www.911networks.com When the network has to work Cisco/Microsoft
<snip> I ended up writing a perl wrapper around nmap to feed IP addresses from a database, and store the nmap output into a different table. This way I can query the database and pull a custom diff based on scan date. I also do this with nessus scans. All you need in Linux, perl, mysql, and nmap. -Mike ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Re: Port Scanner Reports, (continued)
- Re: Port Scanner Reports Gary E. Miller (Oct 08)
- Re: Port Scanner Reports Fco. Jose Garrido Matamoros (Oct 08)
- Re: Port Scanner Reports Satanic.Brain (Oct 08)
- RE: Port Scanner Reports Cory Michal (Oct 08)
- Re: Port Scanner Reports Richard Farina (Oct 11)
- Re: Port Scanner Reports Packet Man (Oct 13)
- Re: Port Scanner Reports Daniel Miessler (Oct 31)
- RE: Port Scanner Reports Hayes, Ian (Oct 08)
- RE: Port Scanner Reports Michael Gargiullo (Oct 10)
- .Net XSS DokFLeed (Oct 11)
- RE: Port Scanner Reports Michael Gargiullo (Oct 15)
- RE: Port Scanner Reports jgervacio (Oct 18)