Penetration Testing mailing list archives

RE: Port Scanner Reports

From: Michael Gargiullo <mgargiullo () pvtpt com>
Date: Fri, 14 Oct 2005 09:26:35 -0400



-----Original Message-----

Jeff Brossette wrote:

All,

I am looking for a port scanning tool (software or hardware, open
source or commercial) that I can configure to run on a regularly
scheduled basis, say
once a week or once a month, for around 500 internal servers and
workstations (Unix/Linux, Windows and Novell).

The goal is to produce a "diff" report that will identify any new
ports that have been opened on any of the servers or workstations

from

the previous scan.

This would need to be a completely automatic process that would

email

out the results after each scan cycle.

Are there any products that can perform this task?


The best [IMHO] is nmap, you can save the output, use cron to
schedule it at different times, then use diff to view the
changes. That way, you can create a history.

If nmap is too complicated, use nmapfe [nmap front end] to
generate the command line and plug in cron.

Products like GFI scanner, create beautiful web pages to show the
customer, "but nmap is still the king."


--
Thanks
http://www.911networks.com
When the network has to work Cisco/Microsoft


<snip>

I ended up writing a perl wrapper around nmap to feed IP addresses from
a database, and store the nmap output into a different table.  This way
I can query the database and pull a custom diff based on scan date.  I
also do this with nessus scans.

All you need in Linux, perl, mysql, and nmap.

-Mike


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Re: Port Scanner Reports, (continued)
- - Re: Port Scanner Reports Gary E. Miller (Oct 08)
  - Re: Port Scanner Reports Fco. Jose Garrido Matamoros (Oct 08)
  - Re: Port Scanner Reports Satanic.Brain (Oct 08)
  - RE: Port Scanner Reports Cory Michal (Oct 08)
  - Re: Port Scanner Reports Richard Farina (Oct 11)
    - Re: Port Scanner Reports Packet Man (Oct 13)
  - Re: Port Scanner Reports Daniel Miessler (Oct 31)
- RE: Port Scanner Reports Hayes, Ian (Oct 08)
- RE: Port Scanner Reports Michael Gargiullo (Oct 10)
  - .Net XSS DokFLeed (Oct 11)
- RE: Port Scanner Reports Michael Gargiullo (Oct 15)
  - RE: Port Scanner Reports jgervacio (Oct 18)