Penetration Testing mailing list archives
Re: run nmap automatically from index.html (??)
From: Sarah Loyd <sarahloyd () mac com>
Date: Wed, 16 Nov 2011 16:47:27 +0000
Consider using arpwatch. Best Regards Sarah On 16 Nov 2011, at 15:26, Justin Rogosky wrote:
Personally, I wouldn't depend on employees visiting a web page to determine if unauthorized equipment is attached to the network. While spoofable, the best way to determine attachment is using MAC addresses. For nmap to accomplish this, it needs to be on the same subnet as the target system. Depending on network segmentation, this may not be possible. Aside from that, I would watch DHCP logs to determine when a new system is added to the network. In conjunction with regular nmap sweeps, this should help find all of the systems on the network. Just my 2 cents. --Justin On Wed, Nov 16, 2011 at 9:09 AM, Kathy Simm <kathys39 () hotmail com> wrote:We are doing a pen test for a small company and wish to automate some things. We have a website inside their Intranet that when employees scan or visit it we'd like to nmap the box they came from trying to see if anyone hooks up an authorized computer to their intranet. Any ideas of how to get= nmap to run automatically? Getting a perl script to run nmap is already done but I'm trying to figure out whether we should monitor the libpcap data or the apache log files etc. I'm sure someone else has done this already - can you share some ideas? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- run nmap automatically from index.html (??) Kathy Simm (Nov 16)
- Re: run nmap automatically from index.html (??) John Mason Jr (Nov 16)
- Re: run nmap automatically from index.html (??) Guillaume Friloux (Nov 16)
- Re: run nmap automatically from index.html (??) Justin Rogosky (Nov 16)
- Re: run nmap automatically from index.html (??) Sarah Loyd (Nov 16)
- RE: run nmap automatically from index.html (??) Kettlewell, Nate (Kansas City) (Nov 16)
- Re: run nmap automatically from index.html (??) securityfocus (Nov 16)
- Re: run nmap automatically from index.html (??) Daniel Miller (Nov 16)
- Re: run nmap automatically from index.html (??) Mihai Nitulescu (Nov 16)
- RE: run nmap automatically from index.html (??) Ward, Jon (Nov 16)
- RE: run nmap automatically from index.html (??) Ward, Jon (Nov 17)
- Re: run nmap automatically from index.html (??) arvind doraiswamy (Nov 17)