Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Automated Nmap Scans / Front End

from [pkc_mls] Network Security [Permanent Link]
Subject: Re: Automated Nmap Scans / Front End
Date: Fri, 19 Jan 2007 11:44:02 +0100
tom jones a écrit : 
Hello,
I am responsible for monitoring hundreds of machines
over thousands of
external IP addresses.  I currently run nmap manually
once a week and import
the results into Excel to compare them with the
previous week to find hosts
that are new and also take note of those that have
been taken off the
Internet.  I am looking for a web front end, batch
process, or similar that
would meet the following requirements.

-Input file of external IP ranges I am responsible for
-Have the tool scan all ranges to determine responding
IPs
-Compare results to previous week and note exceptions
-Scheduling capability to have this take place weekly

>From a quick search, I found these two tools that I
might try out if I have
time.  I have not heard of them before and have not
had a chance to read up
on their capabilities:

http://sourceforge.net/projects/gwmos/
http://sourceforge.net/projects/cancerbero/

I am also interested to hear thoughts on the best way
to do host discovery.
Many of our firewalls will block ICMP requests which
is fast and not
complete. Scanning for every TCP and UDP port can
take days. I'm looking
for a good middle ground that would be fairly complete
but not take an
excessive amount of time. I currently scan for about
15 common TCP ports
which takes about half of a day.
You can also consider using hping to check for the netbios port rather than a basic icmp.
This could go through the firewall if your rules allow it.
You can then run an nmap to check which ports are open if the netbios responds on hping.
I have the ability to run these on either a Windows XP
machine or a web
server (php, etc.).

hping works better on Unix/Linux.
Thanks in advance.



___________________________________________________________________________ Yahoo! Mail réinvente le mail ! Découvrez le nouveau Yahoo! Mail et son interface révolutionnaire.
http://fr.mail.yahoo.com

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: pent-test a container file, Julien
Next by Date:  Re: [?? Probable Spam] Automated Nmap Scans / Front End, sami ghourabi
Previous by Thread:  Re: Automated Nmap Scans / Front End, crazy frog crazy frog
Next by Thread:  Re: [?? Probable Spam] Automated Nmap Scans / Front End, sami ghourabi
Indexes:  [Date] [Thread] [Top] [All Lists]