Re: [?? Probable Spam] Automated Nmap Scans / Front End
- From: sami ghourabi <sami.ghourabi@xxxxxxxxxx>
- Date: Fri, 19 Jan 2007 09:09:43 +0100
Dear Tom Jones,
about host discovery, I personnaly use nmap with its different options:
-sP -PA works well if traffic to hosts doesnt go through a stateful filter
-sP -PS succeed if target ports are open
-sP -PU in case of UDP is allowed
-sP -PE for ping scan
there are other options that I don't use as I don't see what their benefit is (?)
About thee time your scan takes, you can control nmap timaing if you are sure that your network link and those of the scanned hosts are reliable.
--max-rtt-timeout sets the max time to wait before giving up the probe
--max-retries don't let him do more than 2 tries for each probe if you kow there is a filtering gateway
--min-host-group set the number of host to scan simultaneously
Another point now, about unicorn scanner.
I used it recently but I remarked that results are often inaccurate. Any thoughts about this tool ?
Sami.
tom jones a écrit :
Hello,
I am responsible for monitoring hundreds of machines
over thousands of
external IP addresses. I currently run nmap manually
once a week and import
the results into Excel to compare them with the
previous week to find hosts
that are new and also take note of those that have
been taken off the
Internet. I am looking for a web front end, batch
process, or similar that
would meet the following requirements.
-Input file of external IP ranges I am responsible for
-Have the tool scan all ranges to determine responding
IPs
-Compare results to previous week and note exceptions
-Scheduling capability to have this take place weekly
>From a quick search, I found these two tools that I
might try out if I have
time. I have not heard of them before and have not
had a chance to read up
on their capabilities:
http://sourceforge.net/projects/gwmos/
http://sourceforge.net/projects/cancerbero/
I am also interested to hear thoughts on the best way
to do host discovery.
Many of our firewalls will block ICMP requests which
is fast and not
complete. Scanning for every TCP and UDP port can
take days. I'm looking
for a good middle ground that would be fairly complete
but not take an
excessive amount of time. I currently scan for about
15 common TCP ports
which takes about half of a day.
I have the ability to run these on either a Windows XP
machine or a web
server (php, etc.).
Thanks in advance.
____________________________________________________________________________________
Don't pick lemons.
See all the new 2007 cars at Yahoo! Autos.
http://autos.yahoo.com/new_cars.html
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
- References:
- Automated Nmap Scans / Front End
- From: tom jones
- Automated Nmap Scans / Front End
- Prev by Date: Re: Automated Nmap Scans / Front End
- Next by Date: Re: Automated Nmap Scans / Front End
- Previous by thread: Re: Automated Nmap Scans / Front End
- Next by thread: Re: Automated Nmap Scans / Front End
- Index(es):
Relevant Pages
|
