RE: run nmap automatically from index.html (??)



If you have the option, I would include a small bit of CGI in the index.html or insert a 1x1 iframe
that references a CGI file, use the REMOTE_ADDR environment variable, pass that into your script.

But this will not see half-open connections, so may not work for you.

Nate Kettlewell, CISSP

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Kathy Simm
Sent: Wednesday, November 16, 2011 8:10 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: run nmap automatically from index.html (??)


We are doing a pen test for a small company and wish to automate some things. We have a website
inside their Intranet that
when employees scan or visit it we'd like to nmap the box they came from trying to see if anyone
hooks up an authorized computer to their intranet. Any ideas of how to get=
nmap to run automatically?

Getting a perl script to run nmap is already done but I'm trying to figure out whether we should
monitor the libpcap data or the apache log files
etc. I'm sure someone else has done this already - can you share some ideas?

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration
test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • Re: run nmap automatically from index.html (??)
    ... determine if unauthorized equipment is attached to the network. ... For nmap to accomplish this, it needs to be on the same ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)
  • Re: run nmap automatically from index.html (??)
    ... its a nmap gui with a "scan me" capability. ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)
  • RE: run nmap automatically from index.html (??)
    ... Don't forget that nmap will probably need to run as root on a *nix box. ... Information Assurance Certification Review ... Prove to peers and potential employers without a doubt that you can ... actually do a proper penetration test. ...
    (Pen-Test)
  • FW: Scanner & BaseLine Report Diff?
    ... If not something like nmap then maybe a service like ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
    (Pen-Test)
  • Re: Weird Nmap Behavior
    ... host is up, it will just scan... ... I believe the default 'ping' behaviour with NMAP now is to send a tcp ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)