nmap-diff.pl
Description
Wirten by: MadHat at Unspecific.comcronned to run daily, the nmap-wrapper will generate files logs of ports open. This script will generate reports on changes from day to day.
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
Features
- Uses the nmap-wrapper's logs to generate reports on port changes
- By default shows new open ports
- Can show any port that has changes status
open->closed, open->filtered, closed->open, etc... - By default will report yseterday and day before, but "yesterday" can be compaired against any day there are logs (-b)
- Can limit to specific subnets (-s)
using class A, B or C's at this time (-s 172.21.128)
multiple subnets can be used by combining with a PIPE
-s 172.21.128|192.168.100 - Can limit to specific IP (-i)
- Output can be sent directly to an email address for croning a report
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
BUGS
- really simple, so not a lot of options
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
Requirements
perl (>5.6 prefered)nmap-wrapper (not needed for the program to run, but is needed to produce the searchable files)
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
Download
nmap-diff.pl - v 1.3Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
Output
An example of the output...172.21.128.9 (jaberwocky.unspecific.com) 21/tcp open ftp 80/tcp open http 443/tcp open https + 587/tcp open submission + 593/tcp open http-rpc-epmap 172.21.128.32 (tweedledee.unspecific.com) + 22/tcp open ssh 172.21.128.37 (tweedledum.unspecific.com) 22/tcp open ssh - 25/tcp open smtp 80/tcp open http - 110/tcp open pop3
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
Usage
$ ./nmap-diff.pl -h nmap-diff - 1.0 - madahat@unspecific.com nmap-diff is designed to be used with the log files generated from the nmap-wrapper ./nmap-diff.pl [-hv] [-s] [-i ] [-b ] [-m ] [-l ] -h help (this stuff) -v is for verbose. This will add all changed ports. Default is to only who new open ports -s shows only thaing in that subnet. At this time the subnet accepted is a class C only. -i only reports on that specific IP. -b sets the base to days back and compares to yesterday's scan. so -b 7 will compare the current scan to the scan from 1 week ago -l to specify where the log directory This can be hard coded by editing the script -m to email the output to when the report is generated
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License
Licensing
This product is released under the following License. # Copyright (c) 2001-2002, MadHat (madhat@unspecific.com) # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in # the documentation and/or other materials provided with the distribution. # * Neither the name of MadHat Productions nor the names of its # contributors may be used to endorse or promote products derived # from this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS # FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT # OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED # TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR # PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF # LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Top | Description | Features | Bugs | Requirements | Download | Output | Usage/Docs | License