|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Robin Wood (dninja
gmail.com)
Date: Mon Apr 05 2010 - 17:01:03 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 2 April 2010 15:06, Miguel Gonzalez <miguel_3_gonzalezyahoo.es> wrote:
>
> Dear all,
>
> I'm testing a tool called pbnj. It performs scans with nmap and store the information in a database that is used for comparing previous scans.
>
> It's not a tool for monitoring like Nagios (which we'll already have). We are not going to coutinously run this script (like every 5 minutes) but maybe once a day or week.
>
> They aim is to to keep a baseline of the services that SHOULD BE open in our servers in a database and compare it to the scan we perform from time to time. A report should tell us two things:
>
> - If a new port has been open. That way we can be sure that no new ports
> are open without being warned.
>
> - If a port that should be open is closed.
>
>
> Before reinventing the wheel, I'd like to know if there is any tool like this with better functionality (it's pretty basic, a perl script, the reports and the routine scans have to be configured manually). As I said, essentially performs a scan (with nmap) over a range of IPs and stores the results in a database. Then it tells you if a port has changed its state (from up to down or viceversa - however I'm digging the code to add a "new" state too).
>
>
> Any other tool similar to this one with better capabilities?
Have a look at the tools on here
http://www.unspecific.com/2008/12
There is a nmap-diff that will compare two sets of nmap scans. It
hasn't been updated for a while same as the one you mention is just a
perl script but may suit your purposes.
The nmap-wrapper tools also helps if you are scanning large networks.
Robin
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]