The following shell/perl script will do more or less what you want:
mynmap.sh:
#!/bin/sh
nmap $* | perl -p -e '
if (/(\d+\/\S+)\s+(\S+)\s*(.*)/) {
my $service=`grep " $1 " /usr/local/share/nmap/nmap-services`;
chomp $service;
if ($service) {
$_="$2\t$service\n";
} else {
$_="$2\t $1 #$3\n";
}
} elsif (/^Port/) {$_="State\tService Port\n";}
'
Tweak to your hearts content.
Dean.
On Wed, 24 Jul 2002 10:22:13 -0400, "Fredrich P. Maney" wrote:
>
>Hello all,
>
>I was just recently handed a project of having to document all of the
>open ports on an internal network of servers and provide a definition
>and justification for all of the open ports. My first thought was to
>use nmap to scan all of the machines and then simply go through and
>write a short justification for each open port.
>
>Unfortunately the management types want this done in a nice pretty
>(useless) spreadsheet for each machine. Since the output of nmap
>only lists the number, status, name and owner of the open ports
>it finds, I have go through each report individually to add the
>definition and justification.
>
>What I would like to have (and it may be available and I'm just missing
>it) is a way to get the output to list all of the information found
>in the nmap-services line plus the status of the port.
>
>For example, currently nmap returns the following line when finding
>port 22 open:
>
>22/tcp open ssh
>
>However, this is what is in the distributed nmap-services file for
>that port:
>
>ssh 22/tcp # Secure Shell Login
>ssh 22/udp # Secure Shell Login
>
>I'd like to see all of the fields in the nmap-services file be present
>in the output (even if only as an option, perhaps as part of the -v?).
>Then the output would be similar to the following:
>
>open ssh 22/tcp # Secure Shell Login
>open ssh 22/udp # Secure Shell Login
>
>This way sites could customize the last field in the nmap-services
>file to provide things like definitions/descriptions/justifications
>for the ports that are open.
>
>FWIW, I'm using the nmap V. 2.54BETA28 package from www.sunfreeware.com.
>
>fpsm
>�.
>
>--------------------------------------------------
>For help using this (nmap-hackers) mailing list, send a blank email to
>nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
>
--
Dean Povey, |em: povey_at_wedgetail.com|JCSI: Java security toolkit
Wedgetail Communications|ph: +61 7 3023 5139 |uPKI: Embedded/C PKI toolkit
Level 14, 388 Queen St, |fax: +61 7 3864 1282 |uSSL: Embedded/C SSL toolkit
Brisbane, Australia |www: www.wedgetail.com |XML Security: XML Signatures
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Jul 25 2002
