Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: Nmap-Parser-XML
From: Detmar Liesen <detmar.liesen () gmx de>
Date: Tue, 30 Dec 2003 13:39:58 +0100

Hi all. I forward you my previous message (see below) as advised by Fyodor (thanks for the response):
Fyodor wrote:
I'm glad to hear about your project.  Please resend this mail to
nmap-dev () insecure org, since this is development related.


Detmar wrote:
Hi Anthony, hi others,
how about modifying the nmap-xml output so that it can create idmef
(intrusion detection message exchange format) xml format?
We (Sandro Poppi and I) are trying to develop a correlation framework
for snort, nmap, nessus and other ids/firewall/security scanner/audit -
If nmap had an output module that provides idmef-compliant output, this
would be a great thing, because it would spare us the need to write an
input plugin for nmap ourselves.

This would further enable us to have a first proof-of-concept
application for Threatman, i.e. correlating snort-output with
nmap-output,  as soon as the core framework is working. Since now,
Sandro has already managed to implement the so called "device-proxy"
that allows us to send back and forth idmef-messages.
Sandro has further taken over maintenance of the snort-idmef plugin.

BTW: New members will always be warmly welcomed in the team.

I wish you all a happy new year.


Anthony G Persaud wrote:

I have been using perl to write security audit scripts with nmap. I have created a perl module (its been a while now), and it is available on CPAN and Sourceforge.net. The module can be used in perl scripts to parse the nmap xml output and extract the needed information. Hopefully it is useful to others.



Anthony G Persaud

"The state of your life is nothing more than a reflection of your state of mind"

For help using this (nmap-hackers) mailing list, send a blank email to nmap-hackers-help () insecure org . List archive: http://seclists.org

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

  By Date           By Thread  

Current thread:
  • Re: Nmap-Parser-XML Detmar Liesen (Dec 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]