Hi, in regard to your question about an append option to the -o option,
it seems easy enough. The solution lies around ~198 of nmap.c:
case 'o':
if (o.logfd != NULL) fatal("Only one log filename allowed");
o.logfd = fopen(optarg, "w");
if (!o.logfd)
fatal("Failed to open output file %s for writing", optarg);
break;
You want to replace the second parameter to fopen with a "a" instead of a
"w".
later,
ajax_at_mobis.com | The skill of accurate perception
Unix Network Admin | is called cynicism by those who
Mobile Internet Services, Inc. | don't possess it.
On Thu, 28 Jan 1999, Erik Parker wrote:
> On a machine of ours, I tested using xlogmaster and nmap.. This could have
> been done several ways, but since we run xlogmaster, this is how I did it.
>
> We run tcplog on the machine, and when a connection attempt occurs it
> shows:
>
> Jan 28 15:39:33 auth4 tcplog[68]: ssh connection attempt from localhost
> (127.0.0.1):1059
>
> So.. Using xlogmaster, anytime it see's "ssh connection attempt" it
> executes /root/program
>
> /root/program contains:
>
> tail /var/log/messages | grep -i "ssh connection attempt from" |awk
> '{print $10}'|xargs nmap -O >> /root/nmaplog
>
> That way it logs all the open ports, and tries to guess their OS.
>
> Two things... Is there a way to get it to show the actual fingerprint that
> it comes back with, in addition to its guess? ANd using the -o option, for
> output to logfile, is there, or plans for an append option to that. I
> don't want to lose the logs everytime it tries, so for now I'll use >>
>
>
>
>
> Erik Parker
> netmask_at_303.org
>
> http://radio.cuervocon.org/ramgen/encoder/live.rm
> Real Audio G2 - Wednesday Nights 10pm-2am CST.
> "Signals from Dementia" - By Dj-Netmask
> Industrial / Hard Rock / Techno / Psycho Stories
>
>
Received on Jan 28 1999
Intro
