FYI FWIW: I have released version1.4 of nmap-web, which is a set of Perl CGI
scripts that provide a web interface to nmap that is very easy to use.
You specifiy which port(s) you want to scan on which list of machines,
netgroups, or IP's, and then rock-n-roll. You can also request that
nmap-web try to figure out what is running on a selected port and
tell you the version number. An example of where this is handy for
the "white-hats" (also the "black-hats" ;-) is "do I have sendmail 8.9.3
installed on all my machines?" ... and if not, highlight that for me so I
can fix it. Another example is the "daytime" port ... "Is the date on any
machines off by more than 15 seconds?"... if so, flag this, since ntp is broke.
All of this information is obtained from nmap (and telnet) ... but nmap-web
makes it easy to obtain and all you need is a browser. Note that there is a
"hook" to restrict access to nmap-web to a selected IP range of browsers;
although if anyone is willing to make an "nmap-web server" publically available;
it would be nice to reference that, since once one uses the tool, you say,
"WOW, that's easy" ;-)
In addition to minor bug fixes, these two items are semi-significant in 1.4:
- Add a checkbox to show machines not pingable. This required some
coding changes/fixes in nmap (thanx again Fyodor) and is rolled into
the 2.52 release. Handy for pingability (who is up) checks and also
for completeness when doing port scanning.
- The "show what is running at port XXX" code is broken out into single
modules/files per port number. This makes adding additional checks
REAL easy ... and related to some of the recent discussion about doing
checks on ports to see what is running there, what version, etc.
Installing nmap-web is pretty easy ... six steps ... of which one of
those is installing nmap itself! ;-) Screenshots and a tarball at:
http://www.komar.org/komar/alek/ -> Misc. Tech Stuff -> nmap-web
As always, suggestions/fixes/etc. appreciated,
alek
Received on May 08 2000
Intro
