Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: run nmap automatically from index.html (??)
From: Guillaume Friloux <guillaume.friloux () asp64 com>
Date: Wed, 16 Nov 2011 15:56:56 +0100

On 16/11/2011 15:09, Kathy Simm wrote:
We are doing a pen test for a small company and wish to automate some things.  We have a website inside their Intranet 
that
when employees scan or visit it  we'd like to nmap the box they came from  trying to see if anyone hooks up an 
authorized computer to their intranet. Any ideas of how to get=
  nmap to run automatically?

Getting a perl script to run nmap is already done but I'm trying to figure out whether we should monitor the libpcap 
data or the  apache log files
etc.  I'm sure someone else has done this already - can you share some ideas?                                      
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


Hi, it really looks like a strange idea.
Why not restricting IP adresses or MAC adresses that can reach www service using iptables ?

But if you REALLY want to do that thing, you can configure syslog to do actions depending on regex matching logs. So it would be a regex over apache with a specific url, that would then send a request to a "nmap manager" that would nmap IPs if not already done in the XX last minutes, for example.

But REALLY, it looks like a very strange idea.

Attachment: guillaume_friloux.vcf
Description:

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]