Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: run nmap automatically from index.html (??)
From: Sarah Loyd <sarahloyd () mac com>
Date: Wed, 16 Nov 2011 16:47:27 +0000

Consider using arpwatch.
Best Regards Sarah

On 16 Nov 2011, at 15:26, Justin Rogosky wrote:

Personally, I wouldn't depend on employees visiting a web page to
determine if unauthorized equipment is attached to the network.  While
spoofable, the best way to determine attachment is using MAC
addresses.  For nmap to accomplish this, it needs to be on the same
subnet as the target system.  Depending on network segmentation, this
may not be possible.

Aside from that, I would watch DHCP logs to determine when a new
system is added to the network.  In conjunction with regular nmap
sweeps, this should help find all of the systems on the network.

Just my 2 cents.

--Justin




On Wed, Nov 16, 2011 at 9:09 AM, Kathy Simm <kathys39 () hotmail com> wrote:

We are doing a pen test for a small company and wish to automate some things.  We have a website inside their 
Intranet that
when employees scan or visit it  we'd like to nmap the box they came from  trying to see if anyone hooks up an 
authorized computer to their intranet. Any ideas of how to get=
 nmap to run automatically?

Getting a perl script to run nmap is already done but I'm trying to figure out whether we should monitor the libpcap 
data or the  apache log files
etc.  I'm sure someone else has done this already - can you share some ideas?
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]