Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: run nmap automatically from index.html (??)
From: "Kettlewell, Nate \(Kansas City\)" <Nate.Kettlewell () fishnetsecurity com>
Date: Wed, 16 Nov 2011 10:23:30 -0600

If you have the option, I would include a small bit of CGI in the index.html or insert a 1x1 iframe
that references a CGI file, use the REMOTE_ADDR environment variable, pass that into your script.

But this will not see half-open connections, so may not work for you.

Nate Kettlewell, CISSP

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Kathy Simm
Sent: Wednesday, November 16, 2011 8:10 AM
To: pen-test () securityfocus com
Subject: run nmap automatically from index.html (??)


We are doing a pen test for a small company and wish to automate some things.  We have a website
inside their Intranet that
when employees scan or visit it  we'd like to nmap the box they came from  trying to see if anyone
hooks up an authorized computer to their intranet. Any ideas of how to get=
 nmap to run automatically?

Getting a perl script to run nmap is already done but I'm trying to figure out whether we should
monitor the libpcap data or the  apache log files
etc.  I'm sure someone else has done this already - can you share some ideas?

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration
test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault