Penetration Testing
run nmap automatically from index.html (??) Nov 16 2011 02:09PM
Kathy Simm (kathys39 hotmail com) (7 replies)
RE: run nmap automatically from index.html (??) Nov 16 2011 08:50PM
Ward, Jon (Jon_Ward SYNTELINC COM) (2 replies)
Re: run nmap automatically from index.html (??) Nov 17 2011 08:41AM
arvind doraiswamy (arvind doraiswamy gmail com)
RE: run nmap automatically from index.html (??) Nov 16 2011 11:10PM
Ward, Jon (Jon_Ward SYNTELINC COM)
Re: run nmap automatically from index.html (??) Nov 16 2011 05:48PM
Mihai Nitulescu (mihai nitulescu gmail com)
RE: run nmap automatically from index.html (??) Nov 16 2011 04:23PM
Kettlewell, Nate \(Kansas City\) (Nate Kettlewell fishnetsecurity com)
Re: run nmap automatically from index.html (??) Nov 16 2011 04:16PM
securityfocus rawchaos com (1 replies)
Re: run nmap automatically from index.html (??) Nov 16 2011 05:26PM
Daniel Miller (bonsaiviking gmail com)
Re: run nmap automatically from index.html (??) Nov 16 2011 03:26PM
Justin Rogosky (jrogosky gmail com) (1 replies)
Personally, I wouldn't depend on employees visiting a web page to
determine if unauthorized equipment is attached to the network. While
spoofable, the best way to determine attachment is using MAC
addresses. For nmap to accomplish this, it needs to be on the same
subnet as the target system. Depending on network segmentation, this
may not be possible.

Aside from that, I would watch DHCP logs to determine when a new
system is added to the network. In conjunction with regular nmap
sweeps, this should help find all of the systems on the network.

Just my 2 cents.

--Justin

On Wed, Nov 16, 2011 at 9:09 AM, Kathy Simm <kathys39 (at) hotmail (dot) com [email concealed]> wrote:
>
> We are doing a pen test for a small company and wish to automate some things.  We have a website inside their Intranet that
> when employees scan or visit it  we'd like to nmap the box they came from  trying to see if anyone hooks up an authorized computer to their intranet. Any ideas of how to get=
>  nmap to run automatically?
>
> Getting a perl script to run nmap is already done but I'm trying to figure out whether we should monitor the libpcap data or the  apache log files
> etc.  I'm sure someone else has done this already - can you share some ideas?
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>
>

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: run nmap automatically from index.html (??) Nov 16 2011 04:47PM
Sarah Loyd (sarahloyd mac com)
Re: run nmap automatically from index.html (??) Nov 16 2011 02:57PM
John Mason Jr (john mason jr cox net)
Re: run nmap automatically from index.html (??) Nov 16 2011 02:56PM
Guillaume Friloux (guillaume friloux asp64 com)


 

Privacy Statement
Copyright 2010, SecurityFocus