Automated Portscan for several Hosted Systems

Hello everybody,

we are searching for an automated solution to check our different hosted systems for open ports. It would be perfect if the solution could send a regular report whit a list of open ports per system.
Furthermore it would of course be desirable if the costs for the solution would be as small as possible.
We are grateful for any helpful suggestion.

Best regards
David
SystemadministrationAsked:
Who is Participating?
 
expert1010Connect With a Mentor Commented:
Hi David,

I suggest nmap. I use it all the time for such things. Make a shell script and run it with cron. Smaller cost than that you'll hardly find, just 30 minutes of your time.

Here is an example.
http://www.mariusv.com/automate-your-nmap-scans/

If you want a full portscan ie. all ports change the row:
      nmap -n -sS $network -oG $DIR/$network.$TODAY.nmap

to
nmap -n -p1-65535 -sS $network -oG $DIR/$network.$TODAY.nmap

And change the email adress to your email.

See "man nmap" or this link for further examples.
http://nmap.org/book/man-examples.html
0
 
btanConnect With a Mentor Exec ConsultantCommented:
Also suggest you see

a) Mapping networks using Zenmap profiles - the clip some idea and visual aspect in the mapping. also nmap based too.

http://searchsecurity.techtarget.com/video/Zenmap-tutorial-Mapping-networks-using-Zenmap-profiles
http://www.linux.com/learn/tutorials/381794-audit-your-network-with-zenmap

b) OpenVAS (open) and Nessus (commerical) - The former is a fork from the last free version of Nessus that went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. Actually Metasploit community (or Nexpose - commerical) is another worth checking. Below is a comparsion to give some sense on scan capbility and scope

http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/

Actually it will be better to go targeted as scanner specific to web has a couple few more like Zap proxy, skipfish, Arachni etc (for OWASP top 10) or server application specific.  The pentesting standard has good material to consider, thought you may be only doing part of the vulnerability scan, that is the next logical step after the vulnerability scan.

http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines#Automated_Tools

Intelligence gathering make sense as overall ..

http://www.pentest-standard.org/index.php/Intelligence_Gathering
0
 
SystemadministrationAuthor Commented:
Thanks everybody for the fine input. I guess we will build a solution using nmap.
0
All Courses

From novice to tech pro — start learning today.