Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Automated Portscan for several Hosted Systems

Posted on 2013-10-31
3
Medium Priority
?
289 Views
Last Modified: 2013-11-05
Hello everybody,

we are searching for an automated solution to check our different hosted systems for open ports. It would be perfect if the solution could send a regular report whit a list of open ports per system.
Furthermore it would of course be desirable if the costs for the solution would be as small as possible.
We are grateful for any helpful suggestion.

Best regards
David
0
Comment
Question by:Systemadministration
3 Comments
 
LVL 7

Accepted Solution

by:
expert1010 earned 1400 total points
ID: 39616113
Hi David,

I suggest nmap. I use it all the time for such things. Make a shell script and run it with cron. Smaller cost than that you'll hardly find, just 30 minutes of your time.

Here is an example.
http://www.mariusv.com/automate-your-nmap-scans/

If you want a full portscan ie. all ports change the row:
      nmap -n -sS $network -oG $DIR/$network.$TODAY.nmap

to
nmap -n -p1-65535 -sS $network -oG $DIR/$network.$TODAY.nmap

And change the email adress to your email.

See "man nmap" or this link for further examples.
http://nmap.org/book/man-examples.html
0
 
LVL 65

Assisted Solution

by:btan
btan earned 600 total points
ID: 39616795
Also suggest you see

a) Mapping networks using Zenmap profiles - the clip some idea and visual aspect in the mapping. also nmap based too.

http://searchsecurity.techtarget.com/video/Zenmap-tutorial-Mapping-networks-using-Zenmap-profiles
http://www.linux.com/learn/tutorials/381794-audit-your-network-with-zenmap

b) OpenVAS (open) and Nessus (commerical) - The former is a fork from the last free version of Nessus that went proprietary in 2005. OpenVAS plugins are still written in the Nessus NASL language. Actually Metasploit community (or Nexpose - commerical) is another worth checking. Below is a comparsion to give some sense on scan capbility and scope

http://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/

Actually it will be better to go targeted as scanner specific to web has a couple few more like Zap proxy, skipfish, Arachni etc (for OWASP top 10) or server application specific.  The pentesting standard has good material to consider, thought you may be only doing part of the vulnerability scan, that is the next logical step after the vulnerability scan.

http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines#Automated_Tools

Intelligence gathering make sense as overall ..

http://www.pentest-standard.org/index.php/Intelligence_Gathering
0
 

Author Closing Comment

by:Systemadministration
ID: 39623875
Thanks everybody for the fine input. I guess we will build a solution using nmap.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

879 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question