nmap-audit

General Stuff

· home
· contact me
· credits

Misc Code

· nmap-audit
· virusNotification

My Projects

· Carlbooks

News

2003.10.07:

Added release 1.66 of nmap-audit. This should address issues with hosts not being recognized and with the output "Unrecognized line: Interesting ports on .....".

If this doesn't fix the issue for nmap v3.46 and under please get in touch with me.

2003.09.23:

Added released version 1.64 of nmap-audit that works with all versions of nmap up to 3.46 (but for 3.45 which is currently unsupported).

Added a FAQ available here.

2003.04.07:

Initial public release.

About

nmap-audit is a PERL script which makes use of the nmap port scanning software to automate port scan audits. nmap produces a human readable report for each host that contains, among other things, the hostname being scanned and any open ports. Unfortunately, even for a moderately sized network, these reports contain far too much information to process, especially if the network is scanned on a regular basis.

To help mitigate this information overload, nmap-audit was designed to eliminate repeated human processing of any redundant information from one scan to the next. For example, all windows machines may have UDP port 137 open, and as such, the fact that this port is open should not be noted in the otherwise cluttered reports.

nmap-audit was designed to produce large, detailed reports on the first run, thereby forcing a complete audit of the open ports on the network. Following this, only ports which have not been ignored, most likely any newly opened ports, are returned.

Though the complete information from each run of nmap-audit isn't delivered in a typical report, this script provides the necessary functionality to extract this data from any point in time on record, a feature which may prove especially helpful for after-the-fact forensics and other troubleshooting.

View POD documentation for nmap-audit.
View Example email report, which is delivered is Human Readable form and CSV form which can be processed using Excel.
View example configuration file here.
Before asking a question please see if it is in the FAQ.

Please contact me with any bug reports or clarifications at nmap-audit@heavyk.org.

Download Current Version:

nmap-audit-1.66.tar.gz

Previous Versions:

Requires nmap and MIME::Lite.

Changelog v1.64 (2003.10.07)

Updated nmap parsing routine to work with some quirky nmap output in versions up to and including 3.46.

v1.64 (2003.09.23)

Updated nmap parsing routine to work with nmap versions up to and including 3.46.

v1.63 (2003.04.07)

Updated configuration file

v1.62 (2003.04.06)

Initial public release

Last modified: December 03 2006.