[ change connection to: standard   |   secure ] Search:  
General Stuff
·   home
·   contact me
·   credits

Misc Code
·   nmap-audit
·   virusNotification

My Projects
·   Carlbooks 



# $Id: nmap-audit.rc.php,v 1.2 2003/10/07 16:57:56 resark Exp resark $


##############################################################
######### nmap-audit config options
######

   ## IPS scanning definitions ##
   ips = 192.168.1.0/24
   
   ## report mailing info ##
   email-to = root@example.com
   email-subject = Host Vulnerability Scanning Results
   email-from = nmap-audit@example.com
   
   ## The maximum number of nmap threads to be run
   ## simultaneously.  Please begin this with a small
   ## number and slowly increase it to keep your machine
   ## from getting overwhelmed from too many processes
   max-threads = 20

   ## The level of detail to report.  Either low, medium, or high ##
   detail = low

   ## nmap command to be run.  Note that appended to this
   ## is the option to direct the output to a human readable
   ## file.  Therefore, using the '-oN filename' option will
   ## not work in conjunction with the nmap-audit script ##
   #nmap = nmap -sS -sU -v -O -T Polite -p 1-1024    # TCP and UDP scan
   nmap = nmap -sS -v -O -T Polite -p 1-1024        # TCP scan

   ## base directory name where all scanning data will be
   ## stored.  To this name the date of the scan and a
   ## sequence number will be appended to prevent multiple
   ## scans on the same day from overwriting data.  Use the
   ## complete path if executing via cron.
   dir-name = example

##############################################################



##############################################################
######### ignore options
######


##
## Group of all microsoft operating
## systems
##
group windows
    os = Windows

    ## RPC/DNS Administration ##
    ignore = open        135        loc-srv            tcp
    ignore = open        135        loc-srv            udp

    ## systems management over UDP ##
    ignore = open        137        netbios-ssn    udp            # wins
    ignore = open        138        netbios-ssn    udp            # netbios datagrams
    ignore = open        139        netbios-ssn    tcp            # netbios datagrams

    ## Direct hosting of SMB over TCP/IP ##
    ignore = open        445        microsoft-ds   udp
    ignore = open        445        microsoft-ds   tcp
end group windows

##
## Group that contains all unix hosts
##
group unix
    os = Linux Kernel 2.4.0 - 2.5.20
    os = Solaris 2.6 - 2.7 with tcp_strong_iss=2
    os = Solaris 2.6 - 7 (SPARC)
    os = Solaris 8 early access beta through actual release
    os = Solaris 9 Beta through Release on SPARC

    ignore = open        22        ssh            tcp             # SSH
end group unix


##
## group that matches all hosts.
## place most general rules here
##
group all
    hostname = *

    ignore = filtered    *        *        *
    ignore = closed      *        *        *
end group all






Last modified: December 03 2006.