Open-AudIT changes recommendations
Page 1 of 1

Author:  brtw2003 [ Thu Aug 19, 2010 1:10 am ]
Post subject: changes recommendations


I would suggest to revise the included shell script a little bit.

BTW: awesome tool you guys have created...keep work going!!


oa_host="http://xxxxx"        #this should be parsed from the audit.config
subnet="x.x.x.x/24"           #this should be parsed from the audit.config

printf "\n*******************************************\n"
printf "******** O P E N  A U D I T *********\n"
printf "********************************"

## scan for online devices
printf "\n\n***start nmap ping & tcp-syn scan for host discovery.."
nmap -sP -PS22,445,135 -n -oN $nodes_online $subnet >/dev/null
sleep 2

## check if we do have some online devices and then start the nmap synscan
if [ "$(cat $nodes_online |grep "report for" |cut -d" " -f5)" > 0 ]; then

  printf "\n\n***active nodes found, start nmap syn scan..\n"

  for node in `echo $(cat $nodes_online |grep "report for" |cut -d" " -f5)`
    printf "\n\n***verify $node (default syn scan, service version & OS detection)\n"
    nmap -v -sS -sV -O -oN $nmap_file $node >/dev/null

    printf "***done we nmap scan...Upload data to OpenAudit server..\n"
    oa_data=`cat $nmap_file`
    wget -q --post-data="submit=submit&add=$oa_data" $oa_host/admin_nmap_input.php
    printf "\n***next node..."

    rm $nmap_file
    rm "admin_nmap_input.php"

printf "*** finished with nmap scan, have a look in your OpenAudit Web Frontend!\n\n"


Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group