Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 7:06 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 
Author Message
PostPosted: Thu Jun 07, 2012 7:09 pm 
Offline
Newbie

Joined: Thu Jun 07, 2012 5:44 pm
Posts: 2
hi, I have installed open-audit server on my fedora box.
I am trying to run #./nmap_linux.sh to query some devices on my network but there is nothing that gets captured. Am I missing something.
Below is my nmap_linux.sh script

[color=#0000FF]#!/bin/bash

for ((a=11; a <= 31 ; a++))
do
echo "10.xx.xx.$a"
nmap_file="nmap_file.txt"
nmap_input=$(nmap -v -O -oN $nmap_file 10.xx.xx.$a)
nmap_output=$(cat $nmap_file)
wget -q –post-data="submit=submit&add=$nmap_output" http://10.xx.xx.xx/audit0/admin_nmap_input.php
rm "$nmap_file"
rm "admin_nmap_input.php"
done[/color]


I have also tried to run the nmap_linux.sh script to query one of my windows 2003 server(10.xxx.xxx.141). Below is what it saved in the nmap_file.txt file.
I assume the contents in the nmap_file.txt should be inserted in the database right? but nothing is inserted, am I missing something

# cat nmap_file.txt
[color=#0000FF]# Nmap 5.50 scan initiated Thu Jun 7 11:24:27 2012 as: nmap -v -O -oN nmap_file.txt 10.xxx.xxx.141
Initiating OS detection (try #1) against test.server.org (10.xxx.xxx.141)
Nmap scan report for hardcat.unon.org (10.xxx.xxx.141)
Host is up (0.00050s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
80/tcp open http
81/tcp open hosts2-ns
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1026/tcp open LSA-or-nterm
3389/tcp open ms-term-serv
Device type: general purpose
Running: Microsoft Windows 2003
OS details: Microsoft Windows Server 2003 SP1 or SP2
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=260 (Good luck!)
IP ID Sequence Generation: Incremental

Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
# Nmap done at Thu Jun 7 11:24:30 2012 -- 1 IP address (1 host up) scanned in 3.35 seconds
#

[/color]


Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 08, 2012 2:20 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1259
You don't say what version of OpenAudit you have but I'd first make sure you're on the latest version from [url=http://open-audit.svn.sourceforge.net/viewvc/open-audit/trunk/?view=tar]SVN[/url].

Then as OAv1 is no longer maintained you might try my admin_nmap_input.php file to see if it helps. I'm not sure my latest changes are anything better than what's in the SVN trunk.

Also I think the nmap input code doesn't handle nmap scans that were done across subnets and thus don't have a MAC address in the output. It's best to run the nmap scan against machines on the same subnet as the scanning machine.


Attachments:
admin_nmap_input.txt [14.78 KiB]
Downloaded 1157 times
Top
 Profile  
Reply with quote  
PostPosted: Fri Jun 08, 2012 4:30 pm 
Offline
Newbie

Joined: Thu Jun 07, 2012 5:44 pm
Posts: 2
I am running Open-AudIT Version 09.03.17 (c) 2006 - 2012.License


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 3 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group