Open-AudIT not working
Page 1 of 1

Author:  martinkuria [ Thu Jun 07, 2012 7:09 pm ]
Post subject: not working

hi, I have installed open-audit server on my fedora box.
I am trying to run #./ to query some devices on my network but there is nothing that gets captured. Am I missing something.
Below is my script


for ((a=11; a <= 31 ; a++))
echo "10.xx.xx.$a"
nmap_input=$(nmap -v -O -oN $nmap_file 10.xx.xx.$a)
nmap_output=$(cat $nmap_file)
wget -q –post-data="submit=submit&add=$nmap_output" http://10.xx.xx.xx/audit0/admin_nmap_input.php
rm "$nmap_file"
rm "admin_nmap_input.php"

I have also tried to run the script to query one of my windows 2003 server( Below is what it saved in the nmap_file.txt file.
I assume the contents in the nmap_file.txt should be inserted in the database right? but nothing is inserted, am I missing something

# cat nmap_file.txt
# Nmap 5.50 scan initiated Thu Jun 7 11:24:27 2012 as: nmap -v -O -oN nmap_file.txt
Initiating OS detection (try #1) against (
Nmap scan report for (
Host is up (0.00050s latency).
Not shown: 992 closed ports
80/tcp open http
81/tcp open hosts2-ns
135/tcp open msrpc
139/tcp open netbios-ssn
443/tcp open https
445/tcp open microsoft-ds
1026/tcp open LSA-or-nterm
3389/tcp open ms-term-serv
Device type: general purpose
Running: Microsoft Windows 2003
OS details: Microsoft Windows Server 2003 SP1 or SP2
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=260 (Good luck!)
IP ID Sequence Generation: Incremental

Read data files from: /usr/share/nmap
OS detection performed. Please report any incorrect results at .
# Nmap done at Thu Jun 7 11:24:30 2012 -- 1 IP address (1 host up) scanned in 3.35 seconds

Author:  jpa [ Fri Jun 08, 2012 2:20 am ]
Post subject:  Re: not working

You don't say what version of OpenAudit you have but I'd first make sure you're on the latest version from SVN.

Then as OAv1 is no longer maintained you might try my admin_nmap_input.php file to see if it helps. I'm not sure my latest changes are anything better than what's in the SVN trunk.

Also I think the nmap input code doesn't handle nmap scans that were done across subnets and thus don't have a MAC address in the output. It's best to run the nmap scan against machines on the same subnet as the scanning machine.

admin_nmap_input.txt [14.78 KiB]
Downloaded 699 times

Author:  martinkuria [ Fri Jun 08, 2012 4:30 pm ]
Post subject:  Re: not working

I am running Open-AudIT Version 09.03.17 (c) 2006 - 2012.License

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group