On the index.php page, if you checked in the Admin-Config page both
Show Detected Servers on homepage Show Terminal Servers and Remote Desktops on homepage
the detected servers and TS/RDP sections don't show the "Nmap discovered on Other equipment" section. To fix it, modify the following queries (index.php SVN rev. 826):
LOC 492 ("WEB Servers Detected/Nmap discovered on other equipment" Section) [code] $sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where (port.nmap_port_number = '80' OR port.nmap_port_number = '443') AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)"; [/code] LOC 635 ("FTP Servers Detected/Nmap discovered on other equipment" Section) [code] $sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '21' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)"; [/code] LOC 779 ("Telnet Servers Detected/Nmap discovered on other equipment" Section) [code] $sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '23' AND port.nmap_other_id = oth.other_id"; [/code] LOC 925 ("Email Servers Detected/Nmap discovered on other equipment" Section) [code] $sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '25' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)"; [/code] LOC 1065 ("VNC Servers Detected/Nmap discovered on other equipment" Section) [code] $sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '5900' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)"; [/code] LOC 1210 ("Terminal Services Servers Detected/Nmap discovered on other equipment" Section) [code] $sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '3389' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)"; [/code] A lot of hosts (switches, printers, remote management boards and so on, listed from the OA "Other" table) will expose their discovered network services (if you "nmapped" your network...).
Last edited by ef on Sun Sep 30, 2007 2:18 am, edited 1 time in total.
|