You can organize the grepable output - the -oG option from above - with additional tools, such as awk. -oA - standard, grepable and XML output.Use the following command: $ xsltproc scan.xml -o scan.html Convert the XML file to HTML. Next, you need to convert the XML file to HTML. The XML option is -oX and looks like this: $ nmap 192.168.1.10 -oX scan.xml Nmap can write results in XML, which various programs can read and interpret. First, you need to put the results in a file, and then you need to use that file. Now that I've reviewed the basics of using Nmap, how can you begin to work with the results? Nmap output, especially at the command line, is not particularly user-friendly when dealing with many hosts and when you need to create easy-to-understand documentation. Next, I look at outputting Nmap results to other formats. However, you might need more detail or want to organize the output for better presentation or parsing. In some cases, the above basic options are sufficient for your needs. The -A option also provides OS identification and can be combined with other options. One element you probably need for documentation and inventory is OS discovery. Run the -O option to discover OS details. Note that increased verbosity also lengthens scan time. Increase the verbosity of the output by using the -v or -vv (very verbose) options. The -T1 option is the slowest of those listed, and -T5 is the quickest. Consider these timings if scanning a large network segment. By adding the -T1, -T2, -T3, -T4 or -T5 options, you can speed up the scan at the risk of possibly less accurate results. Most network inventories won't need a list of discovered ports, so make the scan more efficient by dropping that information: $ nmap -sn 192.168.2.0/24Īdmins can control the time it takes Nmap to scan in many ways. If you need to scan multiple subnets simultaneously, place a space between each network ID, like this: $ nmap 192.168.2.0/24 192.168.3.0/24 192.168.4.0/24 Basic scan syntaxĪssuming you're using the command-line version - I cover the GUI tool Zenmap below - you can scan a single system: $ nmap 192.168.2.200īegin a basic subnet scan by typing the nmap command and the subnet: $ nmap 192.168.2.0/24ĭepending on the size of the subnet, this scan could take a while. I'll begin with a quick reminder of Nmap basics, including some options more specifically suited to inventory and discovery rather than security settings. It begins with a brief overview of basic Nmap use and then expands into outputting results to files and using Zenmap, as well as a few Ansible specifics. This article explains some options and tricks for using Nmap for nonsecurity tasks. So, how might you use Nmap if not for security? By inventorying and documenting a network, you enable maintenance of audits and licensing records, accurate and efficient configuration management, and a solid troubleshooting reference. device discovery for configuration management and. ![]() The following are some tasks Nmap supports:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |