[Vultra]

hello all,

I'll be sharing a helpful Nmap that scans your network everyday.
This will work on a VPS/VM server that is linux or, your personal computer that is linux.

Replace IP (10.100.100.0/24) with yours...

Code:

#!/bin/bash
mkdir opt/nmap_diff
d=$(date +%Y-%m-%d)
y=$(date -d yesterday +%Y-%m-%d)
/usr/bin/nmap -T4 -oX /opt/nmap_diff/scan_$d.xml 10.100.100.0/24 > /dev/null 2>&1
if [ -e /opt/nmap_diff/scan_$y.xml ]; then
/usr/bin/ndiff /opt/nmap_diff/scan_%y.xml /opt/nmap_diff/scan_%d.xml > /opt/nmap_diff/diff.txt
fi

Any questions, leave them down below.

[skrtja]

How would this be useful? I've used zenmap in class to find open ports and such but how is this different from just scanning?

[Skullmeat]

If I read this correctly, it logs changes in devices on you lan? Unfortunately, I use a cascading router setup. I don't think it will work on devices outside my lan.

[Vultra]

Totally forgot this thread.

How would this be useful? I've used zenmap in class to find open ports and such but how is this different from just scanning?

Regular scans to see or find any open ports that an attack has done or, has gotten access to your network.

[skrtja]

Totally forgot this thread.

How would this be useful? I've used zenmap in class to find open ports and such but how is this different from just scanning?

Regular scans to see or find any open ports that an attack has done or, has gotten access to your network.

Ok thanks. This might be helpful in the future.

[mothered]

Totally forgot this thread.

How would this be useful? I've used zenmap in class to find open ports and such but how is this different from just scanning?

Regular scans to see or find any open ports that an attack has done or, has gotten access to your network.

Isn't that what Zenmap/Nmap does- Identifies open/vulnerable ports as well as hosts & services running on the network (IPs, hostnames etc), hence allows you to establish If and when an Intrusion has taken place?

[skrtja]

Totally forgot this thread.

How would this be useful? I've used zenmap in class to find open ports and such but how is this different from just scanning?

Regular scans to see or find any open ports that an attack has done or, has gotten access to your network.

Isn't that what Zenmap/Nmap does- Identifies open/vulnerable ports as well as hosts & services running on the network (IPs, hostnames etc), hence allows you to establish If and when an Intrusion has taken place?

That's what I thought too as well.

[Vultra]

Totally forgot this thread.

How would this be useful? I've used zenmap in class to find open ports and such but how is this different from just scanning?

Regular scans to see or find any open ports that an attack has done or, has gotten access to your network.

Isn't that what Zenmap/Nmap does- Identifies open/vulnerable ports as well as hosts & services running on the network (IPs, hostnames etc), hence allows you to establish If and when an Intrusion has taken place?

Yep, pretty much but, this is automated scanning that stores logs of valuable information of what's happening.

[mothered]

Totally forgot this thread.

Regular scans to see or find any open ports that an attack has done or, has gotten access to your network.

Isn't that what Zenmap/Nmap does- Identifies open/vulnerable ports as well as hosts & services running on the network (IPs, hostnames etc), hence allows you to establish If and when an Intrusion has taken place?

Yep, pretty much but, this is automated scanning that stores logs of valuable information of what's happening.

Okay, thanks for confirming.