nmap
Hari Sekhon
hpsekhon at googlemail.com
Thu Aug 17 17:42:49 CEST 2006
Robin-David Hammond%KB3IEN wrote:
> Has anyone used nagios to track changes in the open ports on remote hosts?
>
> I'm thinking that if the output of nmap changes one hour to the next that
> something ought to be investigated.
>
> Sure it might be nothing, but might be a "OOh a root-kit! How Nice!"
> moment.
>
>
> Robin-David Hammond KB3IEN
> +1 347 350 34 00
>
>
> -------------------------------------------------------------------------
> Using Tomcat but need to do more? Need to support web services, security?
> Get stuff done quickly with pre-integrated technology to make your job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
>
I have been thinking about this too. You could write a quick shell
script to do this I guess, just take hourly reading and then diff them
and warn if the port status has changed. Problem with this is that you
can't really get the output cos nagios plugins are constrained to one
line. Is there a good way to still get the output other than squashing
it into one line? Would "stuff\nmorestuff" get around this if it's not
immediately evaluated, but evaluated on the notify command? Or perhaps
you could just output the whole thing normally and the web interface
will take only the first line but the mail will show all lines?
Let me know what you come up with on this as I would also be very
interested in doing this. Perhaps if we have an ongoing rolling
discussion we could make this pretty good. I invite everyone to throw in
their opinions and ideas on this....
Hari
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list