1. problem statement
I have to create function in which read IP addresses one by one from one file (iplist.txt) and scan these IP using nmap. This scan IP's output is saved in output.txt file and parse output.txt to save only open ports with particular IP in parse.txt file.
format of parse.txt file:
Code:
Code:
ip port
x.x.x.x x
2. My goal:
1. Find all ports open on a whole range.
2. Save only open ports with IP address in another file. Don't save filtered or closed ports in this file.
eg. Format of file:
IP_address Open_port
Code:
192.168.0.1 21
192.168.0.1 80
....
so I have write the script which scan IP range. I just want script of second option.
I have attached the script. Please help me if possible to implement second option. In second option, my script take open port/tcp and all other details but i want only ip address with open port.
Mumbai University, Mumbai, India and Information Technology
Moderator's Comments:
Seriously: Please use CODE tags as required by forum rules!
And, use homework form correctly and entirely.
Last edited by RudiC; 03-14-2017 at 10:07 AM..
Reason: Added CODE tags.
I am pretty new at running nmap ,and i have some doubt about some o/ps the nmap shows
I tried to scan my own system for UDP open ports
I see that if i use one UDP port say 13
It shows that its in open state , etc
But if i scan for the whole UDP ports in the nmap-services . I gives te... (2 Replies)
Hi,
Whenever I tried to run nmap on my linux (red hat 6.2) boxes i got these outputs:
4444/tcp filtered krb524
6666/tcp filtered irc-serv
6699/tcp filtered napster
8888/tcp filtered sun-answerbook
Can anybody please... (10 Replies)
Hi everyone!
I've temporarily come out of hibernation (and will be gone for about two weeks after this post too) to ask for input on a small PHP script I have just completed.
The script aims to be a remote front-end for Nmap - now for the safety of this post, I ask that any replies refrain from... (6 Replies)
I'm trying to compile nmap 4.11 on an aix 5.2 machine and get the following error when attempting the 'make' command;
make
"Makefile", line 1: make: 1254-055 Dependency line needs colon or double colon operator.
"Makefile", line 14: make: 1254-055 Dependency line needs colon or double colon... (2 Replies)
I want to print between the range two patterns if a particular pattern is present in between the two patterns. I am new to Unix. Any help would be greatly appreciated.
e.g.
Pattern1
Bombay
Calcutta
Delhi
Pattern2
Pattern1
Patna
Madras
Gwalior
Delhi
Pattern2
Pattern1... (2 Replies)
I 'm getting following error when i run nmap for an ip .. what could be the reason for it ?
#nmap 10.22.67.18
Starting Nmap 4.68 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-07-06 19:07 UTC
Warning: Unable to open interface e1000g3301000 -- skipping it.... (2 Replies)
Hello guys, i'm having a problem with nmap, what i'd like to do is a scan to find around 100 or so IP address that are up, and that correspond to sites.
The command i need should basically find sites through ip address randomly generated, let's say i generate 2000 ip, i'd like to know how many of... (0 Replies)
I'm seeing a persistent address showing up on my firewall router logs. The address is 10.98.115.9:67, and is broadcasting to 255.255.255.255. I know that this would typically signal a BOOTP service, such as a bootp server announcing itself on the network. But I can't isolate which machine it... (3 Replies)
Scripting language : Bash Shell Script
I have to create function in which read IP addresses one by one from one file (ip.txt) and scan these IP using nmap. (4 Replies)
Discussion started by: sk151993
4 Replies
LEARN ABOUT DEBIAN
nstreams
nstreams(1) Users Manuals nstreams(1)NAME
network streams - a tcpdump output analyzer
SYNOPSIS
nstreams [ -v ] [ -c nstreams-services ] [ -n nstreams-networks_file ] [ -N [ -i ] [ -I ]] [ -r ] [ -O output [ -D iface ] [ -Y ]] [ -u ] [
-U ] [ -B ] [ -f tcpdump_file ] [ -l <iface> ] [ tcpdump output ]
DESCRIPTION
nstreams is a utility designed to identify the IP streams that are occuring on a network from a non-user friendly tcpdump output of several
megabytes.
This is especially useful when you plan to install a firewall but if you do not know the nstreams that the network users are generating
(http, real audio, and more...). nstreams can read the tcpdump output directly from stdin, or from a file. It can even generate the con-
figuration file of your firewall, using the -O option.
OPTIONS -c <nstreams-services-file>
The path to an alternate nstreams service file. This file is used to identify each protocol. See the services file section later in
this manual page.
-n <nstreams-networks-file>
The path to an alternate nstreams network file. This file is used to identify which hosts belong to which network. See the networks
file section later in this manual page.
-f <tcpdump output file>
The path to the file to read data from. This file must have been generated using 'tcpdump -w filename'.
-l <iface>
Listen directly on interface <iface>. This avoids the use of tcpdump.
-N print the networks names instead of the hosts IP addresses. The intra-network traffic will not be shown. Use this option twice to
show the networks IP address instead of their names.
-i Also show the intra-network traffic (must be used with -N)
-I Only show the intra-network traffic (must be used with -N)
-r be redundant. That is, the same streams will be printed each time they appear in the dump.
-v print version number and exit.
-O <type>
output type. You can use this option to generate your firewall startup script. Do nstreams -h to see the supported output types.
-D <iface>
interface to apply to output onto. Must be used with -O.
-Y The firewall rules that will be generated will deny all packets coming from the outside trying to establish connections to the
inside. If you system is not serving anything, then it's safe to turn on this option.
-u Do not print the unknown streams
-U Only print the unknown streams
-B Show broadcasts and networks
USAGE
Let tcpdump(1) run some time on your network (like one week), and save its output in a file, by doing :
tcpdump -l -n > output
or
tcpdump -w filename
Then, feed nstreams with this output file, and it will turn it into a easily-readable file which will help you to write efficient firewall
filters. You may also do :
tcpdump -l -n | nstreams
or
nstreams -f filename (if you used tcpdump -w)
THE SERVICES FILE
The service file contains the description of each protocol, as well as their name. Its syntax is :
protocol_name:server_port(s)/{udp,tcp}:client_ports(s)
or :
protocol_name:type(s)/icmp:code(s)
Whereas :
protocol_name
is the name of the protocol described. This name may contain any character, including space, except ':'.
server_port(s)
is the range of ports used by the server. Usually, you will want to define one server port only, but you may enter any range you
want.
ip_protocol
is the IP protocol that this protocol is lying onto. Acceptable values are tcp and udp
client_port(s)
is the range of ports that the client may use. You can set this to any or, for more accurate results, to ports ranges, like
'1-1024,2048-4096'.
The rules are : 'first match, first taken'.
SERVICE FILE EXAMPLE
Using this syntax, you would declare the ssh protocol by :
ssh-unix:22/tcp:1000-1023
Because the Unix version of the ssh client uses a privileged port to connect onto the ssh server which listens on port 22.
THE NETWORKS FILE
The networks file is used to define sets and subsets of hosts (also known as networks). This avoids redundancy in the output file. The syn-
tax format for this file is :
network name:ip/mask
Whereas the network name is whatever you want, the IP is the ip of the network, and the mask is the CIDR netmask of the network. The rule
is 'first match, first taken'.
NETWORKS FILE EXAMPLE
admin:192.168.19.0/29
whole_subnet:192.168.0.0/16
internet:0.0.0.0/0
LIMITS
o nstreams can only parse the output of 'tcpdump -n'
o Even though the output of nstreams is easier to read than the one of tcpdump, it is still not easily readable. Use sort(1) on the nstream
output to get a more readable file.
o This program could have been written in perl
FILES
/etc/nstreams-services
/etc/nstreams-networks
SEE ALSO tcpdump(1)AUTHORS
Concept : Herve Schauer Consultants - http://www.hsc.fr
Coding : Renaud Deraison <deraison@cvs.nessus.org>
BUG REPORTS
Please send all your bug reports with the detail of your configuration to Renaud Deraison <deraison@cvs.nessus.org>
nstreams July 1999 nstreams(1)
03-14-2017
