Permalink
Browse files

Initial commit

  • Loading branch information...
0 parents commit 0f3554508aa07ba4c6195a33c4325395f3ebe187 @lozzd committed Sep 24, 2012
Showing with 101 additions and 0 deletions.
  1. +32 −0 README
  2. +69 −0 autonmap.sh
32 README
@@ -0,0 +1,32 @@
+ ___ __ _ __
+ / | __ __/ /_____ / | / /___ ___ ____ _____
+ / /| |/ / / / __/ __ \/ |/ / __ `__ \/ __ `/ __ \
+ / ___ / /_/ / /_/ /_/ / /| / / / / / / /_/ / /_/ /
+/_/ |_\__,_/\__/\____/_/ |_/_/ /_/ /_/\__,_/ .___/
+ /_/
+
+
+AutoNmap runs a daily Nmap scan, compares the results using ndiff and
+emails the results to a specified email address.
+
+It also puts a copy of the report into a directory so you can view it
+online/share it around, rather than viewing just the diff.
+
+INSTALL:
+
+Place autonmap.sh in a directory.
+Change the options at the top of the script (e.g. scan subnet(s), email recipient(s))
+Add to cron using something like:
+ 0 9 * * * /usr/local/autonmap/autonmap.sh >> /var/log/autonmap/autonmap.log 2>&1
+
+AutoNmap will then run daily and if there any differences in the port state, it will
+email the diff to the specified recipients. The log file should contain some useful
+information in case debugging is required.
+
+
+WEB REPORT:
+
+AutoNmap will place a copy of the entire scan output in XML format in a directory
+you specify. This is useful when combined with the nmap.xsl XML stylesheet so you can
+get a full overview of the state of your network, updated daily. You could easily
+"disable" this feature if you wanted by commenting out the copy step.
@@ -0,0 +1,69 @@
+#!/bin/bash
+
+DATE=`date +%F`
+
+## Begin Config
+
+# The directory for autonmap data/scans
+RUN_DIRECTORY="/usr/local/autonmap/"
+
+# The directory you want the web report to live in
+WEB_DIRECTORY="/var/www/autonmap/"
+
+# The subnets you want to scan daily, space seperated.
+SCAN_SUBNETS="10.101.0.0/24"
+
+# The full path (http) to where the report will be hosted by your webserver. This is included in the email report.
+# I suggest setting up auth using htpasswd etc, in which case you can include the auth in the URL for simplicity if you want.
+WEB_URL="http://mywebserver.com/autonmap/scan-$DATE.xml"
+
+# The full path to your chosen nmap binary
+NMAP="/usr/bin/nmap"
+
+# The path to the ndiff tool provided with nmap
+NDIFF="/usr/bin/ndiff"
+
+# The email address(es), space seperated that you wish to send the email report to.
+EMAIL_RECIPIENTS="you@yourdomain.com youteam@yourdomain.com"
+
+## End config
+
+echo "`date` - Welcome to AutoNmap2. "
+
+# Ensure we can change to the run directory
+cd $RUN_DIRECTORY || exit 2
+echo "`date` - Running nmap, please wait. This may take a while. "
+$NMAP --open -T4 -PN $SCAN_SUBNETS -n -oX scan-$DATE.xml --stylesheet "nmap.xsl" > /dev/null
+echo "`date` - Nmap process completed with exit code $?"
+
+# If this is not the first time autonmap2 has run, we can check for a diff. Otherwise skip this section, and tomorrow when the link exists we can diff.
+if [ -e scan-prev.xml ]
+then
+ echo "`date` - Running ndiff..."
+ # Run ndiff with the link to yesterdays scan and todays scan
+ DIFF=`$NDIFF scan-prev.xml scan-$DATE.xml`
+
+ echo "`date` - Checking ndiff output"
+ # There is always two lines of difference; the run header that has the time/date in. So we can discount that.
+ if [ `echo "$DIFF" | wc -l` -gt 2 ]
+ then
+ echo "`date` - Differences Detected. Sending mail."
+ echo -e "AutoNmap2 found differences in a scan for '${SCAN_SUBNETS}' since yesterday. \n\n$DIFF\n\nFull report available at $WEB_URL" | mail -s "AutoNmap2" $EMAIL_RECIPIENTS
+ else
+ echo "`date`- No differences, skipping mail. "
+ fi
+
+else
+ echo "`date` - There is no previous scan (scan-prev.xml). Cannot diff today; will do so tomorrow."
+fi
+
+# Copy the scan report to the web directory so it can be viewed later.
+echo "`date` - Copying XML to web directory. "
+cp scan-$DATE.xml $WEB_DIRECTORY
+
+# Create the link from today's report to scan-prev so it can be used tomorrow for diff.
+echo "`date` - Linking todays scan to scan-prev.xml"
+ln -sf scan-$DATE.xml scan-prev.xml
+
+echo "`date` - AutoNmap2 is complete."
+exit 0

0 comments on commit 0f35545

Please sign in to comment.