NAME

scanhost - a scanning script to gather port and OS information from hosts

SYNOPSIS

scanhost.pl [OPTS] <IP_ADDR> [<IP.ADDR> ...]

DESCRIPTION

This script uses the nmap security scanner with the Nmap::Parser module in order to run quick scans against specific hosts, and gather all the information that is required to know about that specific host which nmap can figure out. This script can be used for quick audits against machines on the network and an educational use for learning how to write scripts using the Nmap::Parser module. This script uses the -sV output to get version information of the services running on a machine. This requires nmap version 3.49+

OPTIONS

These options are passed as command line parameters.

-a: This tells the script only to output the information for the hosts that found in state active or status is 'up'.
-i nmapscan.xml: Runs the script using the given xml file (which is nmap xml scan data) instead of actually running a scan against the given set of hosts. This is useful if you only have the xml data on a given machine, and not nmap.
--fast: Runs a fast (-F) nmap scan against the host.
-h,--help,-?: Shows this help information.
-L ips.txt: Reads IP addresses from filename.txt to run a scan against. The IP addresses should be in the target specification format explained below.
-U: When running scans, (not using input xml files with -i), this includes scanning for UDP ports. Note that enabling UDP ports scans increases the time required for the scanning to finish.
-v: This runs the script in verbose mode. The more times used, the more verbose the script will be.

TARGET SPECIFICATION

This documentation was taken from the nmap man page. The IP address inputs to this scripts should be in the nmap target specification format.

The simplest case is listing single hostnames or IP addresses onthe command line. If you want to scan a subnet of IP addresses, you can append '/mask' to the hostname or IP address. mask must be between 0 (scan the whole internet) and 32 (scan the single host specified). Use /24 to scan a class 'C' address and /16 for a class 'B'.

You can use a more powerful notation which lets you specify an IP address using lists/ranges for each element. Thus you can scan the whole class 'B' network 128.210.*.* by specifying '128.210.*.*' or '128.210.0-255.0-255' or even use the mask notation: '128.210.0.0/16'. These are all equivalent. If you use asterisks ('*'), remember that most shells require you to escape them with back slashes or protect them with quotes.

Another interesting thing to do is slice the Internet the other way.

Examples:

scanhost.pl 127.0.0.1
scanhost.pl target.example.com
scanhost.pl target.example.com/24
scanhost.pl 10.210.*.1-127
scanhost.pl *.*.2.3-5
scanhost.pl 10.[10-15].10.[2-254]

OUTPUT EXAMPLE

These are ONLY examples of how the output would look like.

Scan Host
--------------------------------------------------
[>] 127.0.0.1
      [+] Status: (UP)
      [+] Hostname(s) :
              localhost.localdomain
      [+] Operation System(s) :
              Linux Kernel 2.4.0 - 2.5.20
      [+] TCP Ports : (service) [version]
              22     ssh                  OpenSSH 3.5p1
              25     smtp
              111    rpcbind
              443    https
              631    ipp
      [+] UDP Ports :
              111    rpcbind
              937    unknown

BUG REPORTS

Please submit any bugs to: http://sourceforge.net/tracker/?group_id=97509&atid=618345

Please make sure that you submit the xml-output file of the scan which you are having trouble. This can be done by running your scan with the -oX filename.xml nmap switch. Please remove any important IP addresses for security reasons.

AUTHOR

Anthony G Persaud <ironstar@iastate.edu> http://www.anthonypersaud.com

COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

http://www.opensource.org/licenses/gpl-license.php

1 POD Error

The following errors were encountered while parsing the POD:

Around line 291:: =back doesn't take any parameters, but you said =back 4

To install Nmap::Parser, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Nmap::Parser

CPAN shell

perl -MCPAN -e shell
install Nmap::Parser

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)