nrun.1p

Langue: en

Version: 2000-12-17 (debian - 07/07/09)

Section: 1 (Commandes utilisateur)

NAME

nrun - run nmap, storing results in an organized fashion, optionally
       running ndiff afterwards

SYNOPSIS

nrun <nrun options> --- <nmap options>
     <nrun options> =
 
 
      [-o|-output <filename-or-:tag>] [-b|-baseline <filename-or:tag>]
      [-no|-ndiff-options "<ndiff options>"]  [-nm|-nmap <path-to-nmap-binary>]
      [-l|-logfile]
 
 

DESCRIPTION

Nrun passes <nmap options> through to nmap verbatim, except that it instructs nmap to store results in machine-parseable format via nmap's -m switch, and adds the -v switch to generate a port listing in the output file.

Note that the ``--'' string must be present or <nmap options> will be missed by nrun.

Since nrun inserts the -m and -v switches into the nmap command line, you should avoid putting those switches in <nmap options> yourself.

In addition, nrun writes a meta-data file containing some interesting information about the nmap run.

Nrun can automatically invoke ndiff to generate differences with a specified baseline after the scan completes --- see ``OPTIONS'' below.

OPTIONS

-o <filename-or-:tag>
-output <filename-or-:tag>
Use <filename-or-:tag> as the name of the stored results. By default this is treated as a filename. Nrun also writes a metadata file, ``<filename-or-:tag>.info'' containing a some information about the scan.

<filename-or-:tag> may contain %-style substitutions to dynamically add time/date fields or the local host name. See ``SUBSTITUTIONS'' below.

The default for tag is ``<hostname>-YYYYMMDD.nm'' ( ``%F-%Y%w%D.nm'' ).

If <filename-or-:tag> starts with a colon (:), <filename-or-:tag> is treated as a key into a data store, colon removed. See ``DATA STORES'' for more information.

-b <filename-or-:tag>
-baseline <filename-or-:tag>
If nmap returns a successful result, instructs nrun to execute ndiff with the new results against the (pre-existing) baseline results specified with <filename-or-:tag>.

As with the -o option above, if <filename-or-:tag> starts with a colon, the tag is treated as a data store key. See ``DATA STORES'' below.

-no "< ndiff options ... >"
-ndiff-options "< ndiff options ... >"
Pass the ``<ndiff options>'' to ndiff. Use with the -b or -baseline switch. Note that the options must be a single (quoted).
-nm <path-to-nmap-binary>
-nmap <path-to-nmap-binary>
Instructs nrun to execute <path-to-nmap-binary> explicitly instead of using ``nmap'' as found in the search path.
-qn
-quiet-nmap
Instructs nrun to redirect nmap's human readable output to /dev/null.
-l <logfile>
-log <logfile>
Instructs nrun to redirect nmap's human readable output to <logfile>. Nrun's % substitutions are expanded in <logfile>. Currently there is no support for storing logfiles with results data through data stores, but this may be added later.

DATA STORES

Nrun and its related tools can manipulate results in regular nmap-format files, in any user-specified location, or they can handle storing and organizing the data on behalf of the user, through a user-configurable ``data store''.

Whenever you precede a results tag with a colon (:), the tag will be treated as a unique key into a data store, identifying the results set.

Currently the only supported data store is nmap format files placed in a preconfigured directory. Other types may be added at a later date.

A legal tag may contain any alphanumeric string, plus dash, underscore, and dot. %-style substitutions in the ilk of the ``date'' command are also supported, allowing a tag to contain date, time, or the local hostname. See ``SUBSTITUTIONS'' below for more information.

SUBSTITUTIONS

%-style substitutions supported in tags as follows:
%H = hour
%M = minute
%S = second
%D = day of month
%m = month of year (01-12)
%Y = year, four digits
%j = day of year, three digits
%w = day of week (0-6) one digit

Except where noted, the above items are two digits, and local time. All are zero-padded as appropriate.

In addtion-

%F = output of "hostname" on the local machine

BUGS

Ports Scanned lists in results files don't currently condense sequential ranges of ports, resulting in larger than necessary files. This will be fixed in a future update.

AUTHOR

James Levine <jdl@vinecorp.com>