There's two good off-the-shelf tools for comparing nmap scans. If it's just a point-in-time difference (comparing one scan against another), you should look at ndiff http://nmap.org/ndiff/
if you're going to be scanning the same networks over and over, I can't recommend PBNJ enough. http://pbnj.sourceforge.net/ The canned reports that outputpbnj has are great! Best of luck! - Mick On Tue, Mar 30, 2010 at 9:26 AM, Bacon Zombie <[email protected]> wrote: > Hey, > > Are you guys doing scans via NMap, Nessus or some other tool? > If NMap what other tool/scripts are you using to diff and datamind the data > collected? > > I'm looking to rolling out a similar daily task on my work network. > > BaconZombie > > On 30 March 2010 13:21, Albert R. Campa <[email protected]> wrote: >> >> Id agree with the cred scanning during the day. I started tentatively, >> but since doing it a few times, I have noticed no issues whatsoever on >> desktop scans. >> >> >> __________________________________ >> Albert R. Campa >> >> >> >> On Mon, Mar 29, 2010 at 7:56 PM, Paul Asadoorian <[email protected]> >> wrote: >> > If you're scanning workstations I highly recommend credentialed >> > scanning. There is little impact on the end-user workstations, and you >> > get better results (less false positives, more information about the >> > installed software, devices, etc..). >> > >> > We started doing this on some of our consulting engagements and are very >> > happy with the results. It really gives you a good picture of the >> > network, systems, and a snapshot of the security practices that exist >> > (or not). >> > >> > Cheers, >> > Paul >> > >> > On 3/29/10 8:26 PM, Michael Douglas wrote: >> >> we scan our workstations during a few windows. >> >> >> >> Early in the morning (between 6-8:30 local) if they're running. >> >> After the work day (between 6:30 - 9ish) if they're running. >> >> If all else fails, we scan around lunchtime (11:30 - 1) We only use >> >> this time as a fall back... this will impact users. >> >> >> >> >> >> HTH, >> >> - Mick >> >> >> >> >> >> >> >> On Mon, Mar 29, 2010 at 2:02 PM, Juan Cortes <[email protected]> >> >> wrote: >> >>> Guys, >> >>> >> >>> Sort of new to this, but is there a sort of industry standard time >> >>> when to >> >>> scan. Basically this scan will be workstations and I would like to >> >>> scan them >> >>> during the day since some users turn them off and I would like to get >> >>> away >> >>> from bugging people to leave them on. Any suggestions? >> >>> >> >>> Thanks >> >>> >> >>> -- >> >>> Juan C. Cortes >> >>> Chicago, Il >> >>> >> >>> _______________________________________________ >> >>> Pauldotcom mailing list >> >>> [email protected] >> >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >>> Main Web Site: http://pauldotcom.com >> >>> >> >> _______________________________________________ >> >> Pauldotcom mailing list >> >> [email protected] >> >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> >> Main Web Site: http://pauldotcom.com >> > >> > -- >> > Paul Asadoorian >> > PaulDotCom Enterprises >> > Web: http://pauldotcom.com >> > Phone: 401.829.9552 >> > _______________________________________________ >> > Pauldotcom mailing list >> > [email protected] >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
