Whipped this up for work, figured I’d share with the world, since it’s decently useful. Stick it in cron nightly, needs to run as root. It will run a diff on what it sees and email you if there are new ports/hosts that pop up on your networks.
#! /bin/sh DIR="/opt/nmap/scans" NETWORKS="192.168.1.0-255" TODAY=`date +%Y%m%d` YESTERDAY=`date -d yesterday +%Y%m%d` for network in $NETWORKS do nmap -n -sS $network -oG $DIR/$network.$TODAY.nmap done for network in $NETWORKS do diff -I "^#" $DIR/$network.$TODAY.nmap $DIR/$network.$YESTERDAY.nmap > $DIR/$network.$TODAY.diff done for network in $NETWORKS do SIZE=`find $DIR/$network.$TODAY.diff -size +0b` if [ "$SIZE" = "$DIR/$network.$TODAY.diff" ] then cat $DIR/$network.$TODAY.diff | mail -s "Change Detected for $network" user@host.com fi done
Related Posts
