tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2014-08-07 Ramon Novoa <rnovoa@artica.es> 

* conf/pandora_server.conf.new,
	  lib/PandoraFMS/Config.pm,
	  lib/PandoraFMS/ReconServer.pm,
	  util/recon_scripts/snmp-recon.pl,
	  util/recon_scripts/wmi-recon.pl: Added a new parameter to control how
	  aggressive nmap should be.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@10391 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
Ramon Novoa 2014-08-07 10:43:25 +00:00
parent 4f5e94b450
commit b7183f4daf
6 changed files with 38 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_server/ChangeLog
View File

@ -1,3 +1,12 @@
2014-08-07 Ramon Novoa <rnovoa@artica.es>
* conf/pandora_server.conf.new,
lib/PandoraFMS/Config.pm,
lib/PandoraFMS/ReconServer.pm,
util/recon_scripts/snmp-recon.pl,
util/recon_scripts/wmi-recon.pl: Added a new parameter to control how
aggressive nmap should be.
2014-08-06 Sancho Lerena <slerena@artica.es> 2014-08-06 Sancho Lerena <slerena@artica.es>
* NetBSD/pandora_server.conf, * NetBSD/pandora_server.conf,

3
pandora_server/conf/pandora_server.conf.new
View File

@ -244,6 +244,9 @@ xprobe2 /usr/bin/xprobe2
nmap /usr/bin/nmap nmap /usr/bin/nmap
# A value that specifies how aggressive nmap should be from 1 to 5. 1 means slower but more reliable, 5 means faster but less reliable. 2 by default.
nmap_timing_template 2
# snmpget: Needed to do SNMP checks. By default is on /usr/bin/snmpget # snmpget: Needed to do SNMP checks. By default is on /usr/bin/snmpget
snmpget /usr/bin/snmpget snmpget /usr/bin/snmpget

4
pandora_server/lib/PandoraFMS/Config.pm
View File

@ -264,6 +264,7 @@ sub pandora_load_config {
# nmap for recon OS fingerprinting and tcpscan (optional) # nmap for recon OS fingerprinting and tcpscan (optional)
$pa_config->{"nmap"} = "/usr/bin/nmap"; $pa_config->{"nmap"} = "/usr/bin/nmap";
$pa_config->{"nmap_timing_template"} = 2; # > 5.1
# braa for enterprise snmp server # braa for enterprise snmp server
$pa_config->{"braa"} = "/usr/bin/braa"; $pa_config->{"braa"} = "/usr/bin/braa";
@ -607,6 +608,9 @@ sub pandora_load_config {
elsif ($parametro =~ m/^nmap\s(.*)/i) { elsif ($parametro =~ m/^nmap\s(.*)/i) {
$pa_config->{'nmap'}= clean_blank($1); $pa_config->{'nmap'}= clean_blank($1);
} }
elsif ($parametro =~ m/^nmap_timing_template\s([0-9]*)/i) {
$pa_config->{'nmap_timing_template'}= clean_blank($1);
}
elsif ($parametro =~ m/^braa\s(.*)/i) { elsif ($parametro =~ m/^braa\s(.*)/i) {
$pa_config->{'braa'}= clean_blank($1); $pa_config->{'braa'}= clean_blank($1);
} }

8
pandora_server/lib/PandoraFMS/ReconServer.pm
View File

@ -141,9 +141,11 @@ sub data_consumer ($$) {
} }
# Call nmap # Call nmap
my $timeout = $pa_config->{'networktimeout'}*1000;
my $nmap_args = '-nsP -PE --max-retries '.$pa_config->{'icmp_checks'}.' --host-timeout '.$timeout.' -T'.$pa_config->{'nmap_timing_template'};
my $np = new PandoraFMS::NmapParser; my $np = new PandoraFMS::NmapParser;
eval { eval {
$np->parsescan($pa_config->{'nmap'},'-nsP', ($task->{'subnet'})); $np->parsescan($pa_config->{'nmap'}, $nmap_args, ($task->{'subnet'}));
}; };
if ($@) { if ($@) {
update_recon_task ($dbh, $task_id, -1); update_recon_task ($dbh, $task_id, -1);
@ -325,9 +327,11 @@ sub get_host_parent {
my ($pa_config, $host, $dbh, $group, $max_depth, $resolve, $os_detect) = @_; my ($pa_config, $host, $dbh, $group, $max_depth, $resolve, $os_detect) = @_;
# Call nmap # Call nmap
my $timeout = $pa_config->{'networktimeout'}*1000;
my $nmap_args = '-nsP -PE --traceroute --max-retries '.$pa_config->{'icmp_checks'}.' --host-timeout '.$timeout.' -T'.$pa_config->{'nmap_timing_template'};
my $np = new PandoraFMS::NmapParser; my $np = new PandoraFMS::NmapParser;
eval { eval {
$np->parsescan($pa_config->{'nmap'},'-nsP --traceroute', ($host)); $np->parsescan($pa_config->{'nmap'}, $nmap_args, ($host));
}; };
if ($@) { if ($@) {
return 0; return 0;

17
pandora_server/util/recon_scripts/snmp-recon.pl
View File

@ -35,8 +35,8 @@ if ($OSNAME eq "freebsd") {
%CONF = ( %CONF = (
'nmap' => '/usr/local/bin/nmap', 'nmap' => '/usr/local/bin/nmap',
'pandora_path' => '/usr/local/etc/pandora/pandora_server.conf', 'pandora_path' => '/usr/local/etc/pandora/pandora_server.conf',
'ping_retries' => 1, 'icmp_checks' => 1,
'ping_timeout' => 2, 'networktimeout' => 2,
'PID' => '', 'PID' => '',
'quiet' => 1, 'quiet' => 1,
); );
@ -44,8 +44,8 @@ if ($OSNAME eq "freebsd") {
%CONF = ( %CONF = (
'nmap' => '/usr/bin/nmap', 'nmap' => '/usr/bin/nmap',
'pandora_path' => '/etc/pandora/pandora_server.conf', 'pandora_path' => '/etc/pandora/pandora_server.conf',
'ping_retries' => 1, 'icmp_checks' => 1,
'ping_timeout' => 2, 'networktimeout' => 2,
'PID' => '', 'PID' => '',
'quiet' => 1, 'quiet' => 1,
); );
@ -861,9 +861,11 @@ sub traceroute_connectivity($) {
return unless defined($agent); return unless defined($agent);
# Perform a traceroute. # Perform a traceroute.
my $timeout = $CONF{'networktimeout'}*1000;
my $nmap_args = '-nsP -PE --traceroute --max-retries '.$CONF{'icmp_checks'}.' --host-timeout '.$timeout.' -T'.$CONF{'nmap_timing_template'};
my $np = new PandoraFMS::NmapParser; my $np = new PandoraFMS::NmapParser;
eval { eval {
$np->parsescan($CONF{'nmap'}, '-nsP --traceroute', ($host)); $np->parsescan($CONF{'nmap'}, $nmap_args, ($host));
}; };
return if ($@); return if ($@);
@ -930,10 +932,11 @@ update_recon_task($DBH, $TASK_ID, 1);
# Populate ARP caches. # Populate ARP caches.
message("Populating ARP caches..."); message("Populating ARP caches...");
my $timeout = $CONF{'ping_timeout'} * 1000; # Convert the timeout from s to ms. my $timeout = $CONF{'networktimeout'} * 1000; # Convert the timeout from s to ms.
my $nmap_args = '-nsP --send-ip --max-retries '.$CONF{'icmp_checks'}.' --host-timeout '.$timeout.' -T'.$CONF{'nmap_timing_template'};
my $np = new PandoraFMS::NmapParser; my $np = new PandoraFMS::NmapParser;
if ($#SUBNETS >= 0) { if ($#SUBNETS >= 0) {
$np->parsescan($CONF{'nmap'}, '-nsP --send-ip --max-retries ' . $CONF{'ping_retries'} . ' --host-timeout ' . $timeout, @SUBNETS); $np->parsescan($CONF{'nmap'}, $nmap_args, @SUBNETS);
} }
# Find routers. # Find routers.

12
pandora_server/util/recon_scripts/wmi-recon.pl
View File

@ -27,8 +27,8 @@ if ($OSNAME eq "freebsd") {
'daemon' => 0, 'daemon' => 0,
'PID' => '', 'PID' => '',
'pandora_path' => '/usr/local/etc/pandora/pandora_server.conf', 'pandora_path' => '/usr/local/etc/pandora/pandora_server.conf',
'ping_timeout' => 2, 'networktimeout' => 2,
'ping_retries' => 1, 'icmp_checks' => 1,
'wmi_client' => '/usr/local/bin/wmic'); 'wmi_client' => '/usr/local/bin/wmic');
} else { } else {
%CONF = ('quiet' => 0, %CONF = ('quiet' => 0,
@ -36,8 +36,8 @@ if ($OSNAME eq "freebsd") {
'daemon' => 0, 'daemon' => 0,
'PID' => '', 'PID' => '',
'pandora_path' => '/etc/pandora/pandora_server.conf', 'pandora_path' => '/etc/pandora/pandora_server.conf',
'ping_timeout' => 2, 'networktimeout' => 2,
'ping_retries' => 1, 'icmp_checks' => 1,
'wmi_client' => '/usr/bin/wmic'); 'wmi_client' => '/usr/bin/wmic');
} }
@ -106,10 +106,10 @@ sub recon_scan($$) {
my ($task, $function) = @_; my ($task, $function) = @_;
# Timeout in ms. # Timeout in ms.
my $timeout = $CONF{'ping_timeout'} * 1000; my $timeout = $CONF{'networktimeout'} * 1000;
# Added -PE to make nmap behave like ping and avoid confusion if ICMP traffic is blocked. # Added -PE to make nmap behave like ping and avoid confusion if ICMP traffic is blocked.
my $nmap_args = '-nsP -PE --max-retries ' . $CONF{'ping_retries'} . ' --host-timeout ' . $timeout; my $nmap_args = '-nsP -PE --max-retries ' . $CONF{'icmp_checks'} . ' --host-timeout '.$timeout.' -T'.$CONF{'nmap_timing_template'};
# Scan the network. # Scan the network.
my $np = new PandoraFMS::NmapParser; my $np = new PandoraFMS::NmapParser;