Last blog looked at the DB Schema to be used to store the data from NMAP Scans and mentioned the next step is to look at Parsing the NMAP XML output into something that can be stored in MySQL.
Building the code to do this operation from scratch seemed like too much work so I borrow some c
ode I found posted by Yunshu on google code.
He has written his on Class and broken the various facets of the file into modules that he imports into his main Parser class. As Nmap already had a 'Parser' module I changed the naming convention to 'NmapParse' in all of the files. The code also uses the xml.dom.minidom module to assist in the reading of the file format.
So now the Nmap scan can:
- Detect it's hosts IP
- Run a scan based on this to enumerate other hosts on the network
- Publish the results into an XML file
- Read the XML file into a series of local variables
The next steps are to push the local variables into the MySQL DB schema that has been created. Once in the MySQL tables the data can be transformed into useful information such as.
- Show when a host joined and left the network.
- Show when a certain port became available.
- Show when a HOSTs configuration changes.
The next blog will look at how to push the data to the tables and setup the SQL queries and produce reports on the data.
No comments:
Post a Comment