Content-type: text/html
Man page of PBNJ.MAN.1
PBNJ.MAN.1
Section: User Contributed Perl Documentation (1)
Updated: 2005-12-01
Index
Return to Main Contents
NAME
PBNJ - a tool for running Nmap scans and diff'ing the results.
SYNOPSIS
pbnj [Input Type] [Scan & File Input Options] [General Options]
DESCRIPTION
pbnj parses output of nmap and amap into .csv comma separated format.
The output contains:
- ip address
- port
- service
- version of service
- banner of service
- operating system
- hostname
- date of scan
- timestamp of scan
The scan can be of a class network or specific ip address. Each
ip has it output in a separate file. If you scan a machine once,
the output goes to a file, if you run a second scan with
different services running then that diff is concatted onto the
end of the output file in a + or - diff format with the full
change. Each .csv file is the address of the machine with dots
replaced with dashes.
This tool can give an admin a clear the network layout with of
all the machines with all the services they are running.
OPTIONS
Usage: ./pbnj [Input Type] [Scan & File Input Options] [General Options]
Input Type:
-s --scan <ip-range> Get ip range ex: 10.0.0.100 or 10.0.0.0/24
A specified output file is required. By
default ports 1-1025 are used for the scan
[ Requires Unix, nmap and amap ]
--iplist-scan <file> Get list of ip's from file. One ip of each line
[ Requires Unix, nmap and amap ]
-o --output <file> Output scan to file [ REQUIRED FOR SCAN ]
-i --input <file> Takes input from nmap and amap scan file.
This option will parse the data into a csv
file, where the filename is the ip address
with dots replaced with dashes
Scan Options:
-r --range <range> Ports for scan ex: 1-9000 [default 1-1025]
--noparse Do not parse input from scan
-a --automate Automate Scan
This option will generate add a timestamp to
the end of the output file so pbnj will be
able to run without files being overwritten
or removed
-c --cleanup Remove nmap and amap scan file
NMAP:
--aggressive Aggressive Scan [ default ]
This scan is going to be more easily
detected but will give better information
--stealth Stealth Scan
This scan doesn't set off as many sensors
but takes longer than an aggressive scan
--nonmaplist Have nmap NOT generate a list of ips
from ping sweep [ slower scan ]
AMAP:
--ssl Have amap NOT send SSL triggers
--rpc Have amap NOT send RPC triggers
File Input Options:
-l --lookup <ip> Lookup info on specific ip address
--nodiff <banner> Do not use the banner when determining
the diff. Useful to get rid of
false positives
-q --quick Just handle open ports without a diff
Email Output:
--email-type <type> Email Type
[ diff ] woulld only be the diff of the scan
[ alldata ] contain the entire csv filename
[ both ] both types of email. 2 seperate emails
--email-to <addr> Email Address to send the output csv too
--email-from <addr> Email Address to send the output csv from
--email-subj <subj> Email Subject for sending csv output to email
General Options:
-d --dir <directory> Directory where the output files are
generated.
--plugin <html> Send output to additional formats [ html ]
--interactive Start in interactive mode
--quiet Start in quiet mode with no output to the
screen
--verbose Start in verbose mode. Use Verbose mode to
get more information of what files are
being outputted and various other useful
information
-v --version Display version
-h --help Display this information
Send Comments to Joshua Abraham ( jabra@ccs.neu.edu )
EXAMPLE SINGLE SCAN
1) Scan a class B network and takes the input from that scan
$ ./pbnj -s 10.0.0.0/8 -r 1-9000 -o file01
2) Scan an ip address scan and save to a file without parsing
$ ./pbnj -s 10.0.0.100 -r 1-9000 -o file02
3) Parse previous scan to find info on a specific ip address
$ ./pbnj -i file01 -l 10.0.0.100
4) Use the a Menu interface
$ ./pbnj --interactive
5) Input from a previous scan and email the output of a scan
$ ./pbnj -i tmp --email-to jabra --email-from me --email-type both
EXAMPLE AUTOMATED SCANS
Pbnj can be used as a single scan tool like nmap, but it can also be
set to fire off a scan on its own. This is a feature is what makes
pbnj diff from other scanning tools because it provides a diff of the
services running. One thing that should be done when automating the
scans is to make sure that every time you scan a machine that will
be parsed to the .csv file make sure to use the same ports as when
you automate the scan so the results will not vary.
The Following examples can be added to /etc/crontab
1) Scan a Class B network every 2 hours
30 */2 * * * root pbnj -s 10.0.0.0/24 -r 1-9000 -o automate01 -a
2) Scan a Class B network everyday at 2:30 and remove scan output files
30 2 * * * root pbnj -s 10.0.0.0/24 -r 1-9000 -o automate01 -a -c
THINGS TO NOTE
* If you do not pass specific range of port 1-1025 is used.
* use Debug mode to get more information of what files are being
outputted.
SEE ALSO
nmap(1), amap(1).
AUTHORS
Joshua D. Abraham <jabra at ccs.neu.edu>
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- OPTIONS
-
- EXAMPLE SINGLE SCAN
-
- EXAMPLE AUTOMATED SCANS
-
- THINGS TO NOTE
-
- SEE ALSO
-
- AUTHORS
-
This document was created by
man2html,
using the manual pages.
Time: 19:54:07 GMT, December 01, 2005