[rešeno] pbnj skeniranje omrežja

Ker bi rad periodično skeniral lokalno omrežje, da vidim kaj se dogaja, oziroma predvsem katere mašine so notri vključene in kdaj, sem prišel na idejo, da namestim pbnj - http://pbnj.sourceforge.net

Torej, rečem:
sudo apt-get install nmap
sudo apt-get install pbnj
sudo cpan Shell
sudo apt-get install libdbd-pg-perl

Nato pa še:
sudo cpan
Ter znotraj tega namestim:

install CPAN
install Bundle::CPAN
install YAML
install DBI
install DBD::SQLite
install XML::Twig
install Nmap::Parser
install File::Which
install Text::CSV_XS
install File::HomeDir

exit

Potem vržem gor še moj omiljeni PSQL:

sudo apt-get install postgresql

...in naredim bazo ter uporabnika:

sudo su
su - postgres
psql

UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';
DROP DATABASE template1;
CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE';
UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';
CREATE ROLE pi WITH LOGIN;
CREATE DATABASE network WITH OWNER pi;
CREATE USER pbnj WITH PASSWORD 'geslo';
ALTER USER pbnj VALID UNTIL 'infinity';
GRANT ALL PRIVILEGES ON DATABASE network to pbnj;

Uredim config:
sudo nano /usr/share/doc/pbnj/examples/pg.yaml

# YAML:1.0
# Config for connecting to a DBI database
# SQLite, mysql etc
db: Pg
# for SQLite the name of the file. For mysql the name of the database
database: network
# Username for the database. For SQLite no username is needed.
user: pbnj
# Password for the database. For SQLite no password is needed.
passwd: "geslo"
# Password for the database. For SQLite no host is needed.
host: localhost
# Port for the database. For SQLite no port is needed.
port: 5432
Config skopiram na privzeto mesto od pbnj:
cp /usr/share/doc/pbnj/examples/pg.yaml .pbnj-2.0/config.yaml

And now... let's run a scan:
sudo scanpbnj -a "-sS"  localhost
No, tu pa nastopi problem. Zgodi se tole:


--------------------------------------
Starting Scan of 127.0.0.1
Inserting Machine

Inserting Service on 22:tcp ssh
Inserting Service on 80:tcp http
Inserting Service on 3306:tcp mysql
Inserting Service on 5432:tcp postgresql
Scan Complete for 127.0.0.1
--------------------------------------
V PSQL bazi ni ničesar! Mi pa zadeva naredi lokalno datoteko data.dbl, ki je v SQLite formatu.

No, če se vrnem k osnovnemu problemu - kar bi rad je to, da periodično skeniram lokalno omrežje in si v bazo beležim kateri računalniki so prisotni. Idealno bi bilo, da bi v bazi imel MAC naslov omrežne kartice, IP naslov ter timestamp. S tem bi videl ali se IP naslovi računalnikov spreminjajo ter kdaj so bili računalniki prižgani. Načeloma mi to zadostuje, odprtih portov ne rabim.

A kdo ve kakšno povsem preprosto rešitev za to?

Komentarji

Za komentiranje se prijavite ali pa se vpišite.