BFW Firewall & Router

[kainlite]

Author: kainlite
URL: http://www.brazilfw.com.br/downloads/addons/bfw2.x/others/nmap/nmap.tgz
URL - Libs:
http://www.brazilfw.com.br/downloads/addons/bfw2.x/libraries/bender/libgcc_s.tgz
http://www.brazilfw.com.br/downloads/addons/bfw2.x/libraries/bender/libstdc.tgz
http://www.brazilfw.com.br/downloads/addons/bfw2.x/libraries/libcrypto.tgz
http://www.brazilfw.com.br/downloads/addons/bfw2.x/libraries/libssl.tgz
Add-on State: Stable
Add-on Version: 1.0
Original Project Version: 4.20
Original Project URL: http://insecure.org/
System Version Required: 2.29b5
Other Packages Required: nmap-lib.tgz
Other Packages Conflict: None

Description:

What is Nmap?

Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and both console and graphical versions are available.

Instalation Instructions:
Standard Instalation

Utilization Instructions:

Explore the WebAdmin :P

For the Option 5 : here u have the help file to "make" the command u want...

Nmap 4.20 ( http://insecure.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL <inputfilename>: Input from list of hosts/networks
-iR <num>: Choose random targets
--exclude <host1>: Exclude hosts/networks
--excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sP: Ping Scan - go no further than determining if host is online
-P0: Treat all hosts as online -- skip host discovery
-PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers <serv1>: Specify custom DNS servers
--system-dns: Use OS's DNS resolver
SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags <flags>: Customize TCP scan flags
-sI <zombie>: Idlescan
-sO: IP protocol scan
-b <ftp>: FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:
-p <port>: Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
-F: Fast - Scan only the ports listed in the nmap-services file)
-r: Scan ports consecutively - don't randomize
SERVICE/VERSION DETECTION:
-sV: Probe open ports to determine service/version info
--version-intensity <level>: Set from 0 (light) to 9 (try all probes)
--version-light: Limit to most likely probes (intensity 2)
--version-all: Try every single probe (intensity 9)
--version-trace: Show detailed version scan activity (for debugging)
OS DETECTION:
-O: Enable OS detection (try 2nd generation w/fallback to 1st)
-O2: Only use the new OS detection system (no fallback)
-O1: Only use the old (1st generation) OS detection system
--osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
Options which take <time> are in milliseconds, unless you append 's'
(seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T[0-5]: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
--min-parallelism/max-parallelism <time>: Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
probe round trip time.
--max-retries <tries>: Caps number of port scan probe retransmissions.
--host-timeout <time>: Give up on target after this long
--scan-delay/--max-scan-delay <time>: Adjust delay between probes
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu <val>: fragment packets (optionally w/given MTU)
-D <decoy1>: Cloak a scan with decoys
-S <IP_Address>: Spoof source address
-e <iface>: Use specified interface
-g/--source-port <portnum>: Use given port number
--data-length <num>: Append random data to sent packets
--ip-options <options>: Send packets with specified ip options
--ttl <val>: Set IP time-to-live field
--spoof-mac <mac>: Spoof your MAC address
--badsum: Send packets with a bogus TCP/UDP checksum
OUTPUT:
-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
and Grepable format, respectively, to the given filename.
-oA <basename>: Output in the three major formats at once
-v: Increase verbosity level (use twice for more effect)
-d[level]: Set or increase debugging level (Up to 9 is meaningful)
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--log-errors: Log errors/warnings to the normal-format output file
--append-output: Append to rather than clobber specified output files
--resume <filename>: Resume an aborted scan
--stylesheet <path>: XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Insecure.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
-6: Enable IPv6 scanning
-A: Enables OS detection and Version detection
--datadir <dirname>: Specify custom Nmap data file location
--send-eth/--send-ip: Send using raw ethernet frames or IP packets
--privileged: Assume that the user is fully privileged
--unprivileged: Assume the user lacks raw socket privileges
-V: Print version number
-h: Print this help summary page.
EXAMPLES:
nmap -v -A scanme.nmap.org
nmap -v -sP 192.168.0.0/16 10.0.0.0/8
nmap -v -iR 10000 -P0 -p 80
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES


sorry about my inglish ^^ :P

regards

Agradecimientos : knifesk (un amigo de aca q me dio una re mano con el webadmin :P),

[kainlite]

Examples :

Option 1 : http://www.google.com.ar or 63.12.152.15

Option 2 : like option 1

Option 3 : Net Address 192.168.1.0/24 <- with netmask

Option 4 : Net Address like option 3

Option 5 : Whatever u want.. read the help file and make ur command
              nmap is alwayls executed you have to complete the syntaxis

[luapufo]

este addon ja esta pronto, se sim posso mover eles para Add-Ons Index?

[kainlite]

si si.. esta = q el iperf hecho lo mas oficial posible.. sos libre de moverlo al addon index ^^

saludos

[Bender]

kainlite, estava testando alguns de seus addon e percebi que as bibliotecas (libs) estão em pacotes.

Por exemplo:
nmap-lib.tgz tem a libcrypto e libssl, a iperf-lib.tgz tem libgcc, libthread e libstdc.

Seria bom ter os pacotes individuais de cada uma das bibliotecas (ex. libgcc.tgz, libstdc.tgz...), uma vez que outros addons usam as mesmas libs.

[gamba47]

kainlite, estava testando alguns de seus addon e percebi que as bibliotecas (libs) estão em pacotes.

Por exemplo:
nmap-lib.tgz tem a libcrypto e libssl, a iperf-lib.tgz tem libgcc, libthread e libstdc.

Seria bom ter os pacotes individuais de cada uma das bibliotecas (ex. libgcc.tgz, libstdc.tgz...), uma vez que outros addons usam as mesmas libs.

Bender tiene razón Kainlite, es necesario separar las librerias ya que las mismas se pueden pisar entre sí.


gamba47

[kainlite]

oka.. mañana las separo y aviso de la actualizacion... yo las puse todas juntas por q probe poniendo otros addons q usan esas libs.. y no habia drama.. seguia funcionando todo bien.. pero weno :P mañana lo veo :P saludos

[cemaraya]

kainlite, no aparece esta librería, pese a que instale las que pusiste en el link

brazilfw# nmap
nmap: can't load library 'libstdc++.so.5'


Saludos

[gamba47]

kainlite, no aparece esta librería, pese a que instale las que pusiste en el link

brazilfw# nmap
nmap: can't load library 'libstdc++.so.5'


Saludos

Le falta un enlace simbolico:

Código: Selecionar todos

# ln -s /lib/libstdc++.so.5.0.5 /lib/libstdc++.-so.5

No se como se arregla para que quede funcionando OK, supongo que agregando ese archivo al .list del las librerias deberia guardarlo.

gamba47

[kainlite]

despues lo reviso y posteo el fix.. saludos