From 2ede5a472390a8240440d157ba32caafbea83c77 Mon Sep 17 00:00:00 2001 From: Tom Ryder Date: Tue, 10 Jul 2018 15:27:27 +1200 Subject: Remove imposed structure It's only two files; let's not overdo it. --- bin/nwatch | 76 ------------------------------------------------- nwatch | 76 +++++++++++++++++++++++++++++++++++++++++++++++++ nwatch.1 | 37 ++++++++++++++++++++++++ share/man/man1/nwatch.1 | 37 ------------------------ 4 files changed, 113 insertions(+), 113 deletions(-) delete mode 100755 bin/nwatch create mode 100755 nwatch create mode 100644 nwatch.1 delete mode 100644 share/man/man1/nwatch.1 diff --git a/bin/nwatch b/bin/nwatch deleted file mode 100755 index eb28a52..0000000 --- a/bin/nwatch +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/env bash - -# -# nwatch(1) -- Slightly friendlier version of the suggested script in the -# manual page for ndiff(1) from the Nmap suite, implemented in Bash. -# -# Usage: -# $ nwatch HOSTLIST CACHEDIR -# Example with root privileges: -# # nwatch /etc/nwatch.mynet /var/cache/nwatch/mynet -# -# Prints the results of an ndiff(1) call against the last known scan to stdout; -# intended to be called from cron(8): -# 0 0 * * 0 nwatch /etc/nwatch.mynet /var/cache/nwatch/mynet -# -# I recommend you use Mail::Run::Crypt, so you don't leak your network -# information in plain text in your email: -# -# -# Please also consider whether your scan actually requires root privileges, and -# could not instead be run by a dedicated user with appropriately limited -# privileges. -# -# Author: Tom Ryder -# Copyright: 2014 -# License: GPLv2 (same as Nmap itself) -# - -# Defensive umask by default; change at your own risk! -umask 0077 - -# Some fixed values -self=nwatch -hostlist=${1:?} -cachedir=${2:?} -latest=$cachedir/${self}.scan.latest - -# If the cachedir doesn't exist, attempt to create it, otherwise give up -if [[ ! -d "$cachedir" ]] ; then - if ! mkdir -- "$cachedir" ; then - exit 1 - fi -fi - -# Today's values -date=$(date +%s) -cache=$cachedir/${self}.scan.${date} -diff=$cachedir/${self}.diff.${date} - -# Run the scan or give up -if ! nmap -v -T4 -sV --open -iL "$hostlist" -oA "$cache" >/dev/null ; then - exit 1 -fi - -# If the link to the XML file is legible, run the diff or give up -if [[ -r ${latest}.xml ]] ; then - ndiff -- "$latest".xml "$cache".xml > "$diff" - - # Because we always want a report, only exit if an actual error condition - # (1 means there's a meaningful diff in the scans) - if (($? == 2)) ; then - exit 1 - fi -fi - -# Create or update the links -rm -f "${cache/$date/latest}".* -for cachetype in "$cache".* ; do - ln -s -- "$cachetype" "${cachetype/$date/latest}" -done - -# Write diff to stdout if it exists (not an error if it doesn't) -if [[ -r $diff ]] ; then - cat -- "$diff" -fi - diff --git a/nwatch b/nwatch new file mode 100755 index 0000000..eb28a52 --- /dev/null +++ b/nwatch @@ -0,0 +1,76 @@ +#!/usr/bin/env bash + +# +# nwatch(1) -- Slightly friendlier version of the suggested script in the +# manual page for ndiff(1) from the Nmap suite, implemented in Bash. +# +# Usage: +# $ nwatch HOSTLIST CACHEDIR +# Example with root privileges: +# # nwatch /etc/nwatch.mynet /var/cache/nwatch/mynet +# +# Prints the results of an ndiff(1) call against the last known scan to stdout; +# intended to be called from cron(8): +# 0 0 * * 0 nwatch /etc/nwatch.mynet /var/cache/nwatch/mynet +# +# I recommend you use Mail::Run::Crypt, so you don't leak your network +# information in plain text in your email: +# +# +# Please also consider whether your scan actually requires root privileges, and +# could not instead be run by a dedicated user with appropriately limited +# privileges. +# +# Author: Tom Ryder +# Copyright: 2014 +# License: GPLv2 (same as Nmap itself) +# + +# Defensive umask by default; change at your own risk! +umask 0077 + +# Some fixed values +self=nwatch +hostlist=${1:?} +cachedir=${2:?} +latest=$cachedir/${self}.scan.latest + +# If the cachedir doesn't exist, attempt to create it, otherwise give up +if [[ ! -d "$cachedir" ]] ; then + if ! mkdir -- "$cachedir" ; then + exit 1 + fi +fi + +# Today's values +date=$(date +%s) +cache=$cachedir/${self}.scan.${date} +diff=$cachedir/${self}.diff.${date} + +# Run the scan or give up +if ! nmap -v -T4 -sV --open -iL "$hostlist" -oA "$cache" >/dev/null ; then + exit 1 +fi + +# If the link to the XML file is legible, run the diff or give up +if [[ -r ${latest}.xml ]] ; then + ndiff -- "$latest".xml "$cache".xml > "$diff" + + # Because we always want a report, only exit if an actual error condition + # (1 means there's a meaningful diff in the scans) + if (($? == 2)) ; then + exit 1 + fi +fi + +# Create or update the links +rm -f "${cache/$date/latest}".* +for cachetype in "$cache".* ; do + ln -s -- "$cachetype" "${cachetype/$date/latest}" +done + +# Write diff to stdout if it exists (not an error if it doesn't) +if [[ -r $diff ]] ; then + cat -- "$diff" +fi + diff --git a/nwatch.1 b/nwatch.1 new file mode 100644 index 0000000..109d891 --- /dev/null +++ b/nwatch.1 @@ -0,0 +1,37 @@ +.TH NWATCH 1 "May 2014" "Manual page for nwatch" +.SH NAME +.B nwatch +\- slightly nicer Nmap ndiff(1) wrapper +.SH USAGE +.B nwatch +.I HOSTLIST +.I CACHEDIR +.SH SYNOPSIS +.B nwatch +/etc/nwatch.mynet +/var/cache/nwatch/mynet +.SH DESCRIPTION +.B nwatch +reads a list of hosts from +.I HOSTLIST +and runs an nmap(1) command suitable for running through ndiff(1) against those +hosts. It caches the scan output in plain text, greppable, and XML formats in +.I CACHEDIR +and then runs ndiff(1) between the last scan it can find and the current scan, +storing the output in CACHEDIR and printing it to stdout. This makes it useful +for running from cron(8): +.PP + 0 0 * * 0 nwatch /etc/nwatch.mynet /var/cache/nwatch/mynet +.PP +I recommend you use Mail::Run::Crypt, so you don't leak your network +information in plain text in your email: +https://metacpan.org/pod/Mail::Run::Crypt +.PP +Please also consider whether your scan actually requires root privileges, and +could not instead be run by a dedicated user with appropriately limited +privileges. +.SH SEE ALSO +nmap(1), ndiff(1), runcrypt(1), Mail::Run::Crypt(3) +.SH AUTHOR +Tom Ryder + diff --git a/share/man/man1/nwatch.1 b/share/man/man1/nwatch.1 deleted file mode 100644 index 109d891..0000000 --- a/share/man/man1/nwatch.1 +++ /dev/null @@ -1,37 +0,0 @@ -.TH NWATCH 1 "May 2014" "Manual page for nwatch" -.SH NAME -.B nwatch -\- slightly nicer Nmap ndiff(1) wrapper -.SH USAGE -.B nwatch -.I HOSTLIST -.I CACHEDIR -.SH SYNOPSIS -.B nwatch -/etc/nwatch.mynet -/var/cache/nwatch/mynet -.SH DESCRIPTION -.B nwatch -reads a list of hosts from -.I HOSTLIST -and runs an nmap(1) command suitable for running through ndiff(1) against those -hosts. It caches the scan output in plain text, greppable, and XML formats in -.I CACHEDIR -and then runs ndiff(1) between the last scan it can find and the current scan, -storing the output in CACHEDIR and printing it to stdout. This makes it useful -for running from cron(8): -.PP - 0 0 * * 0 nwatch /etc/nwatch.mynet /var/cache/nwatch/mynet -.PP -I recommend you use Mail::Run::Crypt, so you don't leak your network -information in plain text in your email: -https://metacpan.org/pod/Mail::Run::Crypt -.PP -Please also consider whether your scan actually requires root privileges, and -could not instead be run by a dedicated user with appropriately limited -privileges. -.SH SEE ALSO -nmap(1), ndiff(1), runcrypt(1), Mail::Run::Crypt(3) -.SH AUTHOR -Tom Ryder - -- cgit v1.2.3