Nmap output to XML and SQL

Archive for November, 2008

Nmap output to XML and SQL

Posted by

The Nmap port scanner has a handful of output options. It has its own proprietary format (-oN). If you want to play with the data, you can use XML output (-oX) or grep text files (-oG). The -oA will export in all three formats.

Why export to XML or grepable text? Typically, because you want to audit several IP hosts and store the results in a database.

A quicker method is to use the Nmap::Parser module with a Perl script. This method comes courtesy of Anthony Persaud. His Nmap-Parser automates reading the XML output and writing to SQL tables. MySQL and SQLite are both supported. Nmap-Parser is now up to version 1.19.

Use case: nightly IP scans of a subnet along with TCP scans of select hosts, as part of a security information management process.

More on VDI

Posted by

VDI is great in theory but doesn’t price out right. Say we convert 25 desktops to VDI. That means we need 25 processors and 100 GB of memory (assuming each desktop has 4 GB). That figures out to be six servers, quadcore, with 18 GB of memory (assuming 1 GB for the OS). The servers would cost around $7K, so figure $42K plus licensing. Say $54K. That means I end up spending $2,160 per desktop (excluding the thin client) to have hardware that I could by at Dell for $1K.

But wait, I think, there are storage savings. Figure 100 GB per machine. A desktop hard drive runs about $50, or $2/GB. A server hard drive on the San runs $1,500 or $15/GB. The best case scenario would have  the provisioning gold-copy/stub model sharing one image across 25 machines. Desktop cost: $1,000. VDI cost: $1,500. Nope, storage is more expensive even assuming a best case.

The bottom line is I want to take a long, hard look at Citrix’s ROI calculator. It does not make sense in terms of hardware. TCO is where the case will be made. Knowing our desktop demands would help us to know if we need 6 servers or could get away with fewer. I can enable perf counters and do a study on the desktops to determine typical utilization. It could be done¬†with WMI, scripting, and a little elbow grease.

XenDesktop and Virtual Desktop Infrastructure

Posted by

Citrix was in to present and discuss the technical merits of XenDesktop. I am considering VDI, which requires XenDesktop Enterprise and their provisioning server. Citrix’s technology sounds impressive. Still, the question looming large in my mind is what XenDesktop + Provisioning brings to the table that Hyper-V + SCCM lacks. It is impressive yet the proof is in the pudding. I may do a pilot Q1 or Q2 2009.

Tip: Cygwin for RAR Archives

Posted by

WinRAR archiver uses RAR files as its native format. Other freeware and nagware archiving tools support RAR, too. The archiving format is becoming increasingly popular. Like the Gzip format, I personally would prefer not having to install yet another software component that wants to be my primary archiving tool. Below are some notes on how I configured Cygwin for cli access to working with RAR files. Please note these steps assume you have already installed Cygwin with gcc, make, and makedepend.

Download the source files for RAR 3.80 to your source folder (/usr/src or C:\cygwin\usr\src). Extract the source files, and remove the download.

$ cd /usr/src
$ gzip -d rarlinux-3.8.0.tar.gz
$ tar -xvf rarlinux-3.8.0.tar
$ rm rarlinux-3.8.0.tar

Compile the RAR source files using make. Once done. move the unrar.exe file to your binaries folder (/bin or C:\cygwin\bin).

$ cd /usr/src/rar
$ make -f makefile.cygmin
$ mv unrar.exe /bin/

That is it. From there on out, you can use the unrar command to extract any archives.

$ unrar e YourArchiveHere.rar

Enjoy,

Wolfgang
Edit 2012-03/11: The makefile for Cygwin is no longer included. Please download the UnRAR source for 4.1.4 and follow these steps.

$ cd /usr/src/
$ gzip -d unrarsrc-4.1.4.tar.gz
$ tar -xvf unrarsrc-4.1.4.tar
$ cd unrar
$ make -f makefile.unix
$ mv unrar.exe /bin
$ unrar e YourArchiveHere.rar