check_nmap

                                

        
        

            
            

                

    

    
check_nmap.sh


This script runs a nmap scan and checks the discovered ports against a whitelist


Arguments


    

  • --host  | -h: Host that shall be scanned by nmap
    • 

  • --portrange | -p: Ports that shall be scanned (nmap format)
    • 

  • --known | -k: A port number that is expected to be open
    • 

  • --input | -i: Use input file instead of a real nmap scan (for testing)
    • 

  • --debug | -d: More debugging output, cannot be used with icinga2
    • 

  • all arguments after -- are passed to nmap
    • 



Results


    

  • CRITICAL: if any expected port is open
    •