check_nmap

check_nmap.sh

This script runs a nmap scan and checks the discovered ports against a whitelist

Arguments

  • --host | -h: Host that shall be scanned by nmap
  • --portrange | -p: Ports that shall be scanned (nmap format)
  • --known | -k: A port number that is expected to be open
  • --input | -i: Use input file instead of a real nmap scan (for testing)
  • --debug | -d: More debugging output, cannot be used with icinga2
  • all arguments after -- are passed to nmap

Results

  • CRITICAL: if any expected port is open