NMAP test upgrade - service detection#935
Conversation
Codecov Report
@@ Coverage Diff @@
## master #935 +/- ##
==========================================
+ Coverage 82.56% 82.73% +0.17%
==========================================
Files 46 46
Lines 5862 5862
==========================================
+ Hits 4840 4850 +10
+ Misses 1022 1012 -10
Flags with carried forward coverage won't be shown. Click here to find out more.
Continue to review full report at Codecov.
|
|
@grafnu @pisuke do you have any comments or questions on this PR? Except for CI fixes which I'm working my way though (test_mud may cause me some issues with unexpected long scan duration but I'm diagnosing that one - I haven't encountered very long NMAP module durations, usually <10 mins on my devices and much shorter on faux devices, but what I propose to deal with long scans if it is an issue:
|
grafnu
left a comment
grafnu
left a comment
There was a problem hiding this comment.
We shouldn't worry about mud at all -- so if there's an easy way to remove/deprecate then that would be fine. The current mud stuff is all very very very very provisional and doesn't really do anything, I think.
docker/include/bin/start_faux
Outdated
| if [ -n "${options[telnet]}" ]; then | ||
| echo Enabling mock telnet server... | ||
| (while true; do echo Telnet `hostname`; nc -nvlt -p 23 -e `which hostname`; done) & | ||
| while true; do echo -e "Telnet $(hostname)" | nc -l -w 1 23; done)& |
There was a problem hiding this comment.
seems like this would be a syntax error? ... stray )?
docker/include/bin/start_faux
Outdated
| echo Running services on non standard ports and open default ports | ||
|
|
||
| echo Starting FTP 21514 and open default 20,21 | ||
| nc -nvlt -p 20& |
There was a problem hiding this comment.
space before & (everywhere)
docker/include/bin/start_faux
Outdated
| (while true; do echo -e "* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot (Ubuntu) ready.\r\n" \ | ||
| | nc -l -w 1 5361; done)& | ||
|
|
||
| #echo Starting TELNET and default port 23 |
There was a problem hiding this comment.
Removed and existing telnet faux option reinstated
bin/build_daq_container
Outdated
|
|
||
| echo Done with $image_name build. | ||
|
|
||
| docker build . -f subset/pentests/nmap/Dockerfile.test_nmap -t daqf/nmap No newline at end of file |
There was a problem hiding this comment.
This was an accidental file change - modification removed
| v.protocol == protocol and re.search(product, v.product)} | ||
|
|
||
|
|
||
| if __name__ == "__main__": |
There was a problem hiding this comment.
redundant in this file - removed
|
Comments addressed - CI tests should be functional |
testing/test_mud.sh
Outdated
| mkdir -p local/site | ||
| # set nmap module to legacy nmap port based scan | ||
| cat resources/setups/common/base_config.json \ | ||
| | jq '.modules .nmap .services_scan = false' \ |
There was a problem hiding this comment.
nit -- indent hanging lines 4 spaces
testing/test_mud.sh
Outdated
| cmd/run -s interfaces.faux.opts=telnet device_specs=resources/device_specs/simple.json | ||
| echo DAQ result code $? | tee -a $TEST_RESULTS | ||
| cat inst/result.log | tee -a $TEST_RESULTS | ||
| head -20 inst/run-*/nodes/*/activate.log |
There was a problem hiding this comment.
potentially extra debugging statements
2 participants
This PR is still WIP but close to completion - submitting PR for any comments. Outstanding is just implementing CI tests and
and documentation. I'm also invesitgating if the HTTP test can be merged into this the services detection to save running two 65k port NMAP scans.
This PR maintains the current NMAP functionality and extends it by also check for disallowed services on all ports (test document here). in summary:
The existing nmap scan has been retained for now (expected to be used within ATA) and is selected with a
"services_scan": false