Scribd Logo
Upload

Welcome to Scribd!

  • 23 views

    Nmap Ci Userguide

    Uploaded by

    Vignesh R

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Nmap Ci Userguide

    Uploaded by

    Vignesh R
    23 views7 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    23 views7 pages

    Nmap Ci Userguide

    Uploaded by

    Vignesh R

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 7

    IN T ER NA L

    NMAP CI User Guide


    User Guide

    PREPARED STATUS SECURITY LEVEL

    2021-12-16 Praveen Kumar K Approved Internal


    APPROVED DOCUMENT KIND

    2021-12-16 Nilesh Khandare User’s Guide


    OWNING ORGANIZATION DOCUMENT ID. REV. LANG. PAGE

    Device Security Assurance Center E en 1/7


    © Copyright 2020 ABB. All rights reserved.
    NMAP CI U SER G UI D E

    Contents
    1. Introduction ..................................................................................................................................................... 3

    2. Nmap CI System Requirements ..................................................................................................................... 3


    2.1. System Requirements .......................................................................................................................................... 3
    2.2. Updating the VM ................................................................................................................................................... 3
    2.3. VSTS Agent Setup ................................................................................................................................................. 3

    3. Pipeline Setup ................................................................................................................................................. 4


    3.1. Repo and the Branch for automation code .................................................................................................... 4
    3.2. command to run Nmap Automation ............................................................................................................... 4
    3.3.Pipeline Tasks ........................................................................................................................................................ 4

    4. Run and Scan Report....................................................................................................................................... 7

    STATUS SECURITY LEVEL DOCUMENT ID. REV. LANG. PAGE

    Approved Internal E en 2/7


    © Copyright 2020 ABB. All rights reserved.
    NMAP CI U SER G UI D E

    1. Introduction
    NMAP is an open-source Network Mapper tool that can be used for vulnerability scanning and network
    discovery. In this context, NMAP is used to identify open ports and services on the product under test.

    DSAC has come up with framework which is used in the integration of Nmap in the CI pipeline. The
    Framework is written with python.

    Expectation: The NMAP should be used to check whether the ports and services that are opened are by
    design. If not, the product unit is expected to correct the findings and re-run the test accordingly.

    2. Nmap CI System Requirements


    2.1. Minimum system Requirements
    To run the NMAP in the ci pipeline the following Virtual machine is required
    • OS - Ubuntu
    • vCPUs - 2
    • RAM - 8 GiB
    • Hard Disk – 20 GiB

    2.2. Updating the VM


    In the VM Run the following commands to update the VM and modules supporting the Framework
    • sudo apt update
    • sudo apt install python3-pip
    • pip3 install python-nmap

    Installing nmap:
    • wget https://nmap.org/dist/nmap-7.92.tar.bz2
    • bzip2 -cd nmap-7.92.tar.bz2 | tar xvf -
    • cd nmap-7.92
    • ./configure
    • make
    • sudo -su
    • make install

    2.3. VSTS Agent Setup


    Create an agent pool:
    https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/pools-queues?view=azure-
    devops&tabs=yaml%2Cbrowser

    Add the above Ubuntu VM to the agent pool:


    https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/v2-linux?view=azure-devops

    STATUS SECURITY LEVEL DOCUMENT ID. REV. LANG. PAGE

    Approved Internal E en 3/7


    © Copyright 2020 ABB. All rights reserved.
    NMAP CI U SER G UI D E

    3. Pipeline Setup
    3.1. Repo and the Branch for automation code
    Repo : https://dev.azure.com/ABB-BEA-DSAC/DSAC_Testing/_git/nmap_automation_cicd

    Branch : Develop

    “nmapTest.py” is the script needs to be run on the command line for triggering the scan, below section
    explains how to trigger the script in the pipeline

    Note: Please Raise for access in case if you are not able to reach to above repo

    3.2. Command to run Nmap automation

    command with Default options

    python nmapTest.py -ip "192.168.0.1"

    After run completed Scan log will be available inside the current script folder as “nmap_scan_log”

    The Following Parameters can be passed for Running the scan.

    • -ip: IP address of the product under test – (Mandatory Parameter )

    • -portrange: port range for which the scan has to be triggered. (Optional Parameter )

    • -logdir : Absolute path for the scan log to be saved. This will override the default scan log folder
    (Optional Parameter )

    So the final command to run with full option is


    python nmapTest.py -ip "192.168.0.1" -portrange “1-2000” -logdir "/home/predsac/scanfornmap/re-
    sults"

    3.3. Pipeline Tasks


    Step 1: Use the above created agent pool for the pipeline job
    Step 2 : checkout the develop branch from the repo
    https://dev.azure.com/ABB-BEA-DSAC/DSAC_Testing/_git/nmap_automation_cicd into the vm as fol-
    lows

    STATUS SECURITY LEVEL DOCUMENT ID. REV. LANG. PAGE

    Approved Internal E en 4/7


    © Copyright 2020 ABB. All rights reserved.
    NMAP CI U SER G UI D E

    Step 3: In the command line Script task add the following lines
    o changing the files to be executable
    o chmod -R 777 *
    o running the zap scan
    o python3 -u nmapTest.py -ip "13.79.192.161" -portrange "1-100"

    step 4: Publish Pipeline Artifact: “nmap_scan_log” is the result directory created after the scan is
    completed. Here we publish the folder as an artifact using “publish pipeline artifact” task.

    STATUS SECURITY LEVEL DOCUMENT ID. REV. LANG. PAGE

    Approved Internal E en 5/7


    © Copyright 2020 ABB. All rights reserved.
    NMAP CI U SER G UI D E

    4. Run and Scan Report


    After Running the pipeline, the log will be available as published in the Run summary as highlighted be-
    low

    STATUS SECURITY LEVEL DOCUMENT ID. REV. LANG. PAGE

    Approved Internal E en 6/7


    © Copyright 2020 ABB. All rights reserved.
    NMAP CI U SER G UI D E

    The Scan Report will be available inside the published artifact and appears as below

    “nmap_html_result.html” is the combined scan report for all the scans

    STATUS SECURITY LEVEL DOCUMENT ID. REV. LANG. PAGE

    Approved Internal E en 7/7


    © Copyright 2020 ABB. All rights reserved.

    You might also like