Skip to content

Basic Configuration

Jump to bottom Edit New page
Tom Sellers edited this page Jun 21, 2016 · 2 revisions

One method of feeding data to Fathom is to populate a list with IP addresses and/or subnets, randomize them, and then run ./sweep-full.sh or ./mt-sweep-full.sh to scan every host in the list. ./sweep-full.sh scans the hosts one at a time while ./mt-sweep-full.sh uses xargs to scan multiple targets (mt-) at a time.

Here is the list generation process:

  1. A list of hosts and subnets is placed in ./lists/subnets.txt. If you are dealing with large numbers of hosts or subnets I strongly recommend using comments to keep notes on the entries. Comments prefixed by the # sign are permitted in this file. The comments can be on a line by themselves or after address entries. Here is an example of what comments may look like.

     # Listing of subnets
 192.168.1.0/24     # workstations 
 192.168.2.0/24     # servers
 192.168.10.0/24    # storage
 192.168.150.0/23   # remote office - Orlando
 192.168.160.0/23   # remote office - Los Angeles

  2. Edit ./lists/excludes-full.txt and ./lists/exclude-recon.txt and add any hosts or subnets that you want to PREVENT the scanning scripts from running Nmap against. I strongly recommend using comments to document what addresses are being excluded and why. Be warned that if you have data for a host in the ./logs directory it will be deleted if that host is later added to an exclusion list and one of the Fathom scan scripts is run against it. This is due to the script calling Nmap, which initializes the files and then skips the host as instructed by the inclusion list.

     192.168.2.15     # Server that loses it mind when scanned
 192.168.150.2    # net-orlando-rtr1 - state table just dies

  3. Next run ./util-genlist.sh to convert the subnets.txt file into two lists, ./lists/scanlist.txt and ./lists/scanlist-random.txt, that will be used by sweep-full.sh and sweep-recon.sh later.

The key user maintained files used in this process are:

  1. ./lists/subnets.txt - Master list of targets
  2. ./lists/excludes-full.txt - List of targets to NOT scan when running full scans which include version detection, scripts, etc.
  3. ./lists/exclude-recon.txt - List of targets to NOT scan when running a recon scan which just looks for open ports

The Fathom generated files containing targets are:

  1. ./lists/scanlist.txt - intermediate file with a non-randomized list of all IPs to be scanned.
  2. ./lists/scanlist-random.txt - final file containing a randomized list of all IP addresses that will be scanned.
Add a custom footer

Introduction

Installing Fathom

Installing Nmap

Basic Configuration

Usage and Examples

fathom.rb

cert-query.rb

Clone this wiki locally