Localscan 2.1e review
DownloadLocalscan is to make the lives of administrators easier
|
|
Localscan is to make the lives of administrators easier. At it's heart, localscan is simply a list of "ignore this host/port combo" rules designed to reduce the amount of useless information returned by nmap scans of a given subnet.
I administer a largish lab at a largish higher educational institution (which shall remain unnamed!), and about three months ago I found it necessary to start running a portscanner against my subnet every so often.
Now, while it was relatively easy to cobble something together that would do this and mail the results of the scan to me, I found that my inbox was being filled with inanity. Lots of valid services were present, and the few invalid services were hard to pick out. So I put together a quick-and-dirty filter and released it internally as local_scan 1.0a. Not surprisingly, no one used it. This was partially because I was (am!) still learning Perl.
After the initial disappointment, I sat down and started rewriting, with the end result being what you just downloaded. :) Localscan 2.0 is much easier for the non-Perl person (yes, there are a few of them out there) to use. All the "interesting" user-configurable parameters are now contained in a plaintext external datafile called localscan.conf.
Localscan 2.1e keywords