[frgeek-michiana] nmap.tcl - test for offline hosts script

• From: Tom Brown <tbrown@xxxxxxxxxxxx>
• To: FreeGeek Michiana <frgeek-michiana@xxxxxxxxxxxxx>
• Date: Sat, 28 Oct 2006 09:41:29 -0500

In my previouse offline host script, I used ping to check host availability. Ping, unfortunately, returns different text messages according to host conditions. I got false positives: hosts which were in fact offline appeared to be online because my script did not recognize the ping return message. Not good.

Therefore, I switched to nmap with the -sP option which returns just one, unvarying text message if a host is offline. Nmap may return a false negative when a host is actually online, but its firewall is set not to respond to nmap's ping probe. At the end of the day, I would rather have false negatives than false positives.

Tom

--------------------------------------------

#!/usr/bin/tclsh
#
# nmapHosts.tcl
#
#       nmap RBHS & RBTS hosts and report hosts down.
#
#
# Date: 6/15/06
# Modified:

#
# INIT SECTION
#

#
# There are no external scripts or procs necessary, so dummy variables follow.
#
# package require pkgName
# namespace eval nameSpaceName
# proc procName {arg1 arg2} {procBody}
#

#
# Create list of hosts and a log file. The hosts and their IPs are defined
# in the /etc/hosts file.
#

# Space separated list of host to test
set hostList [list host 1 host2 host3 host4 host5]

# Log file location
set logFile "/path/to/nmap.log"

# Holder for hosts discovered offline
set offlineList ""

#
# PROCESSING SECTION
#

# Copy previous log and make a fresh start.
if {[file exists $logFile]} {
        file copy -force $logFile "$logFile.old"
        file delete $logFile
}

# nmap hosts and send results to log.
foreach hostName $hostList {
        if {[catch [exec nmap -sP $hostName >> $logFile]]} {
                puts "Oops...problem with nmap or logging."
                exit
        }
}

# Read log data into a huge string. Find newlines and create a list of lines from the log file.
set dataFile [open $logFile r]
set data [read $dataFile]
set dataList [split $data "\n"]

# Iterate thru host names (hostList) and print log (dataList) lines matched to each host.
set lineCount 0
for {set x 0} {$x < [llength $hostList]} {incr x} {
set thisHost [lindex $hostList $x]
puts "\n*** $thisHost"
for {set y $lineCount} {$y < [expr $lineCount + 4]} {incr y} {
set line [lindex $dataList $y]
puts $line
if {-1 != [string first "Host seems down." $line]} {
lappend offlineList $thisHost
}
}
incr lineCount 4
}

# Display offline host list on stdout for the operator to see
puts "\n"
puts "Hosts Offline List"
foreach line $offlineList {
        puts $line
}

#
# CLEAN UP SECTION
#

# Close the log
close $dataFile

# If any hosts are offline, email the log to a network admin.
set l [llength $offlineList]
if {$l > 0} {
exec cat /path/to/nmap.log | /usr/bin/mail -s "Hosts offline warning" admin@xxxxxxxxxxxxxxxx
}

# Done
exit

** This list is PUBLICLY archived. **
PLEASE don't post personal or sensitive information unless you wish for it to 
be in the public domain.

To post to the list send email to frgeek-michiana@xxxxxxxxxxxxxx
The archive is available at //www.freelists.org/archives/frgeek-michiana/

You may unsubscribe or change your list settings by going to the list website 
at //www.freelists.org/webpage/frgeek-michiana

Other related posts:

• » [frgeek-michiana] nmap.tcl - test for offline hosts script

1. Home
2. frgeek-michiana
3. Archive
4. 10-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---