Overview
The Cloudamize Network Scanner is a wrapper for the open source tool “nmap”. Our wrapper will run the tool, process the data, and send it back to the Cloudamize data collection servers. The tool must be downloaded prior to use: https://nmap.org/ and is not packaged with the Cloudamize Network Scanner wrapper. Please refer to nmap documentation for any queries regarding its usage.
Requirements
The nmap tool is run from a Linux server. Its documentation can be found here.
We recommend running the wrapper and tool on a dev, utility, or otherwise disposable (non-production) server.
The server should have internal firewall visibility to as much of your network as you wish to scan for discovery, and external firewall access based on the endpoint of your assessment:
US: am.cloudamize.com
EU: am-de.cloudamize.com
UAE: am-ae.cloudamize.com
The nmap tool requires root access. You must either run the network scanner with the root account, with sudo, or allow password-less sudo access to run nmap.
Downloading
You can download the network scanner as a binary distribution or wheel distribution.
Binary: https://am.cloudamize.com/cxf/downloadFile/netscan.gz
Wheel: https://am.cloudamize.com/cxf/downloadFile/netscanner-py3-none-any.whl.tgz
Installing
You must install nmap and either the binary or wheel wrapper. The Network Scanner can be used in a Docker environment. We recommend a recent OS for newer versions of nmap with potentially better OS mapping.
Nmap
# For Ubuntu/Debian apt-get install nmap # For Red Hat yum install nmap
Binary
gunzip netscan.gz chmod +x netscan
Wheel
tar xzf netscanner-py3-none-any.whl.tgz pip3 install netscanner*.whl
Running the Network Scanner
The utility may have an unpredictable impact on your network - it is designed to back off if it starts to overload the network, but there are always risks. The utility can be passed the --slow
or --fast
flag to adjust the speed setting given to nmap.
The scanner may take a long time to run depending on the size of the network and there is no resume functionality should it be interrupted. It is important that the machine scanning stays on.
The scanner will function best if you give it a reasonable range to scan. Targets are specified in CIDR notation, for example, 192.168.1.1/24
for a network with subnet mask 255.255.255.0. Multiple ranges can be specified by separating them each with a comma.
usage: netscan [-h] [--target TARGET_IP] [--customer-key CUSTOMER_KEY] [--dry-run] [--send-only] [--test-connection] [--no-ping] [--fast] [--slow] [--verbose] [--version] Runs nmap and collects results optional arguments: -h, --help show this help message and exit --target TARGET_IP, -t TARGET_IP REQUIRED. Target IP range(s), CIDR notation, comma separated --customer-key CUSTOMER_KEY, -c CUSTOMER_KEY REQUIRED. Your customer key to associate the data with. --dry-run Don't send results to Cloudamize --send-only Only send result data file to Cloudamize (do not scan) --test-connection Only test connection to cloudamize servers --no-ping Skip pinging, port scan all. SLOW. --fast Scan network at a faster pace. May impact network performance. --slow Scan network at a slower pace. May take a very long time. --verbose, -v Run nmap with verbose flag. --version Print version information.
A typical run of the network scanner may look like:
netscan --customer-key <custkey> -t <ip_range>
Viewing the Results: The Network Discovery Tab
Once the tool has completed its run and uploaded the data to the Cloudamize portal, you can view the results on the Network Discovery tab in the Inventory Settings page of the portal.
On this tab you can view all discovered network devices and any related details that have been discovered, labelled by column. The results are searchable using the search box to the top-left.
The data collected by the Network Scanner can be used in the following ways:
To identify Windows and Linux servers that are not included in the Cloudamize assessment.
To identify NAS and SAN devices.
To identify other servers (Unix systems, mainframes, etc.) which will assist in migration planning and automated 7R classification.
To help understand app-interconnectivity between Windows and Linux servers in an assessment and these other systems and devices.
Support
The Network Scanner wrapper is provided as-is. Cloudamize can offer assistance configuring the command line for the tool, but cannot offer support for the nmap tool itself.
If you have any queries, please contact the helpdesk.