Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Overview

The Cloudamize Network Scanner is a wrapper for the open source tool “nmap”. Our wrapper will run the tool, process the data, and send it back to the Cloudamize data collection servers. The tool must be downloaded prior to use: https://nmap.org/ and is not packaged with the Cloudamize Network Scanner wrapper. Please refer to nmap documentation for any queries regarding its usage.

Requirements

The nmap tool is run from a Linux server. Its documentation can be found here.

We recommend running the wrapper and tool on a dev, utility, or otherwise disposable (non-production) server.

The server should have internal firewall visibility to as much of your network as you wish to scan for discovery, and external firewall access based on the endpoint of your assessment:

  • US: am.cloudamize.com

  • EU: am-de.cloudamize.com

  • UAE: am-ae.cloudamize.com

The nmap tool requires root access. You must either run the network scanner with the root account, with sudo, or allow password-less sudo access to run nmap.

Downloading

You can download the network scanner as a binary distribution or wheel distribution.

Installing

You must install nmap and either the binary or wheel wrapper. The Network Scanner can be used in a Docker environment. We recommend a recent OS for newer versions of nmap with potentially better OS mapping.

Nmap

# For Ubuntu/Debian
apt-get install nmap
# For Red Hat
yum install nmap

Binary

gunzip netscan.gz
chmod +x netscan

Wheel

tar xzf netscanner-py3-none-any.whl.tgz
pip3 install netscanner*.whl

Running the Network Scanner

The utility may have an unpredictable impact on your network - it is designed to back off if it starts to overload the network, but there are always risks. The utility can be passed the --slow or --fast flag to adjust the speed setting given to nmap.

The scanner may take a long time to run depending on the size of the network and there is no resume functionality should it be interrupted. It is important that the machine scanning stays on.

The scanner will function best if you give it a reasonable range to scan. Targets are specified in CIDR notation, for example, 192.168.1.1/24 for a network with subnet mask 255.255.255.0. Multiple ranges can be specified by separating them each with a comma.

usage: netscan [-h] [--target TARGET_IP] [--customer-key CUSTOMER_KEY]
               [--dry-run] [--send-only] [--test-connection] [--no-ping]
               [--fast] [--slow] [--verbose] [--version]
Runs nmap and collects results
optional arguments:
  -h, --help            show this help message and exit
  --target TARGET_IP, -t TARGET_IP
                        REQUIRED. Target IP range(s), CIDR notation, comma
                        separated
  --customer-key CUSTOMER_KEY, -c CUSTOMER_KEY
                        REQUIRED. Your customer key to associate the data
                        with.
  --dry-run             Don't send results to Cloudamize
  --send-only           Only send result data file to Cloudamize (do not scan)
  --test-connection     Only test connection to cloudamize servers
  --no-ping             Skip pinging, port scan all. SLOW.
  --fast                Scan network at a faster pace. May impact network
                        performance.
  --slow                Scan network at a slower pace. May take a very long
                        time.
  --verbose, -v         Run nmap with verbose flag.
  --version             Print version information.

A typical run of the network scanner may look like:

netscan --customer-key <custkey> -t <ip_range>

Viewing the Results: The Network Discovery Tab

Once the tool has completed its run and uploaded the data to the Cloudamize portal, you can view the results on the Network Discovery tab in the Inventory Settings page of the portal.

image-20241022-154430.png

On this tab you can view all discovered network devices and any related details that have been discovered, labelled by column. The results are searchable using the search box to the top-left.

The data collected by the Network Scanner can be used in the following ways:

  1. To identify Windows and Linux servers that are not included in the Cloudamize assessment.

  2. To identify NAS and SAN devices.

  3. To identify other servers (Unix systems, mainframes, etc.) which will assist in migration planning and automated 7R classification.

  4. To help understand app-interconnectivity between Windows and Linux servers in an assessment and these other systems and devices.

Support

The Network Scanner wrapper is provided as-is. Cloudamize can offer assistance configuring the command line for the tool, but cannot offer support for the nmap tool itself.

If you have any queries, please contact the helpdesk.

  • No labels