Hamsandwich Posted November 23, 2012 Share Posted November 23, 2012 Hi wise ones, Had a question. Is there a way to use nmap (or something else), to see which ports are available between hosts in a list or ip range. Note -- I am not talking about ports available from the perspective of a single host -- I mean between the actual hosts in the list themselves. For an example, I have an environment that has an apache proxy, a couple tomcat boxes, a couple mysql boxes. I'm looking for a map of the ports between these hosts... one-direction, 2-direction, etc. For example, is the proxy talking to the the tomcats? If so, which port? And the tomcats -- which ports do they access the proxy (if at all)? I have access to each host -- I am looking for a quick means to get a summary of port access based on firewall rules --- without having access to the firewall itself. I'm basically noticing some issues with some of my applications, and I want a summary of which ports each host can access within the environment, so I can have our network team modify the firewall rules. I'm new to nmap... but other than logging into each host, and running nmap from the host in question to look at each other host in the list, what are my options? I was figuring on doing a nested for loop and running nmap that way... but that seemed lame. Was hoping for something more out of the box. Seems like netstat and lsof -i also provide good info -- but I am looking for best approaches. Hope my question made sense. Thanks for any assistance! Quote Link to comment Share on other sites More sharing options...
murder_face Posted November 23, 2012 Share Posted November 23, 2012 "netstat-a | grep host1 host2" maybe? Quote Link to comment Share on other sites More sharing options...
01000010 Posted November 23, 2012 Share Posted November 23, 2012 I think you will want an external monitoring solution, or watch the tcp dumps of your network traffic Quote Link to comment Share on other sites More sharing options...
Hamsandwich Posted November 24, 2012 Author Share Posted November 24, 2012 Thanks -- I'll try both out. Quote Link to comment Share on other sites More sharing options...
digip Posted November 24, 2012 Share Posted November 24, 2012 On the host connected to the other host you can use netstat or lsof. just check the help files for the command that shows the program in use with the port/socket. Then pipe it through grep for the IP or Domain name of the second node afterwards. Externally would be kind of hard, since you can only really see what ports are open, but not so much WHO they are talking to, without 1, MITM, or 2, something like SNMP that reports back info for you, which honestly, netstat on one of the nodes to check connections and then grep for the second node, would show the communication between just those two. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.