Security

Hi all,

In the Event Viewer and in other views as well you can right click an IP address to lookup more information. One of the functions is portscan but this is not working for me.

The message I get when doing so is:

Nmap Not Found
The Nmap program, which is required for port scans, could not be located.
Please ensure that it is installed on the Security Threat Response Manager console.

Via the CLI I checked if the nmap binary was present on the filesystem.

To fool the STRM to think that the nmap binary was present I created a file with the name nmap.

touch /usr/bin/nmap.

The result was that the STRM gives a different message:

Security Threat Response Manager has completed your request
Exact results from '/usr/bin/nmap -A 81.83.16.36': Error running nmap.. 

The yum command does not allow me to install nmap.

[root@strm ~]# yum install nmap
YUM is disabled, please contact support for updates !
[root@strm ~]# 

How can I install nmap on the STRM device?

Z.

Hi

1) Download the latest RPM http://nmap.org/dist/nmap-5.00-1.i386.rpm

2) Copy it to the STRM appliance using SecureCopy

3) Install the RPM using the "rpm -vhU nmap-5.00-1.i386.rpm" command

Done!

Great!!!

zblocker@host:~ $ ssh root@strm
root@strm's password:
Last login: Tue Sep  8 12:30:32 2009 from sgeerts.securelink.local
This server has Security Threat Response Manager 2008.3.0.135 (build 6.2.0.385) patch 518 installed on Wed Sep  2 09:22:19 CEST 2009
[root@strm ~]# cd
[root@strm ~]# wget http://nmap.org/dist/nmap-5.00-1.i386.rpm
--17:03:44--  http://nmap.org/dist/nmap-5.00-1.i386.rpm
Resolving nmap.org... 64.13.134.48
Connecting to nmap.org|64.13.134.48|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2331727 (2.2M) [application/octet-stream]
Saving to: `nmap-5.00-1.i386.rpm'

100%[=============================================================================>] 2,331,727    304K/s   in 7.8s

17:03:53 (293 KB/s) - `nmap-5.00-1.i386.rpm' saved [2331727/2331727]

[root@strm ~]# rpm -vhU nmap-5.00-1.i386.rpm
Preparing...                ########################################### [100%]
   1:nmap                   ########################################### [100%]
[root@strm ~]# 

Another solution below

Use the command 'rpm -e nmap' first if the above solution did not suit you.

[root@strm ~]# yum_old install nmap
Excluding Packages in global exclude list
Finished
Reducing CentOS-5 - Plus to included packages only
Finished
Excluding Packages from CentOS-5 - Base
Finished
Excluding Packages from CentOS-5 - Updates
Finished
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
--> Running transaction check
---> Package nmap.x86_64 2:4.11-1.1 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size 
=============================================================================
Installing:
 nmap                    x86_64     2:4.11-1.1       base              680 k

Transaction Summary
=============================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         

Total download size: 680 k
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: nmap                         ######################### [1/1] 

Installed: nmap.x86_64 2:4.11-1.1
Complete!
[root@strm ~]#