Management
Reply
Contributor
Z-Blocker
Posts: 33
Registered: ‎01-05-2009
0
Accepted Solution

STRM: portscan function does not work

Hi all,

 

In the Event Viewer and in other views as well you can right click an IP address to lookup more information. One of the functions is portscan but this is not working for me.

The message I get when doing so is:

 

 

Nmap Not Found
The Nmap program, which is required for port scans, could not be located.
Please ensure that it is installed on the Security Threat Response Manager console.

 

 

Via the CLI I checked if the nmap binary was present on the filesystem.

To fool the STRM to think that the nmap binary was present I created a file with the name nmap.

 

 

touch /usr/bin/nmap.

 

 

 

The result was that the STRM gives a different message:

 

 

Security Threat Response Manager has completed your request
Exact results from '/usr/bin/nmap -A 81.83.16.36': Error running nmap..

 

 

The yum command does not allow me to install nmap.

 

 

[root@strm ~]# yum install nmap
YUM is disabled, please contact support for updates !
[root@strm ~]#

 

How can I install nmap on the STRM device?

 

Z.


 

Super Contributor
jfagerlund
Posts: 140
Registered: ‎01-29-2008
0

Re: STRM: portscan function does not work

Hi

 

1) Download the latest RPM http://nmap.org/dist/nmap-5.00-1.i386.rpm

 

2) Copy it to the STRM appliance using SecureCopy

 

3) Install the RPM using the "rpm -vhU nmap-5.00-1.i386.rpm" command

 

Done!

 

 

Regards,
Johan
Contributor
Z-Blocker
Posts: 33
Registered: ‎01-05-2009
0

Re: STRM: portscan function does not work

Great!!!

 

 

zblocker@host:~ $ ssh root@strm
root@strm's password:
Last login: Tue Sep 8 12:30:32 2009 from sgeerts.securelink.local
This server has Security Threat Response Manager 2008.3.0.135 (build 6.2.0.385) patch 518 installed on Wed Sep 2 09:22:19 CEST 2009
[root@strm ~]# cd
[root@strm ~]# wget http://nmap.org/dist/nmap-5.00-1.i386.rpm
--17:03:44-- http://nmap.org/dist/nmap-5.00-1.i386.rpm
Resolving nmap.org... 64.13.134.48
Connecting to nmap.org|64.13.134.48|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2331727 (2.2M) [application/octet-stream]
Saving to: `nmap-5.00-1.i386.rpm'

100%[=============================================================================>] 2,331,727 304K/s in 7.8s

17:03:53 (293 KB/s) - `nmap-5.00-1.i386.rpm' saved [2331727/2331727]

[root@strm ~]# rpm -vhU nmap-5.00-1.i386.rpm
Preparing... ########################################### [100%]
1:nmap ########################################### [100%]
[root@strm ~]#

 


 

Contributor
Z-Blocker
Posts: 33
Registered: ‎01-05-2009
0

Re: STRM: portscan function does not work

Another solution below

Use the command 'rpm -e nmap' first if the above solution did not suit you.

 

 

[root@strm ~]# yum_old install nmap Excluding Packages in global exclude list Finished Reducing CentOS-5 - Plus to included packages only Finished Excluding Packages from CentOS-5 - Base Finished Excluding Packages from CentOS-5 - Updates Finished Setting up Install Process Parsing package install arguments Resolving Dependencies --> Running transaction check ---> Package nmap.x86_64 2:4.11-1.1 set to be updated --> Finished Dependency Resolution Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: nmap x86_64 2:4.11-1.1 base 680 k Transaction Summary ============================================================================= Install 1 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 680 k Is this ok [y/N]: y Downloading Packages: Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing: nmap ######################### [1/1] Installed: nmap.x86_64 2:4.11-1.1 Complete! [root@strm ~]#

 


 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.