[Sancho]

Like it

Up

0

Down

Drop it

::

Mmm, I understand you want to add automatically services (Tcp ports) that are listening in target machines, right ?, even if this host is already monitored.

But what happen with non-responsible ports ?, we should “delete” it from the current monitorization?.

By the way, Pandora FMS 3.0 is using NMAP and Xprobe2 to detect new host and fingerprinting them, the old way to tcp scan hosts was used only in 1.x and 2.x, nmap is much much better 🙂

Hello there,

I’d very much like to have the recon server using NMAP to both learn about new hosts and it’s services as well as to keep an eye on services that shouldn’t be running on hosts. The mapping between a network range and a network template just doesn’t feel right.

The idea is to work the adding/removing of services automatically through discovery instead of manually adding all services to hosts on the pandora_console.

Are there any works in that direction ?

[randy_srs]

Like it

Up

0

Down

Drop it

::

my problem is Recon seems to add host multiple times

ie:

192.168.4.11 is the same as srs-rdp-srv which has a client running

is there a way to get recon to ignore or bypass units that have agents running

[Sancho]

Like it

Up

0

Down

Drop it

::

Recon try to match by current IP addresses, so if an agent who actually exists HAS an IP in the range being scanned by recon, it should not get added again, just be sure it has a correct IP address assigned.

This was a bug in 2.1 (to have duped agents detected) but 3.0 fix this problem.

my problem is Recon seems to add host multiple times

ie:

192.168.4.11 is the same as srs-rdp-srv which has a client running

is there a way to get recon to ignore or bypass units that have agents running