If you are a Tenable Security Center 4 user, you might have noticed that unlike Qualys, you can only use IP addresses in SC4 asset groups**. In normal production environments, IPs are static and this restriction does not pose a huge challenge. However, in my case we are using SC4 to scan a large end-user desktop environment which is using AD Dynamic DHCP. Due to this, I find myself having to update the asset groups before a scan and it can be tedious.
To make things easier, I decided to write a quick 'n' dirty shell script to get the computer names from AD and do a reverse lookup.
#!/bin/sh
LDAPURI="ldap://corp.ldap.server"
USER="user@domain.com"
echo "LDAP Password:"
read PASS
DEPT=([1]="Dept 1" [2]="Dept 2" [3]="Dept 3")
for ((i=1; i<=${#DEPT[@]}; i++ ));
do
CMD="/usr/bin/ldapsearch -x -v -LLL -E pr=200/noprompt -H $LDAPURI -D \"$USER\" -w $PASS -b \"OU=${DEPT[$i]} Computers,OU=${DEPT[$i]},OU=Corporate,DC=domain,DC=com\" -s one \"(objectClass=computer)\" | grep name | awk '{print \$2}' | tr '[:upper:]' '[:lower:]' | sed 's/$/.domain.com/' | dig +short -f -"
USER="user@domain.com"
echo "LDAP Password:"
read PASS
DEPT=([1]="Dept 1" [2]="Dept 2" [3]="Dept 3")
for ((i=1; i<=${#DEPT[@]}; i++ ));
do
CMD="/usr/bin/ldapsearch -x -v -LLL -E pr=200/noprompt -H $LDAPURI -D \"$USER\" -w $PASS -b \"OU=${DEPT[$i]} Computers,OU=${DEPT[$i]},OU=Corporate,DC=domain,DC=com\" -s one \"(objectClass=computer)\" | grep name | awk '{print \$2}' | tr '[:upper:]' '[:lower:]' | sed 's/$/.domain.com/' | dig +short -f -"
echo "Run $CMD:"
eval $CMD > ${DEPT[$i]}_IPs.txtdone
The resulting output should be one file per department containing IP's of all the names which resolved.
Note: I am doing a simple LDAP bind (-x) and the password (-w) is sent clear-text.
** I have been told by my Tenable sales rep that in late Feb 2012 they *might* include the ability to add hosts using DNS name.
Thanks,
VVK
No comments:
Post a Comment