Since the Search Window overhaul is reaching the "testable by community" phase, here are a couple of real-world search scenarios and their equivalent search strings in Zenmap. I'm assuming that the current date is 2008-06-05, and I'm using full operator names. You can always use aliases if you want a shorter (and quicker to type) search.
- Find scans performed yesterday.
date:-1
or
date:2008-06-04
- Find scans performed any time in the last week.
after:-7
or
after:2008-05-29 - Find scans with hosts that have a given host (12.34.56.78) in their path.
inroute:12.34.56.78
- Find all scans containing machines running OpenSSH.
service:openssh
There are still real-world scenarios that need to be taken into account, which cannot yet be expressed in Zenmap, such as:
- Find all scans containing Debian and Ubuntu machines.
- Find all scans containing machines with port 22 open or with a service named ssh.
These two examples both require some form of an or-search, which is not planned for this initial release. At the moment, you can accomplish these queries by making two separate searches.
No comments:
Post a Comment