Network Management

 View Only
  • 1.  Airwave performing nmap scans

    Posted Nov 03, 2014 11:00 AM

    I read another post about nmap scans, but didn't want to resurrect a 3 year old post. I found the radio button to turn on/off OS scans (it was on) and turned it off. How long does that take to take affect? Are the scans queued, and nothing new gets added to queue? Below, I have the rather lengthly logs indicating when I saved and applied the change to the radio button, and the continuation of the nmap scans. Anywhere else I should look, or do I just need to give it some more time? The major issue - which really isn't an issue at all - it that Airwave is scanning the mainframe, which is not service affecting - therefore not an issue at all - but is causing several alerts to pop - which makes it a major issue.

     

    Thanks,

     

    Russell

     

    Logs:

    Mon Nov 3 09:45:27 2014 System System NMAP Scan of "10.14.138.16" (10.14.138.16/255.255.255.255) using credentials "": started
    Mon Nov 3 09:45:27 2014 System System NMAP Scan of "10.37.1.179" (10.37.1.179/255.255.255.255) using credentials "": completed: 1 probes in 74 seconds
    Mon Nov 3 09:44:13 2014 System System NMAP Scan of "10.37.1.179" (10.37.1.179/255.255.255.255) using credentials "": started
    Mon Nov 3 09:44:13 2014 System System NMAP Scan of "10.7.0.113" (10.7.0.113/255.255.255.255) using credentials "": completed: 1 probes in 69 seconds
    Mon Nov 3 09:43:04 2014 System System NMAP Scan of "10.7.0.113" (10.7.0.113/255.255.255.255) using credentials "": started
    Mon Nov 3 09:43:04 2014 System System NMAP Scan of "10.214.0.208" (10.214.0.208/255.255.255.255) using credentials "": completed: 1 probes in 43 seconds
    Mon Nov 3 09:42:21 2014 System System NMAP Scan of "10.214.0.208" (10.214.0.208/255.255.255.255) using credentials "": started
    Mon Nov 3 09:42:21 2014 System System NMAP Scan of "10.16.16.24" (10.16.16.24/255.255.255.255) using credentials "": completed: 1 probes in 56 seconds
    Mon Nov 3 09:41:25 2014 System System NMAP Scan of "10.16.16.24" (10.16.16.24/255.255.255.255) using credentials "": started
    Mon Nov 3 09:41:25 2014 System System NMAP Scan of "10.7.0.85" (10.7.0.85/255.255.255.255) using credentials "": completed: 1 probes in 74 seconds
    Mon Nov 3 09:40:11 2014 System System NMAP Scan of "10.7.0.85" (10.7.0.85/255.255.255.255) using credentials "": started
    Mon Nov 3 09:40:11 2014 System System NMAP Scan of "10.12.143.57" (10.12.143.57/255.255.255.255) using credentials "": completed: 1 probes in 55 seconds
    Mon Nov 3 09:39:16 2014 System System NMAP Scan of "10.12.143.57" (10.12.143.57/255.255.255.255) using credentials "": started
    Mon Nov 3 09:39:16 2014 System System NMAP Scan of "10.211.1.34" (10.211.1.34/255.255.255.255) using credentials "": completed: 1 probes in 43 seconds
    Mon Nov 3 09:38:33 2014 System System NMAP Scan of "10.211.1.34" (10.211.1.34/255.255.255.255) using credentials "": started
    Mon Nov 3 09:38:33 2014 System System NMAP Scan of "10.12.16.31" (10.12.16.31/255.255.255.255) using credentials "": completed: 1 probes in 53 seconds
    Mon Nov 3 09:37:40 2014 System System NMAP Scan of "10.12.16.31" (10.12.16.31/255.255.255.255) using credentials "": started
    Mon Nov 3 09:37:40 2014 System System NMAP Scan of "10.12.138.69" (10.12.138.69/255.255.255.255) using credentials "": completed: 1 probes in 55 seconds
    Mon Nov 3 09:36:45 2014 System System NMAP Scan of "10.12.138.69" (10.12.138.69/255.255.255.255) using credentials "": started
    Mon Nov 3 09:36:45 2014 System System NMAP Scan of "10.211.1.215" (10.211.1.215/255.255.255.255) using credentials "": completed: 1 probes in 4 seconds
    Mon Nov 3 09:36:41 2014 System System NMAP Scan of "10.211.1.215" (10.211.1.215/255.255.255.255) using credentials "": started
    Mon Nov 3 09:36:41 2014 System System NMAP Scan of "10.12.143.44" (10.12.143.44/255.255.255.255) using credentials "": completed: 1 probes in 55 seconds
    Mon Nov 3 09:35:46 2014 System System NMAP Scan of "10.12.143.44" (10.12.143.44/255.255.255.255) using credentials "": started
    Mon Nov 3 09:35:46 2014 System System NMAP Scan of "10.213.1.134" (10.213.1.134/255.255.255.255) using credentials "": completed: 1 probes in 38 seconds
    Mon Nov 3 09:35:08 2014 System System NMAP Scan of "10.213.1.134" (10.213.1.134/255.255.255.255) using credentials "": started
    Mon Nov 3 09:35:08 2014 System System NMAP Scan of "10.13.10.51" (10.13.10.51/255.255.255.255) using credentials "": completed: 1 probes in 55 seconds
    Mon Nov 3 09:34:13 2014 System System NMAP Scan of "10.13.10.51" (10.13.10.51/255.255.255.255) using credentials "": started
    Mon Nov 3 09:34:13 2014 System System NMAP Scan of "10.207.0.9" (10.207.0.9/255.255.255.255) using credentials "": completed: 1 probes in 3 seconds
    Mon Nov 3 09:34:10 2014 System System NMAP Scan of "10.207.0.9" (10.207.0.9/255.255.255.255) using credentials "": started
    Mon Nov 3 09:34:09 2014 System System NMAP Scan of "10.13.10.15" (10.13.10.15/255.255.255.255) using credentials "": completed: 1 probes in 55 seconds
    Mon Nov 3 09:33:14 2014 System System NMAP Scan of "10.13.10.15" (10.13.10.15/255.255.255.255) using credentials "": started
    Mon Nov 3 09:33:14 2014 System System NMAP Scan of "10.17.0.12" (10.17.0.12/255.255.255.255) using credentials "": completed: 1 probes in 10 seconds
    Mon Nov 3 09:33:04 2014 System System NMAP Scan of "10.17.0.12" (10.17.0.12/255.255.255.255) using credentials "": started
    Mon Nov 3 09:33:04 2014 System System NMAP Scan of "10.216.0.196" (10.216.0.196/255.255.255.255) using credentials "": completed: 1 probes in 26 seconds
    Mon Nov 3 09:32:38 2014 System System NMAP Scan of "10.216.0.196" (10.216.0.196/255.255.255.255) using credentials "": started
    Mon Nov 3 09:32:38 2014 System System NMAP Scan of "10.1.254.141" (10.1.254.141/255.255.255.255) using credentials "": completed: 1 probes in 53 seconds
    Mon Nov 3 09:31:44 2014 System System NMAP Scan of "10.1.254.141" (10.1.254.141/255.255.255.255) using credentials "": started
    Mon Nov 3 09:31:44 2014 System System NMAP Scan of "10.211.0.47" (10.211.0.47/255.255.255.255) using credentials "": completed: 1 probes in 12 seconds
    Mon Nov 3 09:31:32 2014 System System NMAP Scan of "10.211.0.47" (10.211.0.47/255.255.255.255) using credentials "": started
    Mon Nov 3 09:31:32 2014 System System NMAP Scan of "10.1.254.137" (10.1.254.137/255.255.255.255) using credentials "": completed: 1 probes in 66 seconds
    Mon Nov 3 09:30:26 2014 System System NMAP Scan of "10.1.254.137" (10.1.254.137/255.255.255.255) using credentials "": started
    Mon Nov 3 09:30:26 2014 System System NMAP Scan of "10.2.12.150" (10.2.12.150/255.255.255.255) using credentials "": completed: 1 probes in 4 seconds
    Mon Nov 3 09:30:22 2014 System System NMAP Scan of "10.2.12.150" (10.2.12.150/255.255.255.255) using credentials "": started
    Mon Nov 3 09:30:22 2014 System System NMAP Scan of "10.214.1.52" (10.214.1.52/255.255.255.255) using credentials "": completed: 1 probes in 22 seconds
    Mon Nov 3 09:30:00 2014 System System NMAP Scan of "10.214.1.52" (10.214.1.52/255.255.255.255) using credentials "": started
    Mon Nov 3 09:30:00 2014 System System NMAP Scan of "10.215.1.241" (10.215.1.241/255.255.255.255) using credentials "": completed: 1 probes in 39 seconds
    Mon Nov 3 09:29:21 2014 System System NMAP Scan of "10.215.1.241" (10.215.1.241/255.255.255.255) using credentials "": started
    Mon Nov 3 09:29:21 2014 System System NMAP Scan of "10.37.4.46" (10.37.4.46/255.255.255.255) using credentials "": completed: 1 probes in 82 seconds
    Mon Nov 3 09:27:59 2014 System System NMAP Scan of "10.37.4.46" (10.37.4.46/255.255.255.255) using credentials "": started
    Mon Nov 3 09:27:59 2014 System System NMAP Scan of "10.7.3.6" (10.7.3.6/255.255.255.255) using credentials "": completed: 1 probes in 75 seconds
    Mon Nov 3 09:26:44 2014 System System NMAP Scan of "10.7.3.6" (10.7.3.6/255.255.255.255) using credentials "": started
    Mon Nov 3 09:26:44 2014 System System NMAP Scan of "10.14.143.8" (10.14.143.8/255.255.255.255) using credentials "": completed: 1 probes in 50 seconds
    Mon Nov 3 09:25:54 2014 System System NMAP Scan of "10.14.143.8" (10.14.143.8/255.255.255.255) using credentials "": started
    Mon Nov 3 09:25:54 2014 System System NMAP Scan of "10.213.1.62" (10.213.1.62/255.255.255.255) using credentials "": completed: 1 probes in 43 seconds
    Mon Nov 3 09:25:11 2014 System System NMAP Scan of "10.213.1.62" (10.213.1.62/255.255.255.255) using credentials "": started
    Mon Nov 3 09:25:11 2014 System System NMAP Scan of "10.37.1.33" (10.37.1.33/255.255.255.255) using credentials "": completed: 1 probes in 74 seconds
    Mon Nov 3 09:23:57 2014 System System NMAP Scan of "10.37.1.33" (10.37.1.33/255.255.255.255) using credentials "": started
    Mon Nov 3 09:23:57 2014 System System NMAP Scan of "10.30.1.139" (10.30.1.139/255.255.255.255) using credentials "": completed: 1 probes in 52 seconds
    Mon Nov 3 09:23:05 2014 System System NMAP Scan of "10.30.1.139" (10.30.1.139/255.255.255.255) using credentials "": started
    Mon Nov 3 09:23:05 2014 System System NMAP Scan of "10.13.10.8" (10.13.10.8/255.255.255.255) using credentials "": completed: 1 probes in 55 seconds
    Mon Nov 3 09:22:51 2014 gibbonr1 RAPIDS Configuration spipair01: Updated

     

     



  • 2.  RE: Airwave performing nmap scans

    Posted Nov 04, 2014 10:50 PM

    This will probably be better handled by opening a support case.

     

    Also, are any other users attempting to run device discovery scans? (See Device Setup -> Discover)



  • 3.  RE: Airwave performing nmap scans

    Posted Aug 03, 2015 12:14 PM

    Is there a solution to this post.  I am also having the same issue after disabling nmap scanning.


    @rgin wrote:

    This will probably be better handled by opening a support case.

     

    Also, are any other users attempting to run device discovery scans? (See Device Setup -> Discover)



    @rgin wrote:

    This will probably be better handled by opening a support case.

     

    Also, are any other users attempting to run device discovery scans? (See Device Setup -> Discover)