Configuring Nmap

The Stack Scan sensor uses Nmap to gather data about the targets for credential-less discovery.

Installing Nmap

Install Nmap on the Agile Service Manager server and all anchor servers. For more information, see the readme file in the Nmap directory on the DVD.

Configuring root authority

For non-Windows platforms, give root authority for all commands to the Agile Service Manager user ID that starts the Agile Service Manager server.

If you are using a Agile Service Manager anchor server, give root authority to the discovery service account on the anchor server.

As root user, add the following line in the /etc/sudoers configuration file, using the visudo command:

ASM_userid ALL=(ALL) NOPASSWD:ALL

where

ASM_userid is the user ID that starts the Agile Service Manager server, or the discovery service account on an anchor.

If the sudoers file contains a Defaults requiretty line, comment it out or delete the line.

When the Stack Scan sensor is running with Nmap, the Agile Service Manager server user ID can be given root execution permission only for the Nmap command. Add the following line in the /etc/sudoers configuration file:

ASM_userid ALL=(ALL) NOPASSWD:nmap_path

where

ASM_userid is the user ID that starts the Agile Service Manager server, or the discovery service account on an anchor.
nmap_path is the full path to the location of the nmap command.

If the sudoers file contains a Defaults requiretty line, comment it out or delete the line.

Configuring the Path environment variable

Nmap must be installed on your Agile Service Manager server and on all anchor servers. The Nmap command must be in the $PATH environment variable for the Agile Service Manager user ID that starts the Agile Service Manager server. If you are using a Agile Service Manager anchor server, the Nmap command must be in the $PATH environment variable for the discovery service account.

On Windows platforms, take the following steps to set the Path system environment variable to include the directory where Nmap is installed:

Click Start > Control Panel > System
Click the Advanced tab, and select Environment Variables.
Edit the Path system variable and add the directory where Nmap is installed.
Restart the computer.
This task makes Nmap available to services on the computer.

Verifying that Nmap is working

To verify that Nmap is working complete the following steps:

Log in to the system using one of the following Agile Service Manager user IDs:
- The user ID that starts the Agile Service Manager server.
- The user ID that starts the discovery service account on the anchor server.
Run the following command:
```
sudo nmap -T Normal -O -sS  -oX - IPaddress/32
```
where
- IPaddress is a valid host system that is up and running on your network.
The output produces an XML document that shows the ports and operating systems on that computer system.

Limitation

Because of a limitation on AIX®, only four active Nmap commands can be run at the same instance. To ensure that this limit of Nmap commands is not exceeded, complete the following steps:

Create a discovery profile.
In the new discovery profile, create a StackScanSensor configuration, and enable the configuration.
Set the values of the following properties to 1:
- nmapMaxOsScanTreads
- nmapMaxPingScanTreads
To save the configuration, click OK.
To save the discovery profile, click Save. Use this discovery profile for StackScan discoveries.
If the number of computer systems in the scope being discovered exceeds 2048, set the following property in the collation.properties file:
```
com.collation.discover.dwcount=4
```