O'Reilly logo

Mastering the Nmap Scripting Engine by Paulino Calderón Pale

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

DBMS-auditing data files

Certain scripts related to DBMS use data files to store common, related strings and fingerprints to perform security audits. If you normally work with Oracle environments, I highly recommend updates to the following files.

mysql-cis.audit

The mysql-cis.audit file inside your Nmap data directory contains configuration checks described in the CIS MySQL v1.0.2 benchmark. It is used by the mysql-audit script to perform configuration checks by carrying out a series of tests. A test looks like this:

-- Logging
test { id="3.1", desc="Skip symbolic links", sql="SHOW variables WHERE Variable_name = 'log_error' AND Value IS NOT NULL", check=function(rowstab) 
  return { status = not(isEmpty(rowstab[1])) }
end
}

You may set the mysql-audit ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required