|
1 | 1 | # Network Discovery |
2 | 2 | The network discovery backend leverages [NMAP](https://nmap.org/) to scan networks and discover IP information. |
3 | 3 |
|
| 4 | +## Diode Entities |
| 5 | +The network discovery backend uses [Diode Go SDK](https://github.com/netboxlabs/diode-sdk-go) to ingest discover IP Address entities with Global VRF and allows defining Description, Comments and Tags for them. |
4 | 6 |
|
5 | 7 | ## Configuration |
6 | 8 | The `network_discovery` backend does not require any special configuration, though overriding `host` and `port` values can be specified. The backend will use the `diode` settings specified in the `common` subsection to forward discovery results. |
@@ -37,20 +39,26 @@ Config defines data for the whole scope and is optional overall. |
37 | 39 | #### Defaults |
38 | 40 | Current supported defaults: |
39 | 41 |
|
40 | | -| Key | Description | |
41 | | -|:-----:|:-------------:| |
42 | | -| comments | NetBox Comments information to be added to discovered IP | |
43 | | -| description | NetBox Description data to be added to discovered IP | |
| 42 | +| Key | Type | Description | |
| 43 | +|:-----:|:----:|:-------------:| |
| 44 | +| comments | str | NetBox Comments information to be added to discovered IP | |
| 45 | +| description | str | NetBox Description data to be added to discovered IP | |
| 46 | +| tags | list | NetBox Tags to be added to discovered IP | |
44 | 47 |
|
45 | 48 | ### Scope |
46 | 49 | The scope defines a list of targets to be scanned. |
47 | 50 |
|
48 | 51 | | Parameter | Type | Required | Description | |
49 | 52 | |:---------:|:----:|:--------:|:-----------:| |
50 | 53 | | targets | list | yes | The targets that NMAP will scan. These can be specified as IP addresses (192.168.1.1), IP ranges (192.168.1.10-20), IP subnets with mask (192.168.1.0/24) or resolvable domain names. | |
51 | | - |
52 | | - |
53 | | - |
| 54 | +| fast_mode | bool | no | Fast mode - Scan fewer ports than the default scan (-F). | |
| 55 | +| timing | int | no | Set timing template, higher is faster (-T<0-5>). | |
| 56 | +| ports | list | no | Only scan specified ports (-p). Sample: [22,161,162,443,500-600,8080]. | |
| 57 | +| exclude_ports | list | no | Exclude the specified ports from scanning. Sample: [23, 9000-12000]. | |
| 58 | +| ping_scan | bool | no | Ping Scan (-sn) - disable port scan. If `scan_types` is defined, `ping_scan` will be ignored. | |
| 59 | +| top_ports | int | no | Scan <number> most common ports (--top-ports). | |
| 60 | +| max_retries | int | no | Caps number of port scan probe retransmissions (--max-retries). | |
| 61 | +| scan_types | list | no | Scan technique to be used by NMAP. Supports [udp,connect,syn,ack,window,null,fin,xmas,maimon,sctp_init,sctp_cookie_echo,ip_protocol]. If more than one TCP scan type (`connect,syn,ack,window,null,fin,xmas,maimon`) is defined, only the fist one will be applied. | |
54 | 62 |
|
55 | 63 | ### Sample |
56 | 64 | A sample policy including all parameters supported by the network discovery backend. |
|
66 | 74 | defaults: |
67 | 75 | comments: none |
68 | 76 | description: IP discovered by network discovery |
| 77 | + tags: [net-discovery, orb-agent] |
69 | 78 | scope: |
70 | 79 | targets: |
71 | 80 | - 192.168.7.32 |
72 | 81 | - 192.168.7.30-40 # IP range |
73 | 82 | - 192.168.7.0/24 # IP subnet |
74 | 83 | - google.com # dns lookup |
| 84 | + fast_mode: True |
| 85 | + max_retries: 0 |
75 | 86 |
|
76 | 87 | ``` |
| 88 | +### ⚠️ Warning |
| 89 | +Be **AWARE** that executing a policy with only targets defined is equivalent to running `nmap <targets>`, which in turn is the same as executing `nmap -sS -p1-1000 --open -T3 <target>`: |
| 90 | + |
| 91 | +- `-sS` → SYN scan (stealth scan, requires root privileges) |
| 92 | +- `-p1-1000` → Scans the top 1000 most common ports |
| 93 | +- `--open` → Only shows open ports |
| 94 | +- `-T3` → Uses the default timing template (T3 is the standard speed) |
0 commit comments