I have been initiated Nmap scan before by using “BigFix Asset Discovery Nmap Scan Wizard”.
And scans worked fine.
Today, when I try to do the same nmap scan fails on the following:
continue if {(exists file whose (name of it starts with “nmap-” AND name of it contains (parameter “current_time”) AND exists line whose (((exists key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP” whose (value “NmapVersion” of it as string as version < ") of x32 registry) AND it as lowercase contains “nmap run completed at”) OR ((exists key “HKEY_LOCAL_MACHINE\SOFTWARE\BigFix\EnterpriseClient\BESScanner-NMAP” whose (value “NmapVersion” of it as string as version >= “4.52”) of x32 registry) AND it as lowercase contains “nmap done at”)) of it) of folder (pathname of windows folder & “\temp\nmap”))}
This continue if is a check that will indicate whether or not the scan was successful. Success, is determined by the relevance here.
Was a file was generated at C:\windows\temp\nmap - and at the end of that file, does the text “<!-- Nmap done at” exist?
Probably you will need to re-run the scan. If you continue to run into this failure, I would manually run nmap on the scanpoint to see what the problem is (you can find the full parameter list of the call to nmap.exe in your client log on the scanpoint).
I am running into this issue as well. the job keeps failing at the same point. I took a look at the job and the values in the registry do exist. The file is getting created in the c:\windows\Temp\NMAP folder and it appears to be incomplete. I compared this file to an NMAP scan I ran a couple months ago and the failing file seems to be not complete. The failure in the job is because the “<!-- Nmap done at” does not exist
Here is the .XML file that is created in the TEMP\NMAP folder.
The file from the machine that worked properly started the same but continues with a and starts with each of the IP’s in the Scan.
this job was created by the NMAP scan wizard (same as the others) but I am seeing the same thing running the default “Run NMAP Scan” job and specifying the IP manually.
I just ran a scan on another network and it appears that job is running properly.
I have already uninstalled/reinstalled the NMAP Scan Point from the site that is having this issue.
I did notice that the job Upgrade NMAP (5.21) is applicable on this trouble site, so I upgraded and ran again with no change in the result. I found it weird that there was an upgrade even though I did an uninstall/reinstall a couple hours ago with the jobs listed within TEM.
Can you try running nmap.exe manually in a cmd.exe window to view the output. Probably there was some error that is preventing nmap from completing the scan correctly. Hopefully you’ll get a meaninful error message.
Do you have the proper version of the WinPCap dll?
I had a problem where the installation of nmap caused problems with another application that also used the free version of wpcap.dll file.
I had to add the following relevance to my run-scan task to ensure it would work properly:
if name of operating system as string as lowercase contains “win” then if exists file “wpcap.dll” of system folder then (version of file “wpcap.dll” of system folder >= “4.1”) else false else true
In the end i just needed to stop the OPNET service, install nmap (and winpcap) then start opnet up again… then everything worked properly, opnet and nmap.