[ N-LOG 1.5 INSTALLATION ]


The Files:
----------
INSTALL          		-- This file.
README           		-- Overview and help with using nlog.
CHANGES				-- Version changes
BUGTRAQ				-- Original Bugtraq post
install.sh			-- Sample installation script.
sample.pl			-- Sample perl script to parse a database.
cgi/nlog-search.pl		-- The main CGI script.
cgi/nlog-config.ph		-- System dependent variables.
cgi/nlog-rpc.pl			-- RPC extension.
cgi/nlog-smb.pl			-- NetBIOS extension.
cgi/nlog-finger.pl		-- Finger extension.
cgi/nlog-dns.pl			-- Nameserver Query wrapper.
html/nlog.html			-- Sample HTML form for browsing databases
extras/bind/README		-- README for writing custom extensions
extras/bind/nlog-bind.pl	-- Sample custom extension
extras/bind/bind-udp.c 		-- Code for the BIND info extension
extras/decoy/decoy.pl		-- Script to generate decoys for every host in your subnet
extras/decoy/decoylist.pl	-- Generates decoys from lists of IP's
extras/decoy/hostdump.pl	-- Creates lists of IP's from host -l dumps
extras/decoy/viper.net.ipdb	-- Sample IP list
extras/scripts/db2sql.pl	-- Sample MySQL Integration
extras/scripts/os_stats.pl	-- Operating System & Port Stats

How To Install:

	Copy all of the files in the cgi subdirectory into your cgi-bin directory.
	Open up the nlog-config.ph file in your favorite text editor and change 
	the program locations and cgi-bin directory to match your system.
	The modes for the cgi scripts should be 755 and the nlog-config.ph file
	should be set to 644.  You may need to change the top line of all the .pl
	scripts to point to your local perl binary, they have been set to /usr/bin/perl
	by default.

	Copy the nlog.html file from the html directory to a web accessable folder
	on your box, and open it with a text editor to change the CGI location to the one
	on your system.  Make sure this file is readable by the webserver's user by
	chmod'ing it to 644.

	To use this html form, you must have a valid nlog database on your system.  You
	can create one with the log2db.pl script included with this package and an nmap 2.0
	log file generated with the -m option.  The syntax for the conversion script is:
	./log2db.pl <log file> <new database> This should create a perl-style flat-database
	file.  Move the new database to the directory specified in nlog-config.ph and chmod
	it 644 so it is	accessible by the web server.  Now fire up your browser of choice 
	and browse to the nlog.html file, enter the path to the database file and hit the process
	button.  You should see a long listing of all the hosts scanned in your log file, with 
	hyperlinks to common  services and to the extension CGI's.  Clicking a SunRPC link
	will launch the nmap-rpc.pl script with the IP of that host as the query string.
	That script dumps the RPC services from the host, and if NFS is found run a 
	showmount -a and showmount -e. A description of the other extensions and how to build
	your own is included in the README file found in the same directory as this.

 
