...
First, get the results of the Port Scan (where we attempt to find open ports on the target)
You will need to replace the IP address and date in the example query with a valid target IP address and a date on which the target was scanned.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
SELECT ch.IPAddress , o.Name as Outcome , p.Name as Protocol , ch.Port , Message , convert(date,ch.AttemptDate) as DateAttempted FROM history.t_ConnectionHistory ch INNER JOIN config.t_Outcome o ON o.OutcomeID = ch.OutcomeID INNER JOIN config.t_Protocol p ON ch.ProtocolID = p.ProtocolID WHERE -- Protocol 14 is called "TCP" and is the port scan p.Name = 'TCP' AND -- == Customize These == -- IPAddress ='192.168.50.71' AND CONVERT(date,ch.AttemptDate)='YYYY-MM-DD' ORDER BY Port |
...