Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

First, get the results of the Port Scan (where we attempt to find open ports on the target)

You will need to replace the IP address and date in the example query with a valid target IP address and a date on which the target was scanned.

Code Block
languagesql
themeMidnight
titlePort Scan Results (By IP)
SELECT ch.IPAddress
	   , o.Name as Outcome
	   , p.Name as Protocol 
	   , ch.Port
	   , Message
	   , convert(date,ch.AttemptDate) as DateAttempted
FROM history.t_ConnectionHistory ch
     INNER JOIN config.t_Outcome o ON o.OutcomeID = ch.OutcomeID
	 INNER JOIN config.t_Protocol p ON ch.ProtocolID = p.ProtocolID
WHERE
-- Protocol 14 is called "TCP" and is the port scan
   p.Name = 'TCP'
   AND
-- == Customize These == --
   IPAddress ='192.168.50.71'
   AND
   CONVERT(date,ch.AttemptDate)='YYYY-MM-DD'
ORDER BY Port

...