Zenmap can Absolutely provide NetBIOS names (the names you are referring to).
Furthermore, you can tweak the nMap scan to only scan for up IP addresses, and NetBIOS details, which should really significantly reduce the scan duration.
Furthermore, it should, if you are willing to fall back to the terminal, be possible to make it update pretty rapidly, maybe every ~30 seconds.
For example, with the Zenmap command of:
nmap -sU -p 137 --script nbstat.nse 10.1.1.1/24
Note: I use the 10.1.1.1
IP prefix. in your case, this will likely be 192.168.something.something
The /24
is the netmask. In this case, it causes nMap to scan everything from 10.1.1.0
- 10.1.1.255
. To use, you just paste the line above into the "Command" entry box in Zenmap
Here is a scan of my LAN:
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-27 05:59 Pacific Standard Time
Nmap scan report for 10.1.1.1
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp open|filtered netbios-ns
MAC Address: -snip- (Super Micro Computer)
Nmap scan report for 10.1.1.2
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp closed netbios-ns
MAC Address: -snip- (Super Micro Computer)
Skipping UDP Scan against 10.1.1.4 because Windows does not support scanning your own machine (localhost) this way.
Nmap scan report for 10.1.1.4
Host is up.
PORT STATE SERVICE
137/udp unknown netbios-ns
Nmap scan report for 10.1.1.10
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp open netbios-ns
MAC Address: -snip- (Thecus Technology)
Host script results:
| nbstat:
| NetBIOS name: IED, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
| Names
| IED<00> Flags: <unique><active>
| IED<03> Flags: <unique><active>
| IED<20> Flags: <unique><active>
| \x01\x02__MSBROWSE__\x02<01> Flags: <group><active>
| MYGROUP<1d> Flags: <unique><active>
| MYGROUP<1e> Flags: <group><active>
|_ MYGROUP<00> Flags: <group><active>
Nmap scan report for 10.1.1.15
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp closed netbios-ns
MAC Address: -snip- (Pegatron)
Nmap scan report for 10.1.1.18
Host is up (0.00062s latency).
PORT STATE SERVICE
137/udp filtered netbios-ns
MAC Address: -snip- (Microsoft)
Nmap scan report for 10.1.1.19
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp open netbios-ns
MAC Address: 8C:89:A5:5B:4A:5F (Unknown)
Host script results:
| nbstat:
| NetBIOS name: DERPLE, NetBIOS user: <unknown>, NetBIOS MAC: -snip- (unknown)
| Names
| DERPLE<00> Flags: <unique><active>
| WORKGROUP<00> Flags: <group><active>
|_ DERPLE<20> Flags: <unique><active>
Nmap scan report for 10.1.1.31
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp open netbios-ns
MAC Address: -snip- (Apple)
Host script results:
| nbstat:
| NetBIOS name: ICRAP, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
| Names
| ICRAP<03> Flags: <unique><active>
| ICRAP<20> Flags: <unique><active>
| ICRAP<00> Flags: <unique><active>
| \x01\x02__MSBROWSE__\x02<01> Flags: <group><active>
| WORKGROUP<1d> Flags: <unique><active>
| WORKGROUP<1e> Flags: <group><active>
|_ WORKGROUP<00> Flags: <group><active>
Nmap scan report for 10.1.1.40
Host is up (0.00s latency).
PORT STATE SERVICE
137/udp open netbios-ns
MAC Address: -snip- (Unknown)
Host script results:
| nbstat:
| NetBIOS name: GOD-BLOR, NetBIOS user: <unknown>, NetBIOS MAC: -snip- (unknown)
| Names
| GOD-BLOR<00> Flags: <unique><active><permanent>
| WORKGROUP<00> Flags: <group><active><permanent>
|_ GOD-BLOR<20> Flags: <unique><active><permanent>
Nmap scan report for 10.1.1.55
Host is up (0.0030s latency).
PORT STATE SERVICE
137/udp open netbios-ns
MAC Address: -snip- (Brother Industries)
Host script results:
| nbstat:
| NetBIOS name: BRN001BA9391452, NetBIOS user: <unknown>, NetBIOS MAC: -snip- (Brother Industries)
| Names
| BRN001BA9391452<00> Flags: <unique><active>
|_ BRN001BA9391452<20> Flags: <unique><active>
Nmap done: 256 IP addresses (10 hosts up) scanned in 9.40 seconds
As you can see, it has resolved the information for all computers on my LAN that are reporting NetBIOS information. It also did all the above in ~9.4 seconds.
I did this on my windows computer because my mac (Apparently appropriately named iCrap, as you can see in the scan results) is freaking out at the moment, and I cannot restart it because I have some big file transfers in process. Nmap is platform agnostic, so the platform on which you do this scan should not matter. I did test this on the mac from the command line only, and it worked fine there too (well, it did trip the flood protection on my managed switch, but that's another issue).
I've edited the MAC address out from the scan.
I can add more information on how to set this up to scan continuously from the command line, if you would like.
You can see more information on the nbstat.nse
script that I am using to query NetBIOS information here.
The nmap brief man page is also very useful, for understanding what is going on.
Edit: Better Option
I found AppFresh, which seems to do exactly what you're looking for, using a bunch of different sources, including Apple Update, Sparkle (which a lot of 3rd party apps use to push updates), Microsoft Updates and more. It also has the option of installing the updates right from the app.
Original Answer
MacUpdate offers RSS feeds of updates to all the software it tracks. You could use that, with something to filter for items matching software you have installed (Yahoo Pipes) might be useful for that) to give you a list of updates to any of your apps.
It's probably not a comprehensive solution depending on the obscurity of some of your apps, but it's probably the closest you'll get to a single source.
The other alternative might be creating a script that periodically checks provided URLs for all your software for any changes, then notifies you in some way.
Best Answer
Rather than fight your security team or do their job I suggest you turn on your firewall and block all traffic, and ask them to rescan. That should fix their bad detection problem. Unless you’re running docker or another actual Linux VM, their fingerprint detection is incorrect or the scan isn’t of your machine. I would even offer to connect to their network with VPN so they can be sure they are scanning your hardware directly and not some NAT device or router between you and them.
Also, don’t blame security too hard - this security theater happens in most organizations. They likely didn’t even bother to check your network address and could be blaming you for the last person to be assigned that DHCP address on your network. They are likely as under funded, over worked as you are. However, security is something you’d hate to not do your part so engage them to be sure they are correctly mitigating the threats they received - if it’s not you, they need to focus their efforts eleswhere as something they scanned needs patching.
Also, if they continue to pester you, figure out how much you value your time and buy this firewall so you can confirm they are scanning your device.
I think just running little snitch is one of the most effective deterrents in a corporate setting as much malware checks for it. They won’t even install or run since they don’t want to get caught by the snitch.