Nmap Development mailing list archives
Exclude list for -iR scan
From: Si Stransky <gmeildeno () gmail com>
Date: Mon, 9 Nov 2009 20:38:30 +0100
As there is part of the exclude target code for "reserved" IP blocks (some class A and privates) for random scan : nmap.cc .. * Returns 1 if this is a reserved IP address, where "reserved" means * either a private address, non-routable address, or even a non-reserved * but unassigned address which has an extremely high probability of being * black-holed. .. static int ip_is_reserved(struct in_addr *ip) .. case 6: /* USA Army ISC */ .. case 55: /* misc. U.S.A. Armed forces */ .. I thought it could be of some interest to those who actually use the random scan facility a list of IP subnets which belong to the Defense branches. These may be not all of the publicly advertised hosts, they could include also non-.mil hosts strictly speaking but most of it should be that kind (and although some host could be of public service many would be black holed or otherwise _reserved_ so it would make sense to *exclude* those). Some actually are in the list of Possible Bogons on CIDR Report [1]... This ensemble of hosts can be excluded in those random scans when used together with --excludefile option, this way ensuring to leave out a large part of pentagon, air forces, navy .. you name it blocks. If there is a real interest and use of it.. could be of course expanded and updated for future use cases, I leave that to who is actually interested *in excluding* those hosts from -iR scans. See attached file or list at http://snurl.com/dodmisc ____ [1] http://www.cidr-report.org/as2.0/#Bogons
Attachment:
excludelist.tb2
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Exclude list for -iR scan Si Stransky (Nov 09)