Nmap Development mailing list archives
Re: exclude targets
From: David Fifield <david () bamsoftware com>
Date: Tue, 17 Nov 2009 18:40:20 -0700
On Sat, Nov 07, 2009 at 02:34:47PM +0100, Si Stransky wrote:
Are --exclude --excludefile supposed to actually work with random scan -iR x? If not it should be forbidden to call such command (warn user and gracefully exit) I noticed there is a thing when excluding very large netblocks in a random scan: the thing is that if -for example- 300 IPs are requested from command line (-iR 300) and there is an exclusion (--exclude bignetblock) it may happen that the hosts actually scanned are less than 300; the count on randomly generated IPs seems to be made before leaving out excluded hosts. I really don't know if it would make sense to fix it, so that the check would be made after having excluded unwanted hosts, resulting in the exact number of hosts requested from command (if enough IPs are left unexcluded of course).
Yes, --exclude and -iR work together, but you're correct, you may get fewer random hosts than you asked for. The filtering step is done after the addresses are generated (actually this is done in chunks). When I need a list of random IPs I usually need them to be repeatable anyway, so I generate IPs in several rounds until I have enough and store them in a file.
Another handy feature would be having the possibility to include only a range of hosts in the random scan. Something like: nmap -iR n 10.198.250-255.0-255 should scan, from a fixed pool of IPs, n number of hosts always 'randomly different' every time it is called. Combining the two features - including hosts, excluding hosts -and random processing a fixed max number of hosts (or even all, as -iR 0) would make nmap even more versatile but I understand from the code that it would need too many things rewrited as for target parsing, calculating and random generation, so as I am only a casual user I give up. What do you think about patching it?
This has been discussed before. I think it's a good idea. There are two algorithms that would work to implement this at http://seclists.org/nmap-dev/2008/q3/416. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- exclude targets Si Stransky (Nov 07)
- Re: exclude targets David Fifield (Nov 17)
- Re: exclude targets David Fifield (Nov 17)