Nmap Development mailing list archives
RE: Port Exclusion option?
From: Mike Santillana <msantillana () gdssecurity com>
Date: Tue, 31 Jan 2012 12:09:57 -0500
Yeah, I feel that's too much work and it's just for the service scan. Does anyone else feel like this would be a useful addition? Regards, Mike -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Daniel Miller Sent: Tuesday, January 31, 2012 10:15 AM To: nmap-dev () insecure org Subject: Re: Port Exclusion option? On 01/30/2012 06:26 PM, Mike Santillana wrote:
Hello - I was wondering if port exclusion functionality can be introduced into nmap. I tried looking around the web and read the man pages many times,
but
I found no solution using nmap (besides making a tedious script to do it for me) Example usage: Let's say we begin the penetration test doing an initial scan for web services, just to get some results for us to review as well as the sites that they may reveal. After we get our initial results, I generally like
to
start doing a broader scan or perhaps a full scan, depending on the
scope,
while I review manually inspect each site, take notes, etc. I'd like to
be
able to start a broader scan excluding already scanned ports. I'd prefer not to scan 80,443,8080,8081 and any other targeted ports again when I
do a
full port scan. This can save considerable amount of time I feel. Also, what if I do -top-ports 100. I'd like to exclude those top 100 ports
while
I do a full scan. If anyone has any other solution to this, please let me know. Otherwise, I'd like to propose that this functionality be included. Regards _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
The only restriction that I know of is to add an Exclude directive to your nmap-service-probes file, but that won't avoid the port scan, just the version detection phase. Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Port Exclusion option? Mike Santillana (Jan 30)
- Re: Port Exclusion option? Daniel Miller (Jan 31)
- RE: Port Exclusion option? Mike Santillana (Jan 31)
- Re: Port Exclusion option? Dewhirst, Rob (Jan 31)
- Re: Port Exclusion option? Fyodor (Feb 03)
- Re: Port Exclusion option? Dewhirst, Rob (Feb 03)
- RE: Port Exclusion option? Mike Santillana (Feb 03)
- Re: Port Exclusion option? Fyodor (Feb 05)
- RE: Port Exclusion option? Mike Santillana (Jan 31)
- Re: Port Exclusion option? Daniel Miller (Jan 31)