Re: [RFC] --exclude-ports option for Nmap

[Jacek Wielemborek <d33tah () gmail com>]

03/06/2014 15:42:11 Jay Bosamiya <jaybosamiya () gmail com>:
> Hi All!
>
> The --exclude-ports option would be a major boon to many Nmap
> users and it has been in demand for quite a while now.
> However, there are some things that need to be thought about
> before we add it in.
>
> 1. How does it interact with -p? More specifically, what does
> "-p 80 --exclude-ports 80" do (since user specifically
> included it as well as excluded it)?
>       I think that we should follow a "exclude has higher priority
> than include" ideology and NOT scan 80 in this case. However,
> we could show a warning to a user if he has included a port
> individually and then excluded it (i.e. not using ranges). The
> warning thing could be added later on, as a follow up.

IMHO the first case should be an error as there are no ports to 
scan. I would personally find it perfect if it defaulted to 
signalling an error instead of guessing. I was thinking of 
suggesting that it should panic anytime the -p and --exclude 
lists overlap, but that would make "-p- --exclude smtp" 
impossible, so it's probably not a good idea.

Also, I believe that the warning message is critical to this 
feature.

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/