Security Basics mailing list archives
Re: Nmap discovery - specifying port ranges?
From: Pranay Kanwar <warl0ck () metaeye org>
Date: Thu, 20 Sep 2007 02:59:25 +0530
Hi, It seems nmap does not accept more than 10 comma sparated ports while specifying the port range in -PS, else one could have the following in his .bashrc or .bash_profile prange() { test -z $1 && return echo $1 | awk 'BEGIN { FS = "-"} { start = $1 stop = $2 while ( start < stop ) { printf("%d,",start) ++start } printf("%d",stop) }' } But nmap refuses to work on large ranges # nmap -sP -PS`prange 1-1024` x.x.x.x/y Bogus argument to -PS: Buffer would overflow -- too many numbers in provided list QUITTING! Doing with only 10 # nmap -sP -PS`prange 1024-1033` x.x.x.x/y Starting Nmap 4.20 ( http://insecure.org ) at 2007-09-20 02:52 IST Host somehost (x.y.z.s) appears to be up. Nmap finished: 24 IP address (1 host up) scanned in 0.104 seconds spencerforhire wrote:
I've found Nmap ping sweeps (TCP SYN) very useful to discover machines that are up, but specifying port ranges doesn't seem to work. When I try "-PS1-1024" I get: "Bogus character in supposed number-list string. Example of proper form: "20,80,65532"" Does anyone know if there is a way to specify port ranges w/ the ping option? Also, anyone know what the status of the "top ports" project (http://seclists.org/nmap-dev/2006/q3/0138.html) is? Thanks!
-- [ Twice the pride, double the fall. ] [ warl0ck // MSG ] [ http://www.metaeye.org ]
Current thread:
- Nmap discovery - specifying port ranges? spencerforhire (Sep 18)
- Re: Nmap discovery - specifying port ranges? Ventsislav Genchev (Sep 19)
- RE: Nmap discovery - specifying port ranges? Strykar (Sep 19)
- RE: Nmap discovery - specifying port ranges? peter.schaub (Sep 19)
- Re: Nmap discovery - specifying port ranges? Pranay Kanwar (Sep 19)