Re: Difficult Nmap Question from IRC

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 13 May 2008 20:14:47 -0700
doug () hcsw org wrote:

> Hey all,
>
> Somebody had a tough question on IRC a few minutes ago. Let's
> say you have a list of 10000 proxy servers (or torrent clients
> or whatever) along with the specific port that proxy is thought
> to be listening on. Is there any way to feed Nmap a list of
> host/port pairs, instead of having Nmap scan each host with the
> same port list? Assume that invoking Nmap separately for each
> target is too inefficient.
>
> Somebody brainstormed having a special -i mode, maybe -iP or
> something that accepts input like this:
>
> 1.2.3.4:1234
> 2.3.4.5:9876
> 3.4.5.6:5555
> etc
>
> Doug

Along those same lines, I've long-wanted a per-host port exclude list so
that I can do a "nmap -p- --exclude-file ..." and exclude certain ports
on certain hosts.

Up till now I've considered the problem beyond the scope of Nmap and
haven't worried about it too much.  It would be nice to see some
engineering time put into coming up with a viable solution though.

I seem to remember either scanrand or Unicornscan accepting a host list
syntax that had a per-host port list.  Can anyone confirm this?

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkgqWhMACgkQqaGPzAsl94KKvwCfVulwfF8fCqgAEO0GUjvOFTvn
RpcAoK5mLK5R4JdNes4O05AceAWAsr9Y
=DzjB
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org