Adding custom ports to the default scanned nmap ports

[Mika Arasola <nmap-list () arasola fi>]

Hi!

I wrote a script using nmap 5 with a purpose of finding any changes in my
employers firewall configurations / services open to the internet. There is
quite a few networks, and open services include both standard and custom
services.

A lot of the custom services are on ports which are not included in the
nmap-services configuration, and as far as I'm aware I have three way's to
have everything scanned:

1) Specify all the scanned ports by hand with the -p switch
2) Add the ports by hand to the nmap-services file (with custom frequency
values(??))
3) Do two scans per network, one with default ports and the other with the
custom ones

I think both of these way's are pretty bad. The first one contains quite a
risk that I leave out some services assuming it won't be open (as it is
currently not). Some of the networks are not fully operated by our
personnel, and the parties maintaining the firewalls have been known to make
pretty silly mistakes in the past. The second option means quite a lot of
work, and I still did not find any instructions on what the best practice on
setting the frequency would be. The third option would also mean quite a lot
of extra work, I already have two scans a day as is.

I'm pretty surprised there is no option to use something like a
-p+30231-30331 option to add custom ports to what will be scanned by default
(maybe retaining the possibility to use the --top-ports or --port-ratio
options). Am I alone in feeling such a feature would be useful? Any plans to
include such functionality in the future?

Thanks,
Mika
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/