Re: Port Exclusion option?

[Daniel Miller <bonsaiviking () gmail com>]

On 01/30/2012 06:26 PM, Mike Santillana wrote:
> Hello –
>
>
>
> I was wondering if port exclusion functionality can be introduced into
> nmap. I tried looking around the web and read the man pages many times, but
> I found no solution using nmap (besides making a tedious script to do it
> for me)
>
>
>
> Example usage:
>
>
>
> Let’s say we begin the penetration test doing an initial scan for web
> services, just to get some results for us to review as well as the sites
> that they may reveal. After we get our initial results, I generally like to
> start doing a broader scan or perhaps a full scan, depending on the scope,
> while I review manually inspect each site, take notes, etc. I’d like to be
> able to start a broader scan excluding already scanned ports. I’d prefer
> not to scan 80,443,8080,8081 and any other targeted ports again when I do a
> full port scan. This can save considerable amount of time I feel. Also,
> what if I do –top-ports 100. I’d like to exclude those top 100 ports while
> I do a full scan.
>
>
>
> If anyone has any other solution to this, please let me know. Otherwise,
> I’d like to propose that this functionality be included.
>
>
>
> Regards
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
The only restriction that I know of is to add an Exclude directive to 
your nmap-service-probes file, but that won't avoid the port scan, just 
the version detection phase.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/