Nmap Development mailing list archives

RE: Port Exclusion option?

From: Mike Santillana <msantillana () gdssecurity com>
Date: Tue, 31 Jan 2012 12:09:57 -0500

Yeah, I feel that's too much work and it's just for the service scan. Does
anyone else feel like this would be a useful addition?

Regards,

Mike

-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org]
On Behalf Of Daniel Miller
Sent: Tuesday, January 31, 2012 10:15 AM
To: nmap-dev () insecure org
Subject: Re: Port Exclusion option?

On 01/30/2012 06:26 PM, Mike Santillana wrote:

Hello -



I was wondering if port exclusion functionality can be introduced into
nmap. I tried looking around the web and read the man pages many times,

but

I found no solution using nmap (besides making a tedious script to do it
for me)



Example usage:



Let's say we begin the penetration test doing an initial scan for web
services, just to get some results for us to review as well as the sites
that they may reveal. After we get our initial results, I generally like

to

start doing a broader scan or perhaps a full scan, depending on the

scope,

while I review manually inspect each site, take notes, etc. I'd like to

be

able to start a broader scan excluding already scanned ports. I'd prefer
not to scan 80,443,8080,8081 and any other targeted ports again when I

do a

full port scan. This can save considerable amount of time I feel. Also,
what if I do -top-ports 100. I'd like to exclude those top 100 ports

while

I do a full scan.



If anyone has any other solution to this, please let me know. Otherwise,
I'd like to propose that this functionality be included.



Regards
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

The only restriction that I know of is to add an Exclude directive to
your nmap-service-probes file, but that won't avoid the port scan, just
the version detection phase.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Port Exclusion option? Mike Santillana (Jan 30)
- Re: Port Exclusion option? Daniel Miller (Jan 31)
  - RE: Port Exclusion option? Mike Santillana (Jan 31)
    - Re: Port Exclusion option? Dewhirst, Rob (Jan 31)
    - Re: Port Exclusion option? Fyodor (Feb 03)
    - Re: Port Exclusion option? Dewhirst, Rob (Feb 03)
    - RE: Port Exclusion option? Mike Santillana (Feb 03)
    - Re: Port Exclusion option? Fyodor (Feb 05)
- Re: Port Exclusion option? Christian Heinrich (Feb 13)