Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Port Exclusion option?

From: "Dewhirst, Rob" <robdewhirst () gmail com>
Date: Fri, 3 Feb 2012 10:29:31 -0600
This works for me.

On Fri, Feb 3, 2012 at 3:12 AM, Fyodor <fyodor () insecure org> wrote:

On Tue, Jan 31, 2012 at 11:51:59AM -0600, Dewhirst, Rob wrote:

I was waiting for someone else to speak up, but since you asked, yes I
would really like this.

For normal scans the built-in default 1000 ports are fine, but in that
list is a couple ports that generate erroneous results in our
environment.  The byproduct is nmap thinks every IP address has a host
behind it. (it's our environment, not nmap causing this issue)

I would prefer to just exclude one or two ports from the default
rather than specify a range around them.


One option is to copy the nmap-services file to ~/.nmap and set the
popularity value to 0 for the ports you don't want scanned by default.
Nmap (on UNIX) will then give the file priority over the system
installed one.  Or you can specify the custom services file (on any
OS) using the --servicedb flag.

Cheers,
Fyodor

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: