How To Exclude Hosts From Nmap Scan?
Nmap is a very useful tool for network administration and security. It is the most used tool in these areas. But a lot of people use it with very basic means. Here we will look more sophisticated usage of Nmap step by step in this ant further posts.
Create a text file and add hosts/networks to it and then use this file with Nmap. You can use network blocks like 192.168.122.0/24 or ranges 192.168.122.10-20.
We will start the scan with the
-iL option by providing the target host file.
$ cat ismailbaydan.txt
$ sudo nmap -iL ismailbaydan.txt
Starting Nmap 6.45 ( http://nmap.org ) at 2014-08-01 10:19 EEST
Nmap scan report for openstack (192.168.122.146)
Host is up (0.000074s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp open smtp
49/tcp open tacacs
80/tcp open http
MAC Address: 52:54:00:0D:B8:D7 (QEMU Virtual NIC)
Specify Exclude Hosts
Exclude some hosts with the same syntax used above. You can read them from file or specify by option. -v option is used for verbose output. We will use
--exclude command by providing the IP address 192.168.122.254`
$ cat ismailbaydan-exclude.txt
$ sudo nmap -iL ismailbaydan.txt --excludefile ismailbaydan-exclude.txt -v --exclude 192.168.122.254
Starting Nmap 6.45 ( http://nmap.org ) at 2014-08-01 10:23 EEST
Initiating ARP Ping Scan at 10:23
Scanning 127 hosts [1 port/host]
Completed ARP Ping Scan at 10:23, 1.42s elapsed (127 total hosts)
Nmap scan report for 192.168.122.129 [host down]
Nmap scan report for 192.168.122.130 [host down]
Nmap scan report for 192.168.122.131 [host down]
Nmap scan report for 192.168.122.132 [host down]
We can also use hostname but name resolving must be available.
$ sudo nmap ismailbaydan.com