Nmap is a very useful tool for network administration and security. It is the most used tool in these areas. But a lot of people use it with very basic means. Here we will look more sophisticated usage of Nmap step by step in this ant further posts.
Create a text file and add hosts/networks to it and then use this file with Nmap. You can use network blocks like 192.168.122.0/24 or ranges 192.168.122.10-20.
We will start the scan with the
-iL option by providing the target host file.
$ cat ismailbaydan.txt 192.168.122.0/24 192.168.43.0/24 126.96.36.199 192.168.122.10-20 $ sudo nmap -iL ismailbaydan.txt Starting Nmap 6.45 ( http://nmap.org ) at 2014-08-01 10:19 EEST Nmap scan report for openstack (192.168.122.146) Host is up (0.000074s latency). Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 49/tcp open tacacs 80/tcp open http MAC Address: 52:54:00:0D:B8:D7 (QEMU Virtual NIC) ...
Specify Exclude Hosts
Exclude some hosts with the same syntax used above. You can read them from file or specify by option. -v option is used for verbose output. We will use
--exclude command by providing the IP address 192.168.122.254`
$ cat ismailbaydan-exclude.txt 192.168.122.0-128 $ sudo nmap -iL ismailbaydan.txt --excludefile ismailbaydan-exclude.txt -v --exclude 192.168.122.254 Starting Nmap 6.45 ( http://nmap.org ) at 2014-08-01 10:23 EEST Initiating ARP Ping Scan at 10:23 Scanning 127 hosts [1 port/host] Completed ARP Ping Scan at 10:23, 1.42s elapsed (127 total hosts) Nmap scan report for 192.168.122.129 [host down] Nmap scan report for 192.168.122.130 [host down] Nmap scan report for 192.168.122.131 [host down] Nmap scan report for 192.168.122.132 [host down]
We can also use hostname but name resolving must be available.
$ sudo nmap ismailbaydan.com