How To Exclude Hosts From Nmap Scan?

Nmap is a very useful tool for network administration and security. It is the most used tool in these areas. But a lot of people use it with very basic means. Here we will look more sophisticated usage of Nmap step by step in this ant further posts.

Target Hosts

Create a text file and add hosts/networks to it and then use this file with Nmap. You can use network blocks like or ranges

Start Scan

We will start the scan with the -iL option by providing the target host file.

$ cat ismailbaydan.txt

$ sudo nmap -iL ismailbaydan.txt

Starting Nmap 6.45 ( ) at 2014-08-01 10:19 EEST
Nmap scan report for openstack (
Host is up (0.000074s latency).
Not shown: 996 closed ports
22/tcp open  ssh
25/tcp open  smtp
49/tcp open  tacacs
80/tcp open  http
MAC Address: 52:54:00:0D:B8:D7 (QEMU Virtual NIC)


Specify Exclude Hosts

Exclude some hosts with the same syntax used above. You can read them from file or specify by option. -v option is used for verbose output. We will use --exclude command by providing the IP address`

$ cat ismailbaydan-exclude.txt

$ sudo nmap -iL ismailbaydan.txt --excludefile ismailbaydan-exclude.txt -v --exclude

Starting Nmap 6.45 ( ) at 2014-08-01 10:23 EEST
Initiating ARP Ping Scan at 10:23
Scanning 127 hosts [1 port/host]
Completed ARP Ping Scan at 10:23, 1.42s elapsed (127 total hosts)
Nmap scan report for [host down]
Nmap scan report for [host down]
Nmap scan report for [host down]
Nmap scan report for [host down]

We can also use hostname but name resolving must be available.

$ sudo nmap

LEARN MORE  How To Generate Ssh Key With ssh-keygen In Linux?

Leave a Comment