How To Exclude Hosts From Nmap Scan?
Hi. Nmap is very usefull tool for network administration and security. It is most used tool in these areas. But a lot of people use it with very basic means. Here we will look more sophisticated usage of nmap step by step in this ant further posts.
Create a text file and add hosts/networks to it and then use this file with nmap. You can use network blocks like 192.168.122.0/24 or ranges 192.168.122.10-20.
1234567891011121314151617181920 $ cat ismailbaydan.txt192.168.122.0/24192.168.43.0/248.8.8.81126.96.36.199-20$ sudo nmap -iL ismailbaydan.txtStarting Nmap 6.45 ( http://nmap.org ) at 2014-08-01 10:19 EESTNmap scan report for openstack (192.168.122.146)Host is up (0.000074s latency).Not shown: 996 closed portsPORT STATE SERVICE22/tcp open ssh25/tcp open smtp49/tcp open tacacs80/tcp open httpMAC Address: 52:54:00:0D:B8:D7 (QEMU Virtual NIC)...
Exclude some hosts with the same syntax used above.You can read them from file or specify by option. -v option is used for verbose output
123456789101112 $ cat ismailbaydan-exclude.txt192.168.122.0-128$ sudo nmap -iL ismailbaydan.txt --excludefile ismailbaydan-exclude.txt -v --exclude 192.168.122.254Starting Nmap 6.45 ( http://nmap.org ) at 2014-08-01 10:23 EESTInitiating ARP Ping Scan at 10:23Scanning 127 hosts [1 port/host]Completed ARP Ping Scan at 10:23, 1.42s elapsed (127 total hosts)Nmap scan report for 192.168.122.129 [host down]Nmap scan report for 192.168.122.130 [host down]Nmap scan report for 192.168.122.131 [host down]Nmap scan report for 192.168.122.132 [host down]
You can also use hostname but name resolving must be available.
$ sudo nmap ismailbaydan.com