This week on HakTip Shannon is using NMap to scan certain targets while excluding others.
Today we’re scanning for random targets and learning about excluding IP addresses in NMap.
We’ve already learned how to scan for a single target, or multiples in several different ways. Today we’ll check out scanning random targets with the -iR parameter. This looks like:
nmap -iR 3 (where nmap starts the program, -iR means scan random, and 3 means I want to scan 3 targets.)
Why would you want to do this? There aren’t a lot of reason why you’d do a random scan, unless using it for nefarious reasons or for research.
Now, say I want to exclude a certain IP address from a large scan of my network. We can use the same syntax we used before for scanning multiple targets, and add a bit of extra command at the end, like this:
nmap 10.73.31.0/24 –exclude 10.73.31.184 (The first part we’ve already discussed, and the second is pretty obvious- it excludes that one IP address).
You can also use this same command to exclude a series of IP addresses, like this:
nmap 10.73.31.0/24 –exclude 10.73.31.180-190
Say you want to exclude a big list of specific IP address that you’ve added to a text file. I’m using the same list I made for my last HakTip, list.txt. If I ‘cat list.txt‘ I see a few IP addresses shown here.
For this example, we will use the syntax:
nmap 10.73.31.0/24 –excludefile list.txt
What would you like to see next about NMAP? Send me a comment below or email us at firstname.lastname@example.org.
And be sure to check out our sister show, Hak5 for more great stuff just like this. I’ll be there, reminding you to trust your technolust.