Details

This week on HakTip Shannon is using NMap to scan certain targets while excluding others.

Download HD  |   Download MP4

 

Today we’re scanning for random targets and learning about excluding IP addresses in NMap.

We’ve already learned how to scan for a single target, or multiples in several different ways. Today we’ll check out scanning random targets with the -iR parameter. This looks like:
nmap -iR 3
(where nmap starts the program, -iR means scan random, and 3 means I want to scan 3 targets.)

Why would you want to do this? There aren’t a lot of reason why you’d do a random scan, unless using it for nefarious reasons or for research.

Now, say I want to exclude a certain IP address from a large scan of my network. We can use the same syntax we used before for scanning multiple targets, and add a bit of extra command at the end, like this:

nmap 10.73.31.0/24 –exclude 10.73.31.184 (The first part we’ve already discussed, and the second is pretty obvious- it excludes that one IP address).

You can also use this same command to exclude a series of IP addresses, like this:

nmap 10.73.31.0/24 –exclude 10.73.31.180-190

Say you want to exclude a big list of specific IP address that you’ve added to a text file. I’m using the same list I made for my last HakTip, list.txt. If I ‘cat list.txt‘ I see a few IP addresses shown here.

For this example, we will use the syntax:

nmap 10.73.31.0/24 –excludefile list.txt

What would you like to see next about NMAP? Send me a comment below or email us at tips@hak5.org.

And be sure to check out our sister show, Hak5 for more great stuff just like this. I’ll be there, reminding you to trust your technolust.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

1 Comment