Nmap 6:Network exploration and security auditing Cookbook
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

Excluding hosts from your scans

There will be situations where host exclusion is necessary to avoid scanning certain machines. For example, you may lack the authorization, or it may be that the host has already been scanned and you want to save some time. Nmap implements an option to exclude a host or list of hosts to help you in these cases.

This recipe describes how to exclude hosts from your Nmap scans.

How to do it...

Open your terminal and type the following command:

# nmap -sV -O --exclude 192.168.1.102,192.168.1.254 192.168.1.1/24

You should see the scan results of all the available hosts in the private network 192.168.1.1-255, excluding the IPs 192.168.1.254 and 192.168.1.102, as shown in the following example:

# nmap -sV -O --exclude 192.168.1.102,192.168.1.254 192.168.1.1/24 


Nmap scan report for 192.168.1.101 
Host is up (0.019s latency). 
Not shown: 996 closed ports 
PORT STATE SERVICE VERSION 
21/tcp filtered ftp 
53/tcp filtered domain 
554/tcp filtered rtsp 
3306/tcp filtered mysql 
MAC Address: 00:23:76:CD:C5:BE (HTC) 
Too many fingerprints match this host to give specific OS details 
Network Distance: 1 hop 

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . 
Nmap done: 254 IP addresses (1 host up) scanned in 18.19 seconds

How it works...

The arguments -sV -O --exclude 192.168.1.102,192.168.1.254 192.168.1.1/1 tell Nmap to perform a service detection scan (-sV) with an OS fingerprinting (-O) of all the 256 IPs (192.168.1.1/24) in this private network, excluding the machines with the IPs 192.168.102 and 192.168.1.254 (--exclude 192.168.1.102,192.168.1.254), respectively.

There's more...

The argument --exclude also support IP ranges, as shown in the following examples:

# nmap -sV -O --exclude 192.168.1-100 192.168.1.1/24 
# nmap -sV -O --exclude 192.168.1.1,192.168.1.10-20 192.168.1.1/24

Excluding a host list from your scans

Nmap also supports the argument --exclude-file <filename> in order to exclude the targets listed in <filename>:

# nmap -sV -O --exclude-file dontscan.txt 192.168.1.1/24

See also

  • The Hiding our traffic with additional random data recipe
  • The Forcing DNS resolution recipe
  • The Scanning IPv6 addresses recipe
  • The Gathering network information with broadcast scripts recipe
  • The Scanning using specific port ranges recipe in Chapter 1, Nmap Fundamentals
  • The Spoofing the origin IP of a port scan recipe in Chapter 3, Gathering Additional Host Information
  • The Excluding hosts from yours scans recipe
  • The Skipping tests to speed up long scans recipe in Chapter 7, Scanning Large Networks
  • The Adjusting timing parameters recipe in Chapter 7, Scanning Large Networks
  • The Selecting the correct timing template recipe in Chapter 7, Scanning Large Networks
本周热推:
华为Anti-DDoS技术漫谈网络空间安全体系网络安全技术及应用(第3版)数字化转型浪潮下的数据安全最佳实践指南物联网信息安全技术
上一章目录下一章