Nmap Development mailing list archives
New nmap patch: --ignore option
From: William McVey <wam () cisco com>
Date: Tue, 21 Aug 2001 10:35:48 -0400
I've released a new patch for nmap that adds the --ignore option, which allows you to specify a file containing a list of targets to skip. This is particularly useful in the following situations: 1) Enterprise security or sysadmin personnel can specify a list of hosts with buggy IP stacks that have problems with port scans (printers/mainframes/Windows for Workgroups/etc) without having to break up larger networks into clumsy pieces. 2) Security consultants often use nmap to scan customer's networks from the point of view of a "rogue employee". This patch allows you quickly and easily specify your IP address isn't to be scanned by nmap. It allows you to handle customer requests to not scan "sensitive" hosts. 3) Users of nmap's random target feature can specify blocks of networks which should never get scanned. This is a generic extension of the exclusions nmap has hardcoded into the source code. This allows you to tell nmap not to randomly scan your ISP, the Feds, etc. :-) An added benefit of this patch is that a long running scan (full port scan of a class B?) can be stopped in mid run, the ignore file updated, and when the scan is resumed the new entry will be used. The patch is available at: http://www.networkexploits.com/projects/nmap/index.html -- William --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- New nmap patch: --ignore option William McVey (Aug 21)
- Re: New nmap patch: --ignore option Joy Rider (Aug 28)