New nmap patch: --ignore option

[William McVey <wam () cisco com>]

I've released a new patch for nmap that adds the --ignore option, which
allows you to specify a file containing a list of targets
to skip.  This is particularly useful in the following situations:

        1) Enterprise security or sysadmin personnel can specify a list
           of hosts with buggy IP stacks that have problems with port
           scans (printers/mainframes/Windows for Workgroups/etc) without
           having to break up larger networks into clumsy pieces.

        2) Security consultants often use nmap to scan customer's
           networks from the point of view of a "rogue employee".
           This patch allows you quickly and easily specify your IP
           address isn't to be scanned by nmap. It allows you to handle
           customer requests to not scan "sensitive" hosts.

        3) Users of nmap's random target feature can specify blocks
           of networks which should never get scanned.  This is a
           generic extension of the exclusions nmap has hardcoded into
           the source code.  This allows you to tell nmap not to randomly
           scan your ISP, the Feds, etc.  :-)

An added benefit of this patch is that a long running scan (full port scan of 
a class B?) can be stopped in mid run, the ignore file updated, and when the
scan is resumed the new entry will be used.

The patch is available at:
        http://www.networkexploits.com/projects/nmap/index.html

  -- William

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).