Nmap Development mailing list archives
Re: Port Exclusion option?
From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 18 Apr 2012 11:24:01 -0500
On 02/05/2012 09:06 PM, Fyodor wrote:
Sorry for the late followup, but I got thinking about this and came up with a perl script to reverse a port spec (minus the T: and U: specifiers, but that's out of scope). So combining this with the behavior of --top-ports, which selects the top N ports *from the list of ports given or the default* and scans them, you can replicate the exact behavior of port exclusion. For instance:On Fri, Feb 03, 2012 at 11:53:04AM -0500, Mike Santillana wrote:If I manually put in ports (like for a full port scan), for example -p0- will the ~/.nmap file prevent port, let's say 80 and 443, from being scanned?No, it won't cause that problem. A portlist provided on the command line takes precedence over Nmap's default top-1000-ports-in-nmap-services behavior. Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
nmap $(./notports.pl 80,443,6000-6010) $TARGET Substituting the output of the script, this is the command that is run: nmap -p0-79,81-442,444-5999,6011- --top-ports 987 $TARGETThe 987 comes from 1000 ports (default) minus 13 excluded ports. Script is attached.
Dan
Attachment:
notports.pl
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Port Exclusion option? Daniel Miller (Apr 18)