6 hours 31 minutes
Okay, Now I'm gonna show you a really interesting one. That amount has built in, and that is a map
dash. Hi, Capital R
and then a number. What this does is it tells and map too.
Basically, randomly select 10
I p addresses and they're all outside your network perimeter
and then run a scan against him.
I'm not gonna run it because I don't know those I p addresses, And I don't really want to run it against people that I don't know because I think it's
borderline unethical and possibly illegal, so I'm not gonna do it.
so that's that scan. If you did want to run this from your house, I wouldn't recommend doing it from your work or home.
If you want to do a really quiet scan using random I p addresses out there, you could do Ah and map Dash
And then the number of Raina might be addresses that you want. Let's do you want to run against 50? So what the scan does is it's a sin scan, which is really the default
and map runs a TCP syn scan.
The dash P is for the port that you want to scan. So it's only scanning a single port instead of 1000 or 100.
And the dash t two is the timing, and that timing is
And like we said before the dash, I capital R is
a random selection of I P addresses and the 50 is the number of I P addresses you want to scan.
So again, if you want to run that from her house,
I don't think it's gonna do any harm at all.
And But I just suggest that you don't do it from work or school because it might get picked up by your
cos I d s or
if they have a seam or advanced threat management system. And
you just don't want any of those guys talking to you unless that's you. In which case, if it's part of your job description, go ahead.
All right, so now I'm gonna do it in map Dash Ascend.
So that's a scan that we've run before. And this time I'm gonna add
an exclusion, so we'll do. Ah,
exclusion of 1.1.
Actually, I'm gonna modify it just a little bit to make it run faster.
0.0 through. Let's do 40.
Well, exclude I p address one. That one.
All right. So there's only three hosts up out of those 40 that we scanned
here. They are right here.
And it got done in 1.6767 seconds.
And if you notice we did an exclusion on 1.1,
which should be about right here and it's not there. So that's how you do an exclusion and Mt.
Okay, so now what? I want to d'oh
clear the screen
I want Let's say you wanted to do the same thing, but you wanted to exclude multiple
hosts that were in that range.
So this is the way you do it. You do and map.
I'll do it.
Think sweep again.
How good do
we'll do? Uh,
Dash, Dash exclude
and we'll exclude 1 92.1 68 That one. That one.
I know the host name of the server on this network. That will do
well, C B S R. V one,
and we'll do a 1 92.1 68 that one dot to 54
So my main point is, it's the same commanders last time.
if you're gonna put multiple exclusions,
Unlike your target specifications from earlier with the exclusions, you actually have two separated by commas. I don't know why they did that, but that's the way it is.
So when you run it,
I'm not gonna go through this whole list here, but
you'll notice at the end.
The last I p address that is alive or up is 182.1 68. That one, that 1 67 And so we excluded one dot to 54
which would show up right around right around here if it was up
or if you know, if it wasn't excluded, is what I mean.
And so it's not their swords are exclusion list worked.
clear the screen again.
All right. We're in the target's folder here. The one that we created earlier. You can call it whatever you want, Really? But I just do targets just to make it easy.
So what we're gonna do now is I'm gonna show you how to do an exclusion list without having a type each one at the command line. You can actually create a file. Kind of like we did with the target specifications. Target list earlier.
So we'll d'oh! No bad.
Of course this assumes your own Windows 10. Um,
if you're in Lennox or
Ah, UNIX platform or Mac OS, you can do the eye or whatever makes you happy,
so I'll d'oh!
Exclude! List dot T X t
yes, I want to create it.
And so I'll do some exclusions Here. I'll do
Studio shoot at 1 68
magnitude at 1 68 that one dot
10 through 50
182.1 68 1 dot to 54
And just so you know, this is my layer three switch on this network.
servers and other devices, and then everything in between 50 and 2 54
devices on this network to 54 is my firewall.
So there's some inside information there.
Don't use it against me.
Right? So do Ah,
Okay, so now that we've created our exclude lis file,
we'll run a scan against the entire sub net using that exclusion file. So do it. And Mountain
Dash s n.
That will do
in the name of the file that we want to specify where the exclusions are.
I'll scan up and show you.
Okay, so you can see here that
it skipped 1.1 and then it skipped
everything beyond 1.10.
And then it started grabbing everything from one dot
101 and on.
And then it skipped 1.2 54 which we know is alive. So
there you have it. That's pretty much all
of the target specifications. And then mount there are some other options and other things you can play with. But for the most part, that's everything that you're gonna use in your daily life.
All right, Thanks for going through this lab with me. And I'll see you on the next lesson
in this lesson. In the previous one, we did a review of target specifications covered in previous lessons. Then I showed you a bunch of additional options. And finally we did a lab that covered all of them.
Thanks again for walking through this lesson with me and I'll talk to you again on the next one
The network mapper (NMAP) is one of the highest quality and powerful free network utilities in the cybersecurity professional's arsenal.