NMAP – How to Automate NMAP scans on Windows 7 – The Visual Guide
Here we automate NMAP scans to only scan production servers IP’s rather than an entire network.
Step 1 – Use Notepad to create a list of IP’s to scan
Notepad+ was used, enter in the IP’s to scan. Avoid the use of hostnames – use IP’s.
Create a directory called nmap. c:\nmap.
Create a file called scan_me.txt (use notepad or notepad+). c:\nmap\scan_me.txt
Step 2 – Use Zenmap the Gui for NMAP
Enter the path to the scan_me.txt.
nmap -sP -iL c:\nmap\scan_me.txt
Remember the -sP is the Ping Scan to generate an inventory of active stations on the network. On the local subnet it uses ARP. On remote subnet it uses ICMP echo and TCP ACK to port 80 (to double the chances of success).
Just remember that -sP is an inventory that uses 2 formats – ARP on the local subnet, and ICMP echo + TCP ACK to port 80 on remote subnets.
Step 3 – Scan Results
Note that only the IP’s within the scanme.txt file were scanned. This is how you automate scanning.
You can now carry out targeted or focused NMAP scans.
In the results above, we hit a printer. Often printers react badly to scan, so we may chose to exclude the IP.
nmap -sP -iL c:\nmap\scan_me.txt –exclude 192.168.1.64
Notice how even where the scan_me.txt included the IP 192.168.1.64, the –exclude option takes precedence and the scan never runs the excluded IP.
To Create an EXCLUDE FILE
Create a no_scan file.
nmap -sP -iL c:\nmap\scan_me.txt –excludefile c:\nmap\no_scan.txt
–exclude = IP’s
–excludefile = IP’s in a text file – which is easier to automate.
nmap -sU -iL c:\nmap\scan_me.txt
Professor Messer Guide to NMAP
Download NMAP with Windows Installer (Zenmap)
Nmap Commands – Cyberciti
NMAP SCANNING Book – Written by the developer of NMAP **AMAZING STUFF