jolenzy's blog

Here is something usefull about Nmap...

Using the -iL command is easy way to specify host addresses in a file. For ports, the fast scan option, with a -F, provides a similar function.
Since port numbers will need to be scanned often and usually don’t change, the fast scan looks to the nmap-services file to get its list of ports to scan.
But, you need to know that the default nmap-services file contains over 2000 UDP and TCP port numbers! Yes, a lot! But, if you change this file, you can create a customized scan that will only identify the ports you specify.

Very good idea is to keep many different files handy for different situations. For example, you may want to keep a customized file that has a list of the port numbers that you’d never want to see open on your network.
Or list of some famous trojan/spyware/malware ports, or whatever else...

When you decide which of your files you will use, simply rename your file to nmap-services, use the fast scan option, and you’ll instantly have a customized Nmap scan that can hunt down the ones you want.
When you’re done with scaning, you can restore the original Nmap-services file and you’re back to normal.
So simple, and so usefull!

The nmap-services support file is found in the default nmap directory.

I've created my own nmap-services file in my home directory, and to start your hunting scan, do:

[jolenzy@bt3 ~]# nmap -F 192.168.0.1/24 --datadir .

Nmap fast scan use the --datadir option that points to our current directory in example above. This means that Nmap will look in the local directory for all of it's support files, including our customized nmap-services file.

This certainly makes the scan go much faster because we've cut down the total number of ports scanned per device. The --datadir parameter and a customized nmap-services support file makes all the difference!