Nmap – Taking a random sample from a range of IP ranges - Is combining -iR and -iL possible?
-
26-12-2019 - |
Question
I’ve got a long list of IP address ranges. Is there a way to use nmap’s –iR or similar to take a random sample from a range of addresses. For example, something like:
nmap -iL ip_ranges -iR 100000
Performing this scan ignores the “–iL ip_ranges” parameter, and just attempts to scan purely random hosts.
My input list looks like this:
x.x.220.0/23
x.x.222.0/23
x.x.224.0/20
x.x.0.0/16
x.x.0.0/19
…
…
La solution
Nmap doesn't currently have this option. Here are 3 things you can do instead:
Use a command pipeline to do the selection for you:
nmap -n -sL -iL ip_ranges -oG - | awk '/^Host/{print $2}' | shuf -n 100000
Use Nmap's
--exclude-file
option to import a list of off-limits IP ranges, then use-iR
to choose how many of the remaining addresses to generate. This probably requires too much work to invert your chosen IP ranges into "exclude" ranges, but it's an option.Write to dev@nmap.org and ask for this as a new feature.