Eggstoi Posted January 15, 2021 Share Posted January 15, 2021 Hey there, I am looking for all IPs with one special open port, for example 8001. So i use nmap like that to get them: nmap -Pn -p 8001 -iL ip-ranges.txt -T3 --open But this scan is doing so many things, which I maybe don't need: Parallel DNS resolution of 4096 hosts. Timing: About 26.49% done; ETC: 07:51 Can somebody give me maybe some command parameters which make this scan faster? Quote Link to comment Share on other sites More sharing options...
Jerry33 Posted January 16, 2021 Share Posted January 16, 2021 nmap -F -p 8001 -iL ip-add.txt -T4 -sV Try this out Quote Link to comment Share on other sites More sharing options...
chrizree Posted January 16, 2021 Share Posted January 16, 2021 This won't give you all possible hosts, just the ones answering to ping, -Pn is needed imo, otherwise you miss some hosts that are out there, but do not tell they are because they are configured in that way. -sV... won't that just add to the time needed to scan? is it important to determine service/version info of the port? I would rather do that in a "second stage" if important and most likely on specific hosts -F is that really relevant when the port is specified? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.