-iL inputfilename (Input from list) .
Reads target specifications from inputfilename. Passing a huge list of hosts is often awkward on the
command line, yet it is a common desire. For example, your DHCP server might export a list of 10,000
current leases that you wish to scan. Or maybe you want to scan all IP addresses except for those to
locate hosts using unauthorized static IP addresses. Simply generate the list of hosts to scan and
pass that filename to Nmap as an argument to the -iL option. Entries can be in any of the formats
accepted by Nmap on the command line (IP address, hostname, CIDR, IPv6, or octet ranges). Each entry
must be separated by one or more spaces, tabs, or newlines. You can specify a hyphen (-) as the
filename if you want Nmap to read hosts from standard input rather than an actual file.
The input file may contain comments that start with # and extend to the end of the line.
|
-sL (List Scan) .
The list scan is a degenerate form of host discovery that simply lists each host of the network(s)
specified, without sending any packets to the target hosts. By default, Nmap still does reverse-DNS
resolution on the hosts to learn their names. It is often surprising how much useful information
simple hostnames give out. For example, fw.chi is the name of one company´s Chicago firewall. Nmap
also reports the total number of IP addresses at the end. The list scan is a good sanity check to
ensure that you have proper IP addresses for your targets. If the hosts sport domain names you do not
recognize, it is worth investigating further to prevent scanning the wrong company´s network.
Since the idea is to simply print a list of target hosts, options for higher level functionality such
as port scanning, OS detection, or ping scanning cannot be combined with this. If you wish to disable
ping scanning while still performing such higher level functionality, read up on the -PN (skip ping)
option.
|