I would like to partially scan /23 subnets with NMAP. For example, the subnet 192.168.0.0/23 ranges from IP address 192.168.0.1 to 192.168.1.255. I don't want to perform a complete subnet scan, but only a partially scan. For example scanning from IP 192.168.0.30 to 192.168.1.240.
I'm using NMAP version 7.60 on Ubuntu OS.
I can scan the complete subnet with this code
nmap -sn -host-timeout 300 -n 192.168.0.0/23
However, I would like to scan not the complete subnet.
How to scan a specific range, for example from IP 192.168.0.30 to 192.168.1.240? Notice that the 3rd octet is changing since I'm scanning a /23 subnet.
I also tried
nmap -sn -host-timeout 300 -n 192.168.0-1.30-240
but in that version I'm missing some IP addresses.
In NMAP, you can specify multiple IP addresses/ranges separated by a whitespace.
Since your example only includes 192.168.0.* and 192.168.1.* (where * is an arbitrary range), you can simply enumerate them like this:
nmap -sn -host-timeout 300 -n 192.168.0.30-255 192.168.1.0-240