fping -agq 10.211.11.0/24 > hosts.txt
-e (enable interpretation of backslash escapes)
nmap -p 88,135,139,389,445 -sV -sC -iL hosts.txt
-sV This enables version detection. Nmap will try to determine the version of the services running on the open ports.
-sC Runs Nmap Scripting Engine (NSE) scripts in the default category.
-iL This tells Nmap to read the list of target hosts from the file hosts.txt. Each line in this file should contain a single IP address or hostname.
nmap -sS -p- -T3 -iL hosts.txt -oN full_port_scan.txt
-sS TCP SYN scan, which is stealthier than a full connect scan
-p- Scans all 65,535 TCP ports.
-T3 Sets the timing template to "normal" to balance speed and stealth.
-iL hosts.txt Input the list of live hosts from the previous nmap command.
-oN full_port_scan.txt Outputs the results to a file.