How to find all the IP addresses on a network?
To find all the IP addresses on a network on a Linux host, we recommend using nmap: The Network Mapper. Its primary function is to discover host(s) and then analyse the responses. For any vulnerability analysis, nmap should be one of the first tools used in your analysis. nMap functionality is now available across MacOS & Windows.
nmap features include:
- Operating System detection – nmap is able to detect the operating system on a host and the hardware characteristics of the network devices. It can also provide further information on threats such as reverse DNS (Domain Name Server) names and MAC addresses.
- Port Scanning – nmap can be used to see which ports are open on the targeted host.
- Host discovery – For system administrators, this is the most vital tool available as it identifies hosts on your network, listing all the hosts that respond to TCP and/or ICMP requests. It is also useful to check if a host has a particular port open.
As organisations grow, nmap is a great tool to use in network inventory checks, network mapping, network server maintenance and asset management. It can also be used to find and exploit vulnerabilities in a network.
How to install nmap
sudo apt-get install nmap
How to scan a single IP using nmap
How to scan UDP ports
nmap -sU -p 123,161,162 192.168.1.1
How to ping the network and list every machine that responds to ping
nmap -sP 10.0.0.0/24
How to perform a full TCP port scan (includes service version detection using T4)
nmap -p 1-65535 -sV -sS -T4 target
What if you want to use nmap to scan from a file?
nmap -iL ip-addresses.txt
Avoid firewall detection using nmap decoys
How to scan for DDOS reflection UDP services
nmap –sU –A –PN –n –pU:19,53,123,161 –script=ntp-monlist,dns-recursion,snmp-sysdescr 192.168.1.0/24