Have you ever wanted to know what devices were on your network, but didn’t want to launch an overly complicated piece of software? When you need that information, and you need it quickly, why not turn to the command line? With the help of Nmap, you can quickly see what hosts are available and what IP addresses are attached to said hosts. With this tool, you can get that information in a few quick seconds.
Let’s find out how this is done. I’ll demonstrate on Ubuntu Desktop 18.10, but Nmap can be used on any Linux distribution (with or without a GUI) or on either Windows or macOS. No matter the platform used, the command will be the same.
SEE: Hiring kit: Network administrator (Tech Pro Research)
The first thing to do is install Nmap. On a Debian-based Linux distribution, this is done with the following steps:
- Open a terminal window.
- Issue the command sudo apt-get install nmap -y.
- Allow the installation to complete.
If you use a Red Hat-based Linux distribution, the installation command is:
sudo yum install nmap -y
You’re ready to map.
The command to discover hosts on your network is easy. Go back to your open terminal and type:
nmap -sn 192.168.1.0/24
Make sure to modify the IP address/netmask to match your network topography.
This command runs a simple ping sweep, which doesn’t include a port scan after host discovery (as that takes considerably more time). The scan will report hostnames and IP addresses of all hosts on the network (that respond to ICMP echo requests) and will detect both wired and wireless hosts (so long as they are on the network scanned).
You can also narrow your IP address range. For example, if you’re only looking for what’s available on 192.168.1.100 through 192.168.1.200, you can issue the same scan like so:
nmap -sn 192.168.1.100-200
You can also define your hosts in a file. This makes it easy to create a list of hosts (or multiple lists of hosts), which can be quickly checked. To do this, create a new file and enter specific hosts (or ranges of hosts), separated by spaces, tabs, or newlines. Save that file (name it whatever you like) and have Nmap refer to it with the command:
nmap -iL FILENAME -sn
where FILENAME is the name of the host list file.
If you want to view the output of the Nmap command at a later time (or send it to someone), you run the command like so:
nmap -sn 192.168.1.0/24 > nmap_results
The output of the command can then be viewed with the command less Nmap_results (Figure A).
To find out more about using Nmap, start with the manual page by issuing the command man Nmap. You’ll find plenty of options available for the command. For locating what hosts are up on your network (and their associated IP address), you cannot beat this quick command.