Test if an IP is being used in an internal network without using nmap

linux networking security bash nmap

10,480

Solution 1

You can use ping:

ping 192.168.1.9

Most of the machines will reply, but some wont. If it's in the same local network, you can check the arp (after a no-reply):

arp -n |  grep 192.168.1.9

(-n shows numeric IP addresses - does not try to resolve hostnames)

Solution 2

I assume there is some reason why ping 192.168.1.9 is unacceptable? If you're looking for a device that might be firewalled, but is on the local broadcst network, ping 192.168.1.9 followed by arp -a -n|grep 192.168.1.9 can be a more reliable way of finding an otherwise-silent host.

10,480

Ryan

Updated on September 18, 2022

Comments

Ryan over 1 year
I can perform port scan using nmap to test if a given IP is being used, e.g.
```
nmap -PR 192.168.1.9
```
However, nmap is not installed in most server, is it possible to have the same result (e.g. check if the particular IP is being used) without installing nmap?
Freiheit over 11 years

Possibly a stupid question, but would arp be installed when nmap isn't?
amyassin over 11 years

I think arp is by default found on almost all devices that are able to communicate in a switched network. i.e. you'll find it already installed on most devices AFAIK..
joeqwerty over 11 years

@amyassin, technically your comment isn't correct. ARP is a component of the TCP/IP protocol suite. It's not a function of the type of network the host is connected to. Any host that uses the TCP/IP suite will use ARP and presumably has a tool for testing ARP. I could run my hosts on IPX/SPX in my switched network, they would all communicate just fine, and ARP would never be seen as it's not a component of IPX/SPX.
amyassin over 11 years

@joeqwerty You are right, by switched network I meant TCP/IP and that was wrong. Sometimes I forget that there are other than TCP/IP :)
joeqwerty over 11 years

No worries. I just wanted to add some clarification.