Test if an IP is being used in an internal network without using nmap
10,480
Solution 1
You can use ping:
ping 192.168.1.9
Most of the machines will reply, but some wont. If it's in the same local network, you can check the arp (after a no-reply):
arp -n | grep 192.168.1.9
(-n shows numeric IP addresses - does not try to resolve hostnames)
Solution 2
I assume there is some reason why ping 192.168.1.9
is unacceptable? If you're looking for a device that might be firewalled, but is on the local broadcst network, ping 192.168.1.9
followed by arp -a -n|grep 192.168.1.9
can be a more reliable way of finding an otherwise-silent host.
Related videos on Youtube
Author by
Ryan
Updated on September 18, 2022Comments
-
Ryan over 1 year
I can perform port scan using
nmap
to test if a given IP is being used, e.g.nmap -PR 192.168.1.9
However, nmap is not installed in most server, is it possible to have the same result (e.g. check if the particular IP is being used) without installing
nmap
? -
Freiheit over 11 yearsPossibly a stupid question, but would
arp
be installed whennmap
isn't? -
amyassin over 11 yearsI think arp is by default found on almost all devices that are able to communicate in a switched network. i.e. you'll find it already installed on most devices AFAIK..
-
joeqwerty over 11 years@amyassin, technically your comment isn't correct. ARP is a component of the TCP/IP protocol suite. It's not a function of the type of network the host is connected to. Any host that uses the TCP/IP suite will use ARP and presumably has a tool for testing ARP. I could run my hosts on IPX/SPX in my switched network, they would all communicate just fine, and ARP would never be seen as it's not a component of IPX/SPX.
-
amyassin over 11 years@joeqwerty You are right, by switched network I meant TCP/IP and that was wrong. Sometimes I forget that there are other than TCP/IP :)
-
joeqwerty over 11 yearsNo worries. I just wanted to add some clarification.