How to Scan for IP Addresses on Your Network with Linux

How many times have you tried to set a static IP address for a computer on your network, only to find that you didn’t know which addresses were already taken? If you happen to be using a desktop computer, you can always install a network protocol analyzer to find out which addresses are in use. But what if you are using a GUI-less server? You certainly wouldn’t rely on graph-based tools to scan IP addresses. Fortunately, there are some very easy-to-use command line tools that can handle this task.

I’m going to show you how to use two different tools (one of which is installed by default on your server) to scan for IP addresses on your local area network (LAN). I will demonstrate on Ubuntu Server.

look: Key commands Linux administrators need to know (Technology Republic Advanced Edition)

arp command

The first tool we will use for this task is the built-in ARP Order. Most IT administrators are familiar with ARPas it is used on almost every platform. If you have never used ARP (abbreviation for Address Resolution Protocol), this command is used to operate (or display) the core IPv4 Network Neighborhood cache. If you issue ARP Without mode specifiers or options, it prints the current contents of the ARP table. That’s not what we do. Instead, we will issue the following command:

arp -a

The -a option uses alternate BSD style output and prints all known IP addresses found on the LAN. The output of this command displays the IP address and associated Ethernet device.

You now have a list of every IP address used on your LAN. The only thing to note is that (unless you know the MAC address of every device on the network), you won’t know which computer the IP address is assigned to. Even if you don’t know which machine is associated with which address, you at least know which addresses are being used.

Notice. this ARP The command only works on IPv4. If you have IPv6 you need to use the following command national development plan (stands for Neighbor Discovery Protocol):

ndp -a

It’s easy to tell whether you are using an IPv4 or IPv6 address. The former uses periods and the latter uses colons. IBM provides a explainer If you want more details, see this topic.

look: How to add SSH fingerprints to your known_hosts file in Linux (Technology Republic)

map

Next, we use commands that provide more options. Said command is map (stands for Network Mapper). you won’t find out map The preset is installed on your Linux machine, so we have to add it to the system. Open a terminal window (or log into a GUI-less server) and issue the command:

sudo apt-get install nmap -y

Once installed, you can scan your LAN using the following command map. To find out which address is in use, issue the command:

nmap -sP 192.168.1.0/24

notes: You need to change the IP addressing plan to match your IP addressing plan.

The output of this command will display every address found on the LAN.

let us do map More useful. Because it provides more flexibility, we can also discover the operating system associated with an IP address. For this we will use the options -sT (TCP connection scan) and -O (operating system discovery). The command to do this is:

sudo nmap -sT -O 192.168.1.0/24

Depending on the size of your network, this command may take some time. If you have a large network, consider piping the output of the command to the following file:

sudo nmap -sT -O 192.168.1.0/24 > nmap_output

You can then view the file using a text editor to find out which operating system the IP address is attached to.

With these two simple commands, you can find the IP addresses in use on your network. Now, when you assign a static IP address, you cannot accidentally assign an IP address that is already in use. We all know the headache this can cause.