Nmap

Usage

Ping-scan live hosts (fast)

nmap -sP 192.168.178.1/24

Scan hosts with grepable Output

nmap -sP -oG - 192.168.1.0/24

Detect OS

sudo nmap -O 172.18.0.2

Test individual ports

nmap -p 7946 860-high-node-cpptables-procs.ci.openappstack.net

Test UDP port

https://nmap.org/book/scan-methods-udp-scan.html

sudo nmap -sUV -p 5060 sipgate.de

Other tools

Ndiff

• Not included in arch nmap package
• Github

Usage:

nmap -oX /tmp/before.xml 1.2.3.4/24

Then plug in device in question and scan after it recieved an IP via DHCP:

nmap -oX /tmp/after.xml 1.2.3.4/24
ndiff /tmp/before.xml /tmp/after.xml

Nping

• Nping manual

Poor-mans nmap using ping

i.e. on hosts where no nmap is available:

for x in {1..254}; do (ping  -c 1 192.168.8.$x | grep "bytes from" | awk '{print $4}' &) done; sleep 1