Scan a subnet with Nmap

Simple Nmap combination useful if you need to scan an entire subnet for active hosts and the IP addresses used by the same. I am not an expert on Nmap if you have a better method let me know.

1. From a command line window issue the command below.

nmap -v -sn 192.168.1.0/24
  • -v
  • Vervose

  • -sn
  • Ping scan – disable port scan

2. Nmap outputs its findings along with the IP address and MAC address of the clients on the subnet.

# nmap -v -sn 192.168.1.0/24

Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-05 00:10 Mountain Standard Time
Initiating ARP Ping Scan at 00:10
Scanning 11 hosts [1 port/host]
Completed ARP Ping Scan at 00:10, 0.53s elapsed (11 total hosts)
Initiating Parallel DNS resolution of 11 hosts. at 00:10
Completed Parallel DNS resolution of 11 hosts. at 00:10, 16.50s elapsed
Nmap scan report for 192.168.1.0 [host down]
Nmap scan report for 192.168.1.1
Host is up (0.0010s latency).
MAC Address: 00:90:7F:26:3E:13 (WatchGuard Technologies)
Nmap scan report for 192.168.1.2 [host down]
Nmap scan report for 192.168.1.10 [host down]
Initiating Parallel DNS resolution of 1 host. at 00:10
Completed Parallel DNS resolution of 1 host. at 00:11, 16.50s elapsed
Nmap scan report for 192.168.1.11
Host is up.
Initiating ARP Ping Scan at 00:11
Scanning 244 hosts [1 port/host]
Completed ARP Ping Scan at 00:11, 1.96s elapsed (244 total hosts)
Initiating Parallel DNS resolution of 244 hosts. at 00:11
Completed Parallel DNS resolution of 244 hosts. at 00:11, 16.50s elapsed
Nmap scan report for 192.168.1.12 [host down]
Nmap scan report for 192.168.1.17 [host down]
Nmap scan report for 192.168.1.18
Host is up (0.0019s latency).
MAC Address: 00:0C:29:97:30:0A (VMware)
Nmap scan report for 192.168.1.19 [host down]
Nmap scan report for 192.168.1.255 [host down]
Read data files from: C:Program Files (x86)Nmap
Nmap done: 256 IP addresses (3 hosts up) scanned in 52.16 seconds
           Raw packets sent: 509 (14.252KB) | Rcvd: 3 (84B)

One Response to “Scan a subnet with Nmap”

  1. [...] you didn't specify which, I will assume mysql so… Subnet scanning with nmap? [...]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>