Best method and tools for local IP scanning [closed]

I’m starting to administer a small but confusing und badly documented local heterogeneous network (mostly Windows workstations, printers, laboratory equipment, etc. and one Linux/Samba Server) (192.168.1.0/24) stretching over a few hundred m2 office and factory area in two floors. In principle I have access to all the passwords and rooms. In praxis some of the offices are locked, the owners are out and there might be some hidden devices which somebody who is not reachable for me has connected to the LAN or which were plugged in and forgotten at all.

When configuring printers (we have quite a lot of them) I sometimes get a collision warning. Most devices get their IPs via DHCP, but not all of them. Some of the devices use firewalls which block ports and or do not answer pings for other reasons.

I want to scan the network for used IPs - just now manually, later perhaps a few times automatically to also catch fixed IP devices which were switched off during the first scan.

What is the best method to perform such a scan, and what tool should I use? As the budget is limited and this task probably needs not to be done on a regular basis I would prefer a free open source solution.


Solution 1:

nmap - the tool of the devil.

To utilize nmap for ping sweeps use:

nmap -sP 192.168.1.1-255
  • note that nmap now provides a graphical frontend called zenmap
  • nmap guide book

Angry IP Scanner - graphical tool of the devil

  • Very self explanatory

Solution 2:

  • Take a look at nast.

    nast -m

    probes all hosts on your network using ARP protocol, so it is quite accurate and FW-aware.

    It is free, OSS and very powerful.

    Using ARP requests you can probe every kind of network devices (not explicitly configured to be stealthy to this of course, but we are talking about a voluntary hidden system then). ARP works under the IP level, so it is quite accurate. Of course it works on a physical network segment, it can't traverse routers (if no arp proxy is configured of course).

  • To monitor devices on your network you can instead take a look at ARPwatch, running it as a daemon makes possible to continuously monitor you LAN and catch IP changes, flip-flop, new devices attached and so on