Who's up with nmap
August 3, 2008 at 11:24 PM by Dr. Drang
Here’s a really short shell script I wrote a few years ago to do some elementary network troubleshooting. I wanted to know which computers on my local network were connected and running.
The tool for this job is nmap, a command-line program that can probe the network and tell you all sorts of things about it. The problem with nmap is that it has so many options I couldn’t remember how to invoke it for my simple little application. So I wrote a one-line shell script with a memorable name, and I haven’t had to worry about nmap’s options since.
The script is called “whosup,” and it does a ping scan of my local network. Here it is:
#!/bin/bash
nmap -sP 192.168.1.*
OK, it’s three lines, but one of them is blank and the other is a shebang comment—I say that makes it a one-liner. The -sP
is a single option that tells nmap to do a simple ping when scanning the network. The network is defined by the 192.168.1.*
argument, which is the IP subnet (with a wildcard for the last item) for what is probably the most common internal, nonpublic network. (It’s the default for every router I’ve had.) Obviously, if your internal network uses a different subnet, you’d use that instead.
Nmap comes with most Linux distributions, I think, but it doesn’t come with Macintoshes. You can get it from Fink or MacPorts if you use those systems, but the easiest installer is probably on the nmap.org downloads page. Follow the instructions there and it will put nmap in your /usr/local/bin
folder. As long as that directory is in your $PATH
, whosup will find it.
The whosup output is simple. This is what it looked like for my home network just a few minutes ago:
Starting Nmap 4.68 ( http://nmap.org ) at 2008-08-03 22:41 CDT
Host 192.168.1.1 appears to be up.
Host 192.168.1.10 appears to be up.
Host 192.168.1.100 appears to be up.
Host 192.168.1.101 appears to be up.
Host 192.168.1.102 appears to be up.
Host 192.168.1.103 appears to be up.
Host 192.168.1.105 appears to be up.
Nmap done: 256 IP addresses (7 hosts up) scanned in 1.922 seconds
I was surprised that it found seven hosts, but then I started counting:
- two routers, one wired, one wireless
- one networked printer
- three computers
- one iPhone
That’s seven, all right. Weird how technology creeps up on you.