6

I can perform port scan using nmap to test if a given IP is being used, e.g.

nmap -PR 192.168.1.9

However, nmap is not installed in most server, is it possible to have the same result (e.g. check if the particular IP is being used) without installing nmap?

Ryan
  • 5,341
  • 21
  • 71
  • 87

2 Answers2

15

You can use ping:

ping 192.168.1.9

Most of the machines will reply, but some wont. If it's in the same local network, you can check the arp (after a no-reply):

arp -n |  grep 192.168.1.9

(-n shows numeric IP addresses - does not try to resolve hostnames)

mulaz
  • 10,472
  • 1
  • 30
  • 37
  • Possibly a stupid question, but would `arp` be installed when `nmap` isn't? – Freiheit Oct 08 '12 at 17:40
  • I think arp is by default found on almost all devices that are able to communicate in a switched network. i.e. you'll find it already installed on most devices AFAIK.. – amyassin Oct 08 '12 at 19:17
  • 2
    @amyassin, technically your comment isn't correct. ARP is a component of the TCP/IP protocol suite. It's not a function of the type of network the host is connected to. Any host that uses the TCP/IP suite will use ARP and presumably has a tool for testing ARP. I could run my hosts on IPX/SPX in my switched network, they would all communicate just fine, and ARP would never be seen as it's not a component of IPX/SPX. – joeqwerty Oct 08 '12 at 20:37
  • @joeqwerty You are right, by switched network I meant TCP/IP and that was wrong. Sometimes I forget that there are other than TCP/IP :) – amyassin Oct 08 '12 at 21:49
  • No worries. I just wanted to add some clarification. – joeqwerty Oct 08 '12 at 21:51
4

I assume there is some reason why ping 192.168.1.9 is unacceptable? If you're looking for a device that might be firewalled, but is on the local broadcst network, ping 192.168.1.9 followed by arp -a -n|grep 192.168.1.9 can be a more reliable way of finding an otherwise-silent host.

MadHatter
  • 78,442
  • 20
  • 178
  • 229