11
I have a few public IP addresses given by the ISP service provider. My question is how to check which IP addresses are already used up and which are still available to use for new servers? Because I do not know how to check and the previous IT personnel did not leave any information.
David Par
Posted 2015-04-29T05:12:19.883
Reputation: 111
8
…and the previous IT personnel did not leave any information.
I feel your pain on this. Inheriting someone else’s unmapped and undocumented network mess is not pleasant. As explained in this answer you could use nmap like this; of course 192.168.0.1/24 is an example and should be changed to the network range assigned to the system by the ISP:
nmap -sP -PR 192.168.0.1/24
But that would only be beneficial for internal IP addresses since the -PR option is an ARP ping scan. Meaning public IP addresses not on a LAN would not be generating ARP traffic. So in your case, you can just use the plain -sP (ping scan) option on a range like this
nmap -sP 192.168.0.1/24
And that should give you a nice list of all IP addresses in that range that ping you back. But of course, there are some edge cases where the lack of a ping response does not mean that IP address is dead. Some devices will have an IP address assigned to them but it won’t respond to ICMP ping requests. Or there might be dead or dormant devices with IPs assigned but for some reason they are not functioning.
So be careful with data you get from using an nmap ping scan, but it’s better than nothing and a nice place to start your network mapping journey.
If you are more into visual interfaces, I would highly recommend Angry IP Scanner which is a cross platform, Java-based IP address range scanner that does a great job of not just ping scanning your network, but also providing additional data such as hostname (if applicable) and info on open ports as well.
JakeGould
Posted 2015-04-29T05:12:19.883
Reputation: 38 217
1Using * without escaping is not going to work reliably. Behavior will depend on shell configuration and file names present in the current directory. – kasperd – 2015-04-29T10:34:46.427
@kasperd Good point. Was just using example from another answer. Just a edited to use slash notation instead. – JakeGould – 2015-04-29T16:11:02.640
2
In addition to using nmap and other active scanning tools you should also look at your mac address tables on your firealls, routers, and switches.
These devices will keep a list of the MAC addresses and IP addresses of all devices that have communicated with in a defined time period. Often this time period can be increased for more detailed results.
Zoredache
Posted 2015-04-29T05:12:19.883
Reputation: 18 453
1
Use Angry Ip Scanner to scan those Ip ranges and filter those that are marked as red (dead ones).
Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use.
It is widely used by network administrators and just curious users around the world, including large and small enterprises, banks, and government agencies.
It runs on Linux, Windows, and Mac OS X, possibly supporting other platforms as well.
0
In regards to finding IP addresses that are already assigned, you can use fping. The command is similar to nmap in that it pings all IP addresses within the subnet and show which ones have replied.
Since it is not a linux default command, you will need to install it through yum, YasT, apt-get, etc…
usage:
fping -gn 192.168.1.0/24
-g parameter tells fping to scan the entire range of IP addresses for the specified subnet mask (/24). -n parameter will automatically use DNS to resolve as hostnames.
EternalHour
Posted 2015-04-29T05:12:19.883
Reputation: 370
0
You’ve got two different things going on here.
To map all this out: For statics, they’ll have to enter you network thru your firewall. The firewall config will show you what services map to what public IPs.
Your firewall will also likely have NAT (Network Address Translation). NAT maps you internal private user IPs to publicly routable addresses. A NAT table will show you all the internal/external mapping that are active now, but may miss machines that are turned off.
To map out all the private IP address used by your users—assuming they’re dynamic—you need to find the DHCP server. This will have a list of all machines that have leases, regardless of whether they’re on or off. If the previous admin gave out private static IPs to users—for example—you’ll have a challenge. Scanning will reveal some, but what about machines that are off, laptops that are on the road, etc…
So in summary, find that static public IPs at the firewall and get the internal private address from the DHCP server.
JRS
Posted 2015-04-29T05:12:19.883
Reputation: 1
3Quickest way I can think of would be to check your firewall's interfaces and NAT rules. – Seyren – 2015-04-29T05:42:59.870
1For public routable ip addresses distributed by your isp? Ask your isp – Canadian Luke – 2015-04-29T06:53:20.260