Host Discovery

Host Discovery options

ping

• This method uses the ping command to to search for IPs
• The following one liner with output the results to the sweep file.

for i in {2..50} ;do (ping -W 1 -c 10.0.5.$i | grep "bytes from" | cut -d ' ' -f 4 | tr -d :&) ; done > sweep.txt

fping

• This method uses fping to scan for active ips
• The following one liner outputs the results to a sweep2.txt file

sudo fping -a -g 10.0.5.2 10.0.5.50 -r 1 >> sweep2.txt

nmap

• This method uses nmap to scan for ips
• The below one liner outputs the ips to the sweep3.txt file

sudo nmap -n -vv -sn 10.0.5.2-50 | grep -B1 'Host is up' | cut -d ' ' -f 5 | grep '10.0.5.*' > sweep3.txt

Reflections

• Doing the scans was simple as I had done it in the past, however, using bash commands to output only the IP took some time. I had to look at the man pages and look up the uses of flags for cut and grep to complete the one liner to output only the IP and not just a greped line.
• Man pages can be difficult to navigate so googling is often a better option