Finding All Hosts On the LAN From Linux / Windows Workstation
Q. How do I find out if all host computers on the LAN are alive or dead from a Linux or Windows XP computer? My network subnet range is 192.168.1.0/24 and I’m using dual boot Debian Linux / XP SP2 computer.
A. You can use normal ping command and shell script loop statement to print the list of all LAN computers from a shell prompt.
Linux / UNIX one liner to ping all hosts on the LAN
Type the following command, enter:
$ for ip in $(seq 1 254); do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo «192.168.1.$ip UP» || : ; done
Output:
- No ads and tracking
- In-depth guides for developers and sysadmins at Opensourceflare✨
- Join my Patreon to support independent content creators and start reading latest guides:
- How to set up Redis sentinel cluster on Ubuntu or Debian Linux
- How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)
- How to set up Mariadb Galera cluster on Ubuntu or Debian Linux
- A podman tutorial for beginners – part I (run Linux containers without Docker and in daemonless mode)
- How to protect Linux against rogue USB devices using USBGuard
Join Patreon ➔
A Note About Windows Workstation
If you are using Windows 2000 / XP / Vista, try something as follows at DOS / NT command prompt (Start > Run > CMD > Enter key):
c:> for /L %I in (1,1,254) DO ping -w 30 -n1 192.168.1.%I | find «Reply»
Read cmd.exe help page and batch scripting documentation for more information.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via
| Category | List of Unix and Linux commands |
|---|---|
| Documentation | help • mandb • man • pinfo |
| Disk space analyzers | df • duf • ncdu • pydf |
| File Management | cat • cp • less • mkdir • more • tree |
| Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Linux Desktop Apps | Skype • Spotify • VLC 3 |
| Modern utilities | bat • exa |
| Network Utilities | NetHogs • dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • glances • gtop • jobs • killall • kill • pidof • pstree • pwdx • time • vtop |
| Searching | ag • grep • whereis • which |
| Shell builtins | compgen • echo • printf |
| Text processing | cut • rev |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
Comments on this entry are closed.
You would probably use
«for ip in $(perl -e ‘$,=»\n»; print 0 .. 8;’) ; do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo «192.168.1.$ip UP» || : ; done»
on non GNU/Linux system, as seq does not exist on Solaris and OSX.
Ups, this is nicer, and faster.
for ip in $(perl -e ‘$,=»\n»; print 1 .. 254;’) ; do ping -t 1 -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo «192.168.1.$ip UP» || : ; done
I’ve added a 1 sec. timeout on ping.
Looping in Perl just to print a sequence of numbers is really braindead.
Do you know fping ?
$ sudo apt-get install fping
$ fping -a -g 192.168.1.0/24 2> /dev/null
@Casper,
Thanks for sharing perl only code.
@Richard,
Sure, fping was covered some time ago..
I generally just use this “ping -b 192.168.1.255” Which broadcasts a ping to the whole network at once.
What about Windows machines with MS firewall which default forbid ICMP replay ?
Maybe must use ARP cache after ping
If a host on your local network won’t answer on a ping request you could try arping, which does an arp request.
arping 192.168.1.1
ARPING 192.168.1.1 from 192.168.1.226 eth0
Unicast reply from 192.168.1.1 [00:01:02:xx:xx:xx] 0.668ms
Another method is simply using nmap:
nmap -sP 192.168.1.0/24
Something wrong with prev. comment… ( char)
for (( ip=1 ; ip /dev/null; [ $? -eq 0 ] && echo «192.168.1.$ip UP» || : ; done
another option is installing arpwatch.
wont this command do .
this checks all the computers whose ip address are in the range of 10.0.0.1 to 10.0.0.125 and displays only those which are ON and connected to the network !
Matthias, thumbs up for the nmap solution.
Even faster (produces a little bit of confusing output in the beginning but it does the job fast):
for ip in $(perl -e ‘$,=»\n»; print 1 .. 254;’) ; do ping -t 1 -c 1 192.168.146.$ip > /dev/null && echo «192.168.146.$ip UP» >> hosts.log || : & sleep 0.02; done; sleep 1;cat hosts.log;rm hosts.log
this is awesome
can anyone tell how to see the network address and system names in up in lan in linux..
i liked the nmap solution best as well, thanks Matthias for that.
check out the space after the n parameter: for /L %I in (1,1,254) DO ping -w 30 -n 1 192.168.1.%I | find “Reply”
smbtree -SN |grep \\\\ |cut -f2 |cut -d”\\” -f3
will give a list of netbios host responding on broadcast address
(smbtree is part of the samba suite)
+1, much quicker way to found out what’s on your network.
Very nice, all that. Thanks guys!
Here’s a batchfile i made that pings any range of adresses:
@echo off & For /L %%i in (%4,1,255) do @ping -n 1 %1.%2.%3.%%i | find “Received = 0” >nul & if errorlevel 1 @echo %1.%2.%3.%%i
most of the code is to tidy the output up. Save as PINGER.bat
Type:
PINGER 192 168 0 0
**without** the dots to find the range 192.168.0.0 to 192.168.0.255
or any other address PINGER 145 233 2 0 etc
cheers
How would you do this on a Mac? I tried it and got the error -bash: seq: command not found
Just don’t buy a mac :p
Thanks for ‘nast -m’ tip (3 years later 😉 ) – liked it best.
@ lina – check out casper’s comment regarding non-Linux systems
Using cygwin on Windows, this did not work as expected.
It produced
192.168.1.1 UP
…
192.168.1.100 UP
…
for every IP address.
Problem is, this network is 192.168.2.1, not 192.168.1.1
Further investigation:
ping 192.168.2.1 produced a response from an IP from the ISP.
Know and Test what you are doing!
Hi, i cant find all hosts by nmap -sP 10.6.0.0/24
I know that router Mikrotik has got IP address 10.6.0.1, hi can i found with nmap ALL hosts at subnet? Which mode of nmap I have to use for this?
Could you help me, please? Thanks a lot.
I tested four proposed solutions on the same lan within the same hour :
1- for ip in $(seq 1 254); do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo “192.168.1.$ip UP” || : ; done
*** 26 hosts ***
2- nmap -sP 192.168.1.0/24
*** 18 hosts ***
3- nast -m -i eth0
*** 32 hosts (31 if I exclude the broadcast address) ***
4- arp-scan -l -I eth0
*** 35 hosts (32 if I exclude the lan address, the broadcast address and a duplicate host address of a vmware VM which is not discovered by the other tools) ***
My prefered tool is arp-scan, for several reasons :
1- It finds the max of hosts,
2- It is the faster (flash speed),
3- It provides additional information about the NIC when possible.
Thanks for this very interesting topic and the comments.
for /L %x in (1,1,254) do @ping 192.168.122.%x -w 100 -n 1 | find “Reply”
Could please abybody get me some clue how to identify what is on the following ip addresses got by sudo arp -a command:
? (192.168.1.207) at on eth1
? (192.168.1.1) at 00:22:3f:ad:c4:be [ether] on eth1
? (192.168.1.51) at on eth1
? (192.168.1.204) at on eth1
? (192.168.1.254) at on eth1
? (192.168.1.151) at on eth1
? (192.168.1.48) at on eth1
? (192.168.1.98) at on eth1
? (192.168.1.251) at on eth1
? (192.168.1.45) at on eth1
? (192.168.1.198) at on eth1
? (192.168.1.95) at on eth1
? (192.168.1.145) at on eth1
? (192.168.1.86) at on eth1
? (192.168.1.33) at on eth1
? (192.168.1.186) at on eth1
? (192.168.1.83) at on eth1
? (192.168.1.236) at on eth1
? (192.168.1.133) at on eth1
? (192.168.1.30) at on eth1
? (192.168.1.183) at on eth1
? (192.168.1.130) at on eth1
? (192.168.1.77) at on eth1
? (192.168.1.127) at on eth1
? (192.168.1.74) at on eth1
? (192.168.1.227) at on eth1
? (192.168.1.238) at on eth1
? (192.168.1.135) at on eth1
? (192.168.1.29) at on eth1
? (192.168.1.26) at on eth1
? (192.168.1.179) at on eth1
? (192.168.1.229) at on eth1
? (192.168.1.126) at on eth1
? (192.168.1.23) at on eth1
? (192.168.1.176) at on eth1
? (192.168.1.20) at on eth1
? (192.168.1.173) at on eth1
? (192.168.1.220) at on eth1
? (192.168.1.167) at on eth1
Thanks in advance,
M.
@masuch: looks like you have a netgear router attached at 192.168.1.1 (based on the mac address). and no other machines attached.
Yes, it is netgear – how can I recognize according to MAC address what device is it ?
Could you please share some documentation ?
Thanks,
Regards,
masuch
In linux, this would be faster
echo 192.168.1.<1..254>|xargs -n1 -P0 ping -c1|grep “bytes from”
#!/bin/bash
for ip in 192.168.0.<1..254>; do
ping -c 1 -W 1 $ip | grep “64 bytes” &
done
0,5 Second whit first Post 😉
nmap -sn ip/subnet
like if subnet mask is 255.255.254.0, and your ip is 192.168.1.3
then: nmap -sn 192.168.1.0/23
how to check which are all systems connected in lan
Really awesome. Alternative easy to use is nmap.
I think the first example should be updated to make use of Bash’s brace expansion, for which this is a textbook use case… Following is an outline of various network browsing/scanning utilities and their associated time.
One of the examples was cut off… should have been
Источник
The Hosts File on Linux
All operating systems with network support have a hosts file to translate hostnames to IP addresses. Whenever you open a website by typing its hostname, your system will read through the hosts file to check for the corresponding IP and then open it. The hosts file is a simple text file located in the etc folder on Linux and Mac OS (/etc/hosts). Windows has a hosts file as well, on Windows you can find it in Windows\System32\drivers\etc\
Here is how it looks like:
From what we mentioned, you might be expecting this file to have a very long list of IPs and corresponding hostnames; but that is not true. The hosts file only contains several lines;
- The first part, by default, contains the hostnames and IP addresses of your localhost and machine. This is the part you will usually modify to make the desired changes.
- The second part has information about IPv6 capable hosts and you will hardly be editing these lines.
Whenever you type an address, your system will check the hosts file for its presence; if it is present there, you will be directed to the corresponding IP. If the hostname is not defined in the hosts file, your system will check the DNS server of your internet to look up for the corresponding IP and redirect you accordingly.
Why Edit /etc/hosts file?
By editing the hosts files, you can achieve the following things:
- Block a website
- Handle an attack or resolve a prank
- Create an alias for locations on your local server
- Override addresses that your DNS server provides
- Control access to network traffic
How to Edit /etc/hosts file?
You can edit the hosts text file, located at /etc/hosts only as a superuser. You will first have to open it in text editors such as VI editor, Nano editor or gedit, etc. in the Linux terminal. You will then make the required changes and save the file for these changes to take effect.
In this article, we will use the Nano editor to edit the file. Please type the following command:
As mentioned before, we will be editing the first part of the hosts file where IP addresses and hostnames are defined. We will explain the following two ways in which you can make use of the hosts file: Advertisement
- Block a website
- Access Remote Computer Through an Alias
Block a Website
You can block a website by redirecting it to the IP of your localhost or the default route.
For example, if we want to block google.com, we can add the following text to our file:
Now when we open the google website, our system will take the IP of our localhost (127.0.0.1) from the hosts file and redirect us to that instead of the google IP from our DNS server.
Now when we open the google website, our system will take the IP of the default route (0.0.0.0) from the hosts file and redirect us to that instead of the google IP from our DNS server.
This is how the edited file will look like. Please save the changes by hitting ctrl+X.
Now when you try to open www.google.com from your browser, you will see an error message as follows:
Please note that we have defined the complete address www.google.com instead of just the hostname google.com in the hosts file because modern browsers sometimes circumvent the block if we only define the latter.
There are also some predefined blocklists available that you may use in your hosts file: https://github.com/StevenBlack/hosts
Access Remote Computer through an Alias
Suppose we have a server located at a local network that we want to access. We usually have to type the server’s IP to access it unless it has been defined on our local DNS. One way to avoid typing the IP, again and again, is to assign an alias to the server in the hosts file as follows:
The IP corresponds to the location of the server we want to access and myserver is the new alias we want to use.
Now when we saved the file and type myserver in the address bar, we will be redirected to our remote server.
We have learned that by making very simple changes to the hosts file, we can customize and thus redirect the network traffic according to our needs. We can also get rid of a network attack or prank by restoring the hosts file to its default.
Karim Buzdar
About the Author: Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. You can reach Karim on LinkedIn
Источник
