Q. How do I find out if all host computers on the LAN are alive or dead from a Linux or Windows XP computer? My network subnet range is 192.168.1.0/24 and I’m using dual boot Debian Linux / XP SP2 computer.
A.You can use normal ping command and shell script loop statement to print the list of all LAN computers from a shell prompt.
Linux / UNIX one liner to ping all hosts on the LAN
Type the following command, enter:
$ for ip in $(seq 1 254); do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo "192.168.1.$ip UP" || : ; done
Output:
192.168.1.1 UP 192.168.1.1 UP 192.168.1.2 UP 192.168.1.5 UP ...... ... .. 192.168.1.254 UP
See previous article: Simple Linux and UNIX system monitoring with ping command and scripts.
A Note About Windows Workstation
If you are using Windows 2000 / XP / Vista, try something as follows at DOS / NT command prompt (Start > Run > CMD > Enter key):
c:> for /L %I in (1,1,254) DO ping -w 30 -n1 192.168.1.%I | find "Reply"
Read cmd.exe help page and batch scripting documentation for more information.
43 comment
You would probably use
"for ip in $(perl -e '$,="\n"; print 0 .. 8;') ; do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo "192.168.1.$ip UP" || : ; done"on non GNU/Linux system, as seq does not exist on Solaris and OSX.
Ups, this is nicer, and faster.
for ip in $(perl -e '$,="\n"; print 1 .. 254;') ; do ping -t 1 -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo "192.168.1.$ip UP" || : ; doneI’ve added a 1 sec. timeout on ping.
Looping in Perl just to print a sequence of numbers is really braindead.
Do you know fping ?
$ sudo apt-get install fping
$ fping -a -g 192.168.1.0/24 2> /dev/null
@Casper,
Thanks for sharing perl only code.
@Richard,
Sure, fping was covered some time ago..
I generally just use this “ping -b 192.168.1.255” Which broadcasts a ping to the whole network at once.
What about Windows machines with MS firewall which default forbid ICMP replay ?
Maybe must use ARP cache after ping
another way…
for ((ip=1;ip/dev/null; [ $? -eq 0 ] && echo "192.168.1.$ip UP" || : ; doneIf a host on your local network won’t answer on a ping request you could try arping, which does an arp request.
arping 192.168.1.1ARPING 192.168.1.1 from 192.168.1.226 eth0
Unicast reply from 192.168.1.1 [00:01:02:xx:xx:xx] 0.668ms
Another method is simply using nmap:
nmap -sP 192.168.1.0/24Something wrong with prev. comment… (< and > char)
for (( ip=1 ; ip<=254 ; ip++ )); do ping -c 1 -t 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo "192.168.1.$ip UP" || : ; done
Using nast ?
http://netsecure.alcpress.com/nast/
nast -m
best.
another option is installing arpwatch.
wont this command do ???
nbtscan 10.0.0.1-125
this checks all the computers whose ip address are in the range of 10.0.0.1 to 10.0.0.125 and displays only those which are ON and connected to the network !
Matthias, thumbs up for the nmap solution.
Even faster (produces a little bit of confusing output in the beginning but it does the job fast):
for ip in $(perl -e '$,="\n"; print 1 .. 254;') ; do ping -t 1 -c 1 192.168.146.$ip > /dev/null && echo "192.168.146.$ip UP" >> hosts.log || : & sleep 0.02; done; sleep 1;cat hosts.log;rm hosts.log
this is awesome
can anyone tell how to see the network address and system names in up in lan in linux..
i liked the nmap solution best as well, thanks Matthias for that.
check out the space after the n parameter: for /L %I in (1,1,254) DO ping -w 30 -n 1 192.168.1.%I | find “Reply”
smbtree -SN |grep \\\\ |cut -f2 |cut -d”\\” -f3
will give a list of netbios host responding on broadcast address
(smbtree is part of the samba suite)
#arp-scan -l
+1, much quicker way to found out what’s on your network.
+2…NICE!
Very nice, all that. Thanks guys!
Here’s a batchfile i made that pings any range of adresses:
@echo off & For /L %%i in (%4,1,255) do @ping -n 1 %1.%2.%3.%%i | find “Received = 0” >nul & if errorlevel 1 @echo %1.%2.%3.%%i
most of the code is to tidy the output up. Save as PINGER.bat
Type:
PINGER 192 168 0 0
**without** the dots to find the range 192.168.0.0 to 192.168.0.255
or any other address PINGER 145 233 2 0 etc
cheers
How would you do this on a Mac? I tried it and got the error -bash: seq: command not found
Just don’t buy a mac :p
Thanks for ‘nast -m’ tip (3 years later ;) ) – liked it best.
@ lina – check out casper’s comment regarding non-Linux systems
Using cygwin on Windows, this did not work as expected.
It produced
192.168.1.1 UP
…
192.168.1.100 UP
…
for every IP address.
Problem is, this network is 192.168.2.1, not 192.168.1.1
Further investigation:
ping 192.168.2.1 produced a response from an IP from the ISP.
Know and Test what you are doing!
Hi, i cant find all hosts by nmap -sP 10.6.0.0/24
I know that router Mikrotik has got IP address 10.6.0.1, hi can i found with nmap ALL hosts at subnet? Which mode of nmap I have to use for this?
Could you help me, please? Thanks a lot.
Lukas
Hi all,
I tested four proposed solutions on the same lan within the same hour :
1- for ip in $(seq 1 254); do ping -c 1 192.168.1.$ip>/dev/null; [ $? -eq 0 ] && echo “192.168.1.$ip UP” || : ; done
*** 26 hosts ***
2- nmap -sP 192.168.1.0/24
*** 18 hosts ***
3- nast -m -i eth0
*** 32 hosts (31 if I exclude the broadcast address) ***
4- arp-scan -l -I eth0
*** 35 hosts (32 if I exclude the lan address, the broadcast address and a duplicate host address of a vmware VM which is not discovered by the other tools) ***
My prefered tool is arp-scan, for several reasons :
1- It finds the max of hosts,
2- It is the faster (flash speed),
3- It provides additional information about the NIC when possible.
Thanks for this very interesting topic and the comments.
for /L %x in (1,1,254) do @ping 192.168.122.%x -w 100 -n 1 | find “Reply”
Hi,
Could please abybody get me some clue how to identify what is on the following ip addresses got by sudo arp -a command:
? (192.168.1.207) at on eth1
? (192.168.1.1) at 00:22:3f:ad:c4:be [ether] on eth1
? (192.168.1.51) at on eth1
? (192.168.1.204) at on eth1
? (192.168.1.254) at on eth1
? (192.168.1.151) at on eth1
? (192.168.1.48) at on eth1
? (192.168.1.98) at on eth1
? (192.168.1.251) at on eth1
? (192.168.1.45) at on eth1
? (192.168.1.198) at on eth1
? (192.168.1.95) at on eth1
? (192.168.1.145) at on eth1
? (192.168.1.86) at on eth1
? (192.168.1.33) at on eth1
? (192.168.1.186) at on eth1
? (192.168.1.83) at on eth1
? (192.168.1.236) at on eth1
? (192.168.1.133) at on eth1
? (192.168.1.30) at on eth1
? (192.168.1.183) at on eth1
? (192.168.1.130) at on eth1
? (192.168.1.77) at on eth1
? (192.168.1.127) at on eth1
? (192.168.1.74) at on eth1
? (192.168.1.227) at on eth1
? (192.168.1.238) at on eth1
? (192.168.1.135) at on eth1
? (192.168.1.29) at on eth1
? (192.168.1.26) at on eth1
? (192.168.1.179) at on eth1
? (192.168.1.229) at on eth1
? (192.168.1.126) at on eth1
? (192.168.1.23) at on eth1
? (192.168.1.176) at on eth1
? (192.168.1.20) at on eth1
? (192.168.1.173) at on eth1
? (192.168.1.220) at on eth1
? (192.168.1.167) at on eth1
Thanks in advance,
M.
@masuch: looks like you have a netgear router attached at 192.168.1.1 (based on the mac address). and no other machines attached.
Hi,
Yes, it is netgear – how can I recognize according to MAC address what device is it ?
Could you please share some documentation ?
did you use:
http://tools.springheadmedia.com/mac.php?m1=00&m2=&m3=&m4=&m5=&m6=&find=Find
OR
something else … ?
Thanks,
Regards,
masuch
In linux, this would be faster
echo 192.168.1.{1..254}|xargs -n1 -P0 ping -c1|grep “bytes from”
One second
#!/bin/bash
for ip in 192.168.0.{1..254}; do
ping -c 1 -W 1 $ip | grep “64 bytes” &
done
0,5 Second whit first Post ;)
#!/bin/bash for ip in $(seq 1 254) do ping -c 1 "192.168.0.$ip">/dev/null [ $? -eq 0 ] && echo "192.168.1.$ip UP" || echo "192.168.1.$ip DOWN..." donenmap -sn ip/subnet
like if subnet mask is 255.255.254.0, and your ip is 192.168.1.3
then: nmap -sn 192.168.1.0/23
Research subnets.
how to check which are all systems connected in lan
Really awesome. Alternative easy to use is nmap.
I think the first example should be updated to make use of Bash’s brace expansion, for which this is a textbook use case… Following is an outline of various network browsing/scanning utilities and their associated time.
One of the examples was cut off… should have been
# manual ping scan # real 0m1.077s echo 192.168.1.{1..254} | \ xargs -n1 -P0 ping -c1 -W1 | \ grep -oP '(?<=bytes from ).*(?=:)' | \ sort -V