systemadmin.es > Redes > Descubrir los hosts de una red con nmap

Descubrir los hosts de una red con nmap

La utilidad nmap se asocia a un escaner de puertos, pero también podemos usarlo para descubrir hosts que respondan a ping sin realizar ningún escaneado de puertos.

Mediante la opción -sn podemos deshabilitar el escaneado de puertos para usar únicamente el host discovery:

-sn: Ping Scan - disable port scan

A continuación únicamente deberemos indicar la red a descubrir para obtener todos los host que respondan a ping:

# nmap -sn 10.1.9.0/24

Starting Nmap 5.50 ( http://nmap.org ) at 2011-08-18 19:55 CEST
Nmap scan report for 10.1.9.0
Host is up (0.0092s latency).
Nmap scan report for 10.1.9.1
Host is up (0.024s latency).
Nmap scan report for 10.12.9.3
Host is up (0.024s latency).
Nmap scan report for 10.1.9.4
Host is up (0.024s latency).
Nmap scan report for 10.1.9.5
Host is up (0.024s latency).
Nmap scan report for 10.1.9.6
Host is up (0.024s latency).
Nmap scan report for 10.12.9.7
Host is up (0.024s latency).
Nmap scan report for 10.1.9.11
Host is up (0.0097s latency).
Nmap scan report for 10.1.90.13
Host is up (0.014s latency).
Nmap scan report for 10.1.9.14
Host is up (0.013s latency).
Nmap scan report for 10.1.9.254
Host is up (0.0064s latency).
Nmap done: 256 IP addresses (11 hosts up) scanned in 1.76 seconds

En versiones anteriores se usaba la opción -sP en lugar de -sn:

# nmap -sP 10.10.10.0/24

Starting Nmap 5.00 ( http://nmap.org ) at 2012-03-14 09:41 CET
Host picamoixons (10.10.10.1) is up.
Host 10.10.10.2 is up (0.00014s latency).
MAC Address: 00:1E:C9:FF:FF:FF (Dell)
Host 10.10.10.3 is up (0.00024s latency).
MAC Address: B8:FF:FF:9F:FF:FF (Unknown)
Host 10.10.10.4 is up (0.00023s latency).
MAC Address: B8:FC:FF:FF:FF:FF (Unknown)
Host 10.10.10.6 is up (0.00024s latency).
MAC Address: 78:2B:FF:FF:FF:FF (Unknown)
Host 10.10.10.88 is up (0.00019s latency).
MAC Address: 00:0B:CD:FF:FF:FF (Hewlett Packard)
Host 10.10.10.101 is up (0.00012s latency).
MAC Address: 00:E0:81:FF:FF:FF (Tyan Computer)
Host 10.10.10.254 is up (0.0093s latency).
MAC Address: 00:E0:81:FF:FF:AA (Tyan Computer)
Nmap done: 256 IP addresses (8 hosts up) scanned in 2.48 seconds

2 comments to “Descubrir los hosts de una red con nmap”

  1. Muy bueno el truco pero …

    En la versión Nmap version 4.75

    SCAN TECHNIQUES
    -sN/sF/sX: TCP Null, FIN, and Xmas scans

    HOST DISCOVERY:
    -sP: Ping Scan – go no further than determining if host is online

    ¿Depende de la versión?

    Santi.

    PD: KUGW

  2. Pues parece que así es:

               Nmap 5.50 ( http://nmap.org )
    (..)
               HOST DISCOVERY:
                 -sL: List Scan - simply list targets to scan
                 -sn: Ping Scan - disable port scan
    

    Seguramente es desde el cambio de versión (de 4 a 5)

Deja un comentario:

XHTML - Tags permitidos:<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>