How to scan a network for responsive hosts using Kali Linux.

Posted: October 7, 2015. At: 10:49 AM. This was 2 years ago. Post ID: 8418
Page permalink.
WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters. These cookies expire two weeks after they are set.

To scan a network for hosts using Kali Linux, the netdiscover command will come in handy. Just give it an IP address and it will find all hosts within that range. I am scanning for all hosts within the range of 172.29.59.1 to 172.29.59.254.

root@kali:~/Documents# netdiscover -r 172.29.59.0/24
 
Currently scanning: Finished!   |   Screen View: Unique Hosts
 
 10 Captured ARP Req/Rep packets, from 6 hosts.   Total size: 600                                                              
 _____________________________________________________________________________
   IP            At MAC Address      Count  Len   MAC Vendor
 -----------------------------------------------------------------------------
 172.29.59.108   f4:b7:e2:c9:1b:e3    01    060   Unknown vendor
 172.29.59.15    28:b2:bd:0b:00:b8    03    180   Unknown vendor
 172.29.59.112   54:ea:a8:5e:d3:05    01    060   Unknown vendor
 172.29.59.88    04:54:53:0f:c4:b0    02    120   Unknown vendor
 172.29.59.1     00:26:f1:f5:03:00    02    120   Unknown vendor
 172.29.59.87    04:db:56:4a:f4:b4    01    060   Unknown vendor

Then you may pick a host to scan for open ports.

There is another way using nmap. This scan will return all responsive hosts on the network.

root@kali:~/Documents# nmap -sP 172.29.59.1-254
 
Starting Nmap 6.49BETA5 ( https://nmap.org ) at 2015-10-07 10:39 AEDT
Nmap scan report for 172.29.59.1
Host is up (0.0067s latency).
MAC Address: 00:26:F1:F5:03:00 (ProCurve Networking by HP)
Nmap scan report for 172.29.59.4
Host is up (0.0060s latency).
MAC Address: 00:0B:86:0C:4D:00 (Aruba Networks)
Nmap scan report for 172.29.59.11
Host is up (0.061s latency).
MAC Address: 7C:6D:62:74:92:7E (Apple)
Nmap scan report for 172.29.59.12
Host is up (0.13s latency).
MAC Address: 04:54:53:0F:CC:3B (Apple)
Nmap scan report for 172.29.59.13
Host is up (0.069s latency).
MAC Address: 00:1F:5B:C3:F3:C4 (Apple)
Nmap scan report for 172.29.59.14
Host is up (0.034s latency).
MAC Address: 88:1F:A1:B7:87:67 (Apple)
Nmap scan report for 172.29.59.15
Host is up (0.0059s latency).
MAC Address: 28:B2:BD:0B:00:B8 (Intel Corporate)
Nmap scan report for 172.29.59.19
Host is up (0.0049s latency).
MAC Address: 04:54:53:0F:C3:1A (Apple)
Nmap scan report for 172.29.59.20
Host is up (0.12s latency).
MAC Address: 04:54:53:0F:C3:20 (Apple)
Nmap scan report for 172.29.59.22
Host is up (0.034s latency).
MAC Address: 04:54:53:0F:C4:B2 (Apple)
Nmap scan report for 172.29.59.31
Host is up (0.0050s latency).
MAC Address: 10:0B:A9:9B:90:F8 (Intel Corporate)
Nmap scan report for 172.29.59.36
Host is up (0.0024s latency).
MAC Address: 1C:4B:D6:75:87:FB (AzureWave)
Nmap scan report for 172.29.59.39
Host is up (0.39s latency).
MAC Address: C0:BD:D1:A1:28:5A (Samsung Electro Mechanics co.)
Nmap scan report for 172.29.59.40
Host is up (0.074s latency).
MAC Address: 3C:15:C2:1D:4E:84 (Apple)
Nmap scan report for 172.29.59.42
Host is up (0.56s latency).
MAC Address: AC:3C:0B:78:35:7F (Apple)
Nmap scan report for 172.29.59.46
Host is up (0.034s latency).
MAC Address: 00:23:4D:32:64:E1 (Hon Hai Precision Ind. Co.)
Nmap scan report for 172.29.59.47
Host is up (0.0030s latency).
MAC Address: A0:A8:CD:23:1F:C7 (Intel Corporate)
Nmap scan report for 172.29.59.50
Host is up (0.0046s latency).
MAC Address: A4:67:06:8B:F3:B2 (Apple)
Nmap scan report for 172.29.59.53
Host is up (0.078s latency).
MAC Address: 18:34:51:71:AB:EF (Apple)
Nmap scan report for 172.29.59.54
Host is up (0.0078s latency).
MAC Address: 18:CF:5E:27:2C:D4 (Liteon Technology)
Nmap scan report for 172.29.59.56
Host is up (0.050s latency).
MAC Address: F0:C1:F1:2A:EB:26 (Apple)
Nmap scan report for 172.29.59.57
Host is up (0.034s latency).
MAC Address: 60:92:17:B6:AC:F9 (Apple)
Nmap scan report for 172.29.59.59
Host is up (0.11s latency).
MAC Address: 80:86:F2:1E:6C:FC (Intel Corporate)
Nmap scan report for 172.29.59.61
Host is up (0.68s latency).
MAC Address: E0:F8:47:4F:62:88 (Apple)
Nmap scan report for 172.29.59.62
Host is up (0.29s latency).
MAC Address: 60:92:17:5E:99:6E (Apple)
Nmap scan report for 172.29.59.63
Host is up (0.0027s latency).
MAC Address: 48:74:6E:78:5A:1C (Apple)
Nmap scan report for 172.29.59.65
Host is up (0.027s latency).
MAC Address: D0:22:BE:BB:A0:2F (Samsung Electro Mechanics co.)
Nmap scan report for 172.29.59.66
Host is up (0.054s latency).
MAC Address: 64:20:0C:35:A7:1D (Apple)
Nmap scan report for 172.29.59.67
Host is up (0.064s latency).
MAC Address: C8:BC:C8:E8:D2:1D (Apple)
Nmap scan report for 172.29.59.70
Host is up (0.42s latency).
MAC Address: 40:A6:D9:E1:77:56 (Apple)
Nmap scan report for 172.29.59.72
Host is up (0.0089s latency).
MAC Address: 04:54:53:0F:C2:F4 (Apple)
Nmap scan report for 172.29.59.73
Host is up (0.16s latency).
MAC Address: 04:54:53:0F:C8:65 (Apple)
Nmap scan report for 172.29.59.74
Host is up (0.16s latency).
MAC Address: 04:54:53:0F:C2:FA (Apple)
Nmap scan report for 172.29.59.79
Host is up (0.045s latency).
MAC Address: 60:92:17:D8:C1:41 (Apple)
Nmap scan report for 172.29.59.80
Host is up (0.50s latency).
MAC Address: A8:88:08:EC:7E:57 (Apple)
Nmap scan report for 172.29.59.81
Host is up (0.034s latency).
MAC Address: CC:3A:61:87:65:FD (Samsung Electro Mechanics CO.)
Nmap scan report for 172.29.59.85
Host is up (0.46s latency).
MAC Address: C8:85:50:13:EE:C8 (Apple)
Nmap scan report for 172.29.59.86
Host is up (0.17s latency).
MAC Address: 8C:FA:BA:7E:21:47 (Apple)
Nmap scan report for 172.29.59.87
Host is up (0.11s latency).
MAC Address: 04:DB:56:4A:F4:B4 (Apple)
Nmap scan report for 172.29.59.92
Host is up (0.0023s latency).
MAC Address: AC:81:12:09:09:1B (Gemtek Technology Co.)
Nmap scan report for 172.29.59.95
Host is up (0.11s latency).
MAC Address: F0:C1:F1:1A:04:08 (Apple)
Nmap scan report for 172.29.59.96
Host is up (0.054s latency).
MAC Address: EC:85:2F:7B:C3:8C (Apple)
Nmap scan report for 172.29.59.98
Host is up (0.13s latency).
MAC Address: 18:20:32:D2:17:41 (Apple)
Nmap scan report for 172.29.59.99
Host is up (0.10s latency).
MAC Address: 60:F8:1D:DC:14:1C (Apple)
Nmap scan report for 172.29.59.100
Host is up (0.60s latency).
MAC Address: F0:D1:A9:87:75:DB (Apple)
Nmap scan report for 172.29.59.105
Host is up (0.0023s latency).
MAC Address: 7C:D1:C3:75:13:A6 (Apple)
Nmap scan report for 172.29.59.106
Host is up (0.15s latency).
MAC Address: D8:D1:CB:EC:FC:63 (Apple)
Nmap scan report for 172.29.59.107
Host is up (3.7s latency).
MAC Address: 64:9A:BE:10:ED:4E (Apple)
Nmap scan report for 172.29.59.108
Host is up (0.00023s latency).
MAC Address: F4:B7:E2:C9:1B:E3 (Hon Hai Precision Ind. Co.)
Nmap scan report for 172.29.59.110
Host is up (0.033s latency).
MAC Address: 60:AF:6D:87:2C:41 (Samsung Electronics Co.)
Nmap scan report for 172.29.59.112
Host is up (0.066s latency).
MAC Address: 54:EA:A8:5E:D3:05 (Apple)
Nmap scan report for 172.29.59.113
Host is up (0.37s latency).
MAC Address: 54:EA:A8:4E:87:D0 (Apple)
Nmap scan report for 172.29.59.114
Host is up (0.85s latency).
MAC Address: 4C:7C:5F:E2:BB:4A (Apple)
Nmap scan report for 172.29.59.115
Host is up (0.19s latency).
MAC Address: 88:C9:D0:FF:A4:00 (LG Electronics)
Nmap scan report for 172.29.59.120
Host is up (0.46s latency).
MAC Address: F4:F1:5A:8C:3C:9D (Apple)
Nmap scan report for 172.29.59.122
Host is up (0.56s latency).
MAC Address: 90:B9:31:C2:1B:4B (Apple)
Nmap scan report for 172.29.59.156
Host is up (0.45s latency).
MAC Address: E0:66:78:C9:13:E2 (Apple)
Nmap scan report for 172.29.59.116
Host is up.
Nmap done: 254 IP addresses (58 hosts up) scanned in 28.57 seconds

And this is an even faster variant of that command. This scanned 256 IP addresses in 6.2 seconds.

root@kali:~/Documents# nmap -T5 -sP 172.29.59.0/24
 
Starting Nmap 6.49BETA5 ( https://nmap.org ) at 2015-10-07 10:44 AEDT
Nmap scan report for 172.29.59.1
Host is up (0.0055s latency).
MAC Address: 00:26:F1:F5:03:00 (ProCurve Networking by HP)
Nmap scan report for 172.29.59.4
Host is up (0.0020s latency).
MAC Address: 00:0B:86:0C:4D:00 (Aruba Networks)
Nmap scan report for 172.29.59.11
Host is up (0.073s latency).
MAC Address: 7C:6D:62:74:92:7E (Apple)
Nmap scan report for 172.29.59.12
Host is up (0.14s latency).
MAC Address: 04:54:53:0F:CC:3B (Apple)
Nmap scan report for 172.29.59.13
Host is up (0.023s latency).
MAC Address: 00:1F:5B:C3:F3:C4 (Apple)
Nmap scan report for 172.29.59.14
Host is up (0.040s latency).
MAC Address: 88:1F:A1:B7:87:67 (Apple)
Nmap scan report for 172.29.59.15
Host is up (0.0040s latency).
MAC Address: 28:B2:BD:0B:00:B8 (Intel Corporate)
Nmap scan report for 172.29.59.19
Host is up (0.17s latency).
MAC Address: 04:54:53:0F:C3:1A (Apple)
Nmap scan report for 172.29.59.20
Host is up (0.20s latency).
MAC Address: 04:54:53:0F:C3:20 (Apple)
Nmap scan report for 172.29.59.22
Host is up (0.039s latency).
MAC Address: 04:54:53:0F:C4:B2 (Apple)
Nmap scan report for 172.29.59.31
Host is up (0.0033s latency).
MAC Address: 10:0B:A9:9B:90:F8 (Intel Corporate)
Nmap scan report for 172.29.59.36
Host is up (0.0061s latency).
MAC Address: 1C:4B:D6:75:87:FB (AzureWave)
Nmap scan report for 172.29.59.39
Host is up (0.21s latency).
MAC Address: C0:BD:D1:A1:28:5A (Samsung Electro Mechanics co.)
Nmap scan report for 172.29.59.40
Host is up (1.8s latency).
MAC Address: 3C:15:C2:1D:4E:84 (Apple)
Nmap scan report for 172.29.59.42
Host is up (0.33s latency).
MAC Address: AC:3C:0B:78:35:7F (Apple)
Nmap scan report for 172.29.59.46
Host is up (0.022s latency).
MAC Address: 00:23:4D:32:64:E1 (Hon Hai Precision Ind. Co.)
Nmap scan report for 172.29.59.47
Host is up (0.0028s latency).
MAC Address: A0:A8:CD:23:1F:C7 (Intel Corporate)
Nmap scan report for 172.29.59.50
Host is up (0.11s latency).
MAC Address: A4:67:06:8B:F3:B2 (Apple)
Nmap scan report for 172.29.59.52
Host is up (0.11s latency).
MAC Address: 28:E1:4C:DE:66:52 (Apple)
Nmap scan report for 172.29.59.53
Host is up (0.067s latency).
MAC Address: 18:34:51:71:AB:EF (Apple)
Nmap scan report for 172.29.59.54
Host is up (0.0059s latency).
MAC Address: 18:CF:5E:27:2C:D4 (Liteon Technology)
Nmap scan report for 172.29.59.56
Host is up (0.079s latency).
MAC Address: F0:C1:F1:2A:EB:26 (Apple)
Nmap scan report for 172.29.59.57
Host is up (0.17s latency).
MAC Address: 60:92:17:B6:AC:F9 (Apple)
Nmap scan report for 172.29.59.60
Host is up (0.060s latency).
MAC Address: BC:6C:21:5B:2C:D8 (Unknown)
Nmap scan report for 172.29.59.61
Host is up (0.069s latency).
MAC Address: E0:F8:47:4F:62:88 (Apple)
Nmap scan report for 172.29.59.62
Host is up (1.9s latency).
MAC Address: 60:92:17:5E:99:6E (Apple)
Nmap scan report for 172.29.59.63
Host is up (1.1s latency).
MAC Address: 48:74:6E:78:5A:1C (Apple)
Nmap scan report for 172.29.59.65
Host is up (0.13s latency).
MAC Address: D0:22:BE:BB:A0:2F (Samsung Electro Mechanics co.)
Nmap scan report for 172.29.59.66
Host is up (0.25s latency).
MAC Address: 64:20:0C:35:A7:1D (Apple)
Nmap scan report for 172.29.59.67
Host is up (0.082s latency).
MAC Address: C8:BC:C8:E8:D2:1D (Apple)
Nmap scan report for 172.29.59.70
Host is up (0.084s latency).
MAC Address: 40:A6:D9:E1:77:56 (Apple)
Nmap scan report for 172.29.59.72
Host is up (0.19s latency).
MAC Address: 04:54:53:0F:C2:F4 (Apple)
Nmap scan report for 172.29.59.73
Host is up (0.21s latency).
MAC Address: 04:54:53:0F:C8:65 (Apple)
Nmap scan report for 172.29.59.74
Host is up (0.14s latency).
MAC Address: 04:54:53:0F:C2:FA (Apple)
Nmap scan report for 172.29.59.79
Host is up (0.0073s latency).
MAC Address: 60:92:17:D8:C1:41 (Apple)
Nmap scan report for 172.29.59.80
Host is up (1.4s latency).
MAC Address: A8:88:08:EC:7E:57 (Apple)
Nmap scan report for 172.29.59.81
Host is up (0.10s latency).
MAC Address: CC:3A:61:87:65:FD (Samsung Electro Mechanics CO.)
Nmap scan report for 172.29.59.85
Host is up (0.28s latency).
MAC Address: C8:85:50:13:EE:C8 (Apple)
Nmap scan report for 172.29.59.86
Host is up (0.28s latency).
MAC Address: 8C:FA:BA:7E:21:47 (Apple)
Nmap scan report for 172.29.59.87
Host is up (0.69s latency).
MAC Address: 04:DB:56:4A:F4:B4 (Apple)
Nmap scan report for 172.29.59.92
Host is up (0.0028s latency).
MAC Address: AC:81:12:09:09:1B (Gemtek Technology Co.)
Nmap scan report for 172.29.59.96
Host is up (0.14s latency).
MAC Address: EC:85:2F:7B:C3:8C (Apple)
Nmap scan report for 172.29.59.98
Host is up (0.13s latency).
MAC Address: 18:20:32:D2:17:41 (Apple)
Nmap scan report for 172.29.59.99
Host is up (0.24s latency).
MAC Address: 60:F8:1D:DC:14:1C (Apple)
Nmap scan report for 172.29.59.100
Host is up (1.3s latency).
MAC Address: F0:D1:A9:87:75:DB (Apple)
Nmap scan report for 172.29.59.102
Host is up (0.065s latency).
MAC Address: 24:FD:52:E4:70:83 (Liteon Technology)
Nmap scan report for 172.29.59.105
Host is up (0.054s latency).
MAC Address: 7C:D1:C3:75:13:A6 (Apple)
Nmap scan report for 172.29.59.106
Host is up (0.79s latency).
MAC Address: D8:D1:CB:EC:FC:63 (Apple)
Nmap scan report for 172.29.59.107
Host is up (0.78s latency).
MAC Address: 64:9A:BE:10:ED:4E (Apple)
Nmap scan report for 172.29.59.108
Host is up (0.00031s latency).
MAC Address: F4:B7:E2:C9:1B:E3 (Hon Hai Precision Ind. Co.)
Nmap scan report for 172.29.59.110
Host is up (0.042s latency).
MAC Address: 60:AF:6D:87:2C:41 (Samsung Electronics Co.)
Nmap scan report for 172.29.59.112
Host is up (0.084s latency).
MAC Address: 54:EA:A8:5E:D3:05 (Apple)
Nmap scan report for 172.29.59.113
Host is up (0.13s latency).
MAC Address: 54:EA:A8:4E:87:D0 (Apple)
Nmap scan report for 172.29.59.114
Host is up (0.094s latency).
MAC Address: 4C:7C:5F:E2:BB:4A (Apple)
Nmap scan report for 172.29.59.115
Host is up (0.14s latency).
MAC Address: 88:C9:D0:FF:A4:00 (LG Electronics)
Nmap scan report for 172.29.59.117
Host is up (0.11s latency).
MAC Address: 90:FD:61:09:11:6D (Apple)
Nmap scan report for 172.29.59.120
Host is up (0.072s latency).
MAC Address: F4:F1:5A:8C:3C:9D (Apple)
Nmap scan report for 172.29.59.122
Host is up (0.90s latency).
MAC Address: 90:B9:31:C2:1B:4B (Apple)
Nmap scan report for 172.29.59.156
Host is up (0.041s latency).
MAC Address: E0:66:78:C9:13:E2 (Apple)
Nmap scan report for 172.29.59.116
Host is up.
Nmap done: 256 IP addresses (60 hosts up) scanned in 6.27 seconds

No comments have been made. Use this form to start the conversation :)

Leave a Reply