About this tool
Use this tool to discover which IPs are 'live' within a given network range. Behind a live IP there is a running server or workstation that responds to requests sent over the network.
Finding all live hosts within a network range is necessary in a penetration test for determining the complete attack surface of the client company. Furthermore, this helps to estimate the effort for the whole project and is needed for concentrating the testing only to the live hosts.
- IP range: The range of IP addresses that will be sweeped. Maximum 256 IP addresses can be sweeped in a row. The range can be specified in CIDR notation (220.127.116.11/24) or IP range (18.104.22.168-254).
- Do reverse DNS: When this option is enabled, the tool will try to find the DNS name associated with each live IP address. Names are useful because they usually suggest the functionality of the system.
How it works
The tool calls Nmap with the proper parameters in order to do the sweeping. Behind the scene, Nmap sends multiple probes to the target systems (ICMP echo requests, TCP SYN on ports 80,443 or ICMP timestamp queries) in order to provoque responses which could suggest the hosts' liveness.