Need a Managed Penetration Test?
Try our Services
Sample Report
Here is a Ping Sweep sample report:
- Shows the hosts which are live/up on the given IP range
- Includes reverse DNS information for each IP
Ping Sweep - Use Cases
Enables you to see which IPs are 'live' within a given network range. Behind a 'live' IP there is a running server or workstation.
Perimeter Mapping
By seeing which hosts are live in a network range, you can map the perimeter of an organization and plan the pentesting work.
Work Estimation
This tool helps you estimate the security assessment effort for an organization by showing how many servers and workstations are reachable from the Internet.
Asset Inventory
You can use this tool to perform an asset inventory against your own network ranges. Detect old systems which should be updated or decomissioned.
Technical Details
About
Use this tool to discover which IPs are 'live' within a given network range. Behind a live IP there is a running server or workstation that responds to requests sent over the network.
Finding all live hosts within a network range is necessary in a penetration test for determining the complete attack surface of the client organization. Furthermore, this helps to estimate the effort for the whole project and is needed for concentrating the testing only to the live hosts.
Finding all live hosts within a network range is necessary in a penetration test for determining the complete attack surface of the client organization. Furthermore, this helps to estimate the effort for the whole project and is needed for concentrating the testing only to the live hosts.
Parameters
| Parameter | Description |
|---|---|
| IP range | The range of IP addresses that will be sweeped. Maximum 256 IP addresses can be sweeped in a row. The range can be specified in CIDR notation (1.1.1.0/24) or IP range (1.1.1.1-254). |
| Do reverse DNS | When this option is enabled, the tool will try to find the DNS name associated with each live IP address. Names are useful because they usually suggest the functionality of the system. |
How it works
The tool calls Nmap with the proper parameters in order to do the sweeping. Behind the scene, Nmap sends multiple probes to the target systems to provoque responses which could suggest the hosts' liveness:
- ICMP echo requests
- TCP SYN on ports 80,443
- ICMP timestamp requests
