Prev: weird linux networking problem
Next: Mail relay program that TRASHES ALL INCOMING MAIL?
From: Shi on 5 May 2010 15:53
Hi there,

I thought "nmap -sP" is doing a ping, which would be similar to
running the ping command.
But it turned out they are different. For example
seki(a)xubuntu:~$ nmap -sP 192.168.1.133

Starting Nmap 4.76 ( http://nmap.org ) at 2010-05-05 13:30 MDT
Note: Host seems down. If it is really up, but blocking our ping
probes, try -PN
Nmap done: 1 IP address (0 hosts up) scanned in 0.04 seconds
seki(a)xubuntu:~$ ping 192.168.1.133
PING 192.168.1.133 (192.168.1.133) 56(84) bytes of data.
64 bytes from 192.168.1.133: icmp_seq=1 ttl=64 time=0.139 ms
64 bytes from 192.168.1.133: icmp_seq=2 ttl=64 time=0.210 ms

So apparently the host is responding to my ping command but not to my
nmap command.

Is there a equivalent way of doing ping command using nmap? The reason
I ask this is that if so, I would be able to use nmap to ping a range
of IPs/subnet without having to write a script (although they are
straightforward to write).
Thanks.

Shi
From: Wing on 5 May 2010 17:48
On 5/5/2010 12:53 PM, Shi wrote:
> Hi there,
>
> I thought "nmap -sP" is doing a ping, which would be similar to
> running the ping command.
> But it turned out they are different. For example
> seki(a)xubuntu:~$ nmap -sP 192.168.1.133
>
> Starting Nmap 4.76 ( http://nmap.org ) at 2010-05-05 13:30 MDT
> Note: Host seems down. If it is really up, but blocking our ping
> probes, try -PN
> Nmap done: 1 IP address (0 hosts up) scanned in 0.04 seconds
> seki(a)xubuntu:~$ ping 192.168.1.133
> PING 192.168.1.133 (192.168.1.133) 56(84) bytes of data.
> 64 bytes from 192.168.1.133: icmp_seq=1 ttl=64 time=0.139 ms
> 64 bytes from 192.168.1.133: icmp_seq=2 ttl=64 time=0.210 ms
>
> So apparently the host is responding to my ping command but not to my
> nmap command.
>
> Is there a equivalent way of doing ping command using nmap? The reason
> I ask this is that if so, I would be able to use nmap to ping a range
> of IPs/subnet without having to write a script (although they are
> straightforward to write).
> Thanks.
>
> Shi

Here's help summary:
-sP: Ping Scan - go no further than determining if host is online
----------^^^^

HTH
From: Chris Davies on 5 May 2010 18:58
Shi <jinzishuai(a)gmail.com> wrote:
> I thought "nmap -sP" is doing a ping, which would be similar to
> running the ping command.

The manpage for nmap on my (Debian) system has a section that describes
what -sP actually does.

> But it turned out they are different.

Yes, that's correct.


> Is there a equivalent way of doing ping command using nmap?

sudo nmap -sP -PE {address_ranges...}

Chris
From: Shi on 5 May 2010 19:30
On May 5, 4:58 pm, Chris Davies <chris-use...(a)roaima.co.uk> wrote:
> Shi <jinzish...(a)gmail.com> wrote:
> > I thought "nmap -sP" is doing a ping, which would be similar to
> > running the ping command.
>
> The manpage for nmap on my (Debian) system has a section that describes
> what -sP actually does.
>
> > But it turned out they are different.
>
> Yes, that's correct.
>
> > Is there a equivalent way of doing ping command using nmap?
>
> sudo nmap -sP -PE {address_ranges...}
>
> Chris

Thanks Chris.
This -sP -PE option does work but it requires root access while the
simple ping command does not.
"sudo nmap -sP -PE" also shows the MAC address of the IP, which is
nice but not necessary (which might be paid by being root).
I am looking for a nmap equivalent to the ping, nothing more (more is
OK as long as no extra requirement, such as being root), nothing less.
Do you think something like this exist?
Thanks a lot.
From: habibielwa7id on 6 May 2010 04:09
On May 6, 2:30 am, Shi <jinzish...(a)gmail.com> wrote:
> On May 5, 4:58 pm, Chris Davies <chris-use...(a)roaima.co.uk> wrote:
>
>
>
> > Shi <jinzish...(a)gmail.com> wrote:
> > > I thought "nmap -sP" is doing a ping, which would be similar to
> > > running the ping command.
>
> > The manpage for nmap on my (Debian) system has a section that describes
> > what -sP actually does.
>
> > > But it turned out they are different.
>
> > Yes, that's correct.
>
> > > Is there a equivalent way of doing ping command using nmap?
>
> > sudo nmap -sP -PE {address_ranges...}
>
> > Chris
>
> Thanks Chris.
> This -sP -PE option does work but it requires root access while the
> simple ping command does not.
> "sudo nmap -sP -PE" also shows the MAC address of the IP, which is
> nice but not necessary (which might be paid by being root).
> I am looking for a nmap equivalent to the ping, nothing more (more is
> OK as long as no extra requirement, such as being root), nothing less.
> Do you think  something like this exist?
> Thanks a lot.

-You first attempt to run nmap to scan what hosts are up was wrong,
nmap -sP 192.168.1.133
-sP should be followed by the whole network subnet like,
nmap -sP 192.168.1.133/24
This will not need a root privilege.
-And be careful, If any host firewall blocks ping it will not respond
to ping or nmap ping scan although it's up. I saw some Windows
firewalls do this nowadays,
arping is better, Check you may find a suitable option to scan a whole
network subnet.
If you want to ping a host although it blocks ICMP echo-requests you
may use hping to ping a host with TCP or UDP packets instead of ICMP.

 |  Next  |  Last
Pages: 1 2
Prev: weird linux networking problem
Next: Mail relay program that TRASHES ALL INCOMING MAIL?