Ping Sweep Using nmap on Linux
See what devices are active on your subnetwork using peng sweep with nmap command in Linux.
Ping sweep is the ability to ping multiple devices at once. This can be a lifesaver when looking at which devices are up from the stack of machines while troubleshooting.
Sure, you can do the ping sweep with various tools but using the nmap command to perform ping sweep is one of the most flexible and widely used methods.
So in this tutorial, I will share some practical examples of performing ping sweep using the nmap command.
Usually, nmap does not come pre-installed. You can check whether you have it installed by checking the installed version:
If it throws an error saying Command 'nmap' not found, it can easily be installed with the following command:
For Ubuntu/Debian-based distros:
sudo apt install nmap
For Fedora/RHEL base:
sudo dnf install nmap
For Arch-based distros:
sudo pacman -S nmap
Once you have it installed, all you have to do is use the nmap command with the
nmap -sn target_IP/s
The simplest way to ping sweep multiple hosts is to append them one by one as shown:
nmap -sn [IP_1] [IP_2] [IP_n]
Let's say I want to ping three IPs
192.168.1.8 so I will be using the following:
nmap -sn 192.168.1.1 192.168.1.7 192.168.1.8
And as you can see, all of the tree hosts are up!
But there are more (and better) ways to ping sweep hosts. Especially, when you are dealing with a stack of machines.
To ping sweep the entire subnet, you can use the wildcard
* replacing the last octet (the last part of your IP after the
nmap -sn 192.168.1.*
So if you want to check whether the IPs in a specific range are up or not, you can benefit from this method.
So let's say I want to check IPs from
192.168.1.10 then I will be using the following:
nmap -sn 192.168.1.1-10
This is similar to the above method but you get to choose which host to ping by just appending the ending octet.
So let's say I want to ping
192.168.1.8 which can easily be done using their ending octet:
nmap -sn 192.168.1.1,7,8
You can exclude the IP address while pinging a bunch of hosts using the
So let's say I want to exclude
192.168.1.7while scanning the whole subnet so I will be using the following:
nmap -sn 192.168.1.* --exclude 192.168.1.7
Similarly, you can also use the range of IPs to exclude them from the ping.
Let's say I want to exclude IP from
192.168.1.5 while scanning the entire subnet, so I will be using the following:
nmap -sn 192.168.1.* --exclude 192.168.1.1-5
Pretty easy. Isn't it?
If you are getting started or curious to learn more about networks, the nmap command is one of the most basic networking commands you should start with.
And nmap can do a lot more than what you just saw in this guide.
We have a detailed guide on how you can use the nmap command:
I hope you will find this guide helpful.
And if you have any queries, let me know in the comments.