Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Get to Know Your Tools: Nmap Ping Subnet Scan

wireless spectrum
(Source: Pixabay)

In this article, I use nmap, a popular utility, to illustrate a simple example.

For those familiar with my work, I always mention that you should 'know your tools,' so I won't beat that point to death. I have plenty of examples on my website in case you are new to my work.

When you use the -sn subnet option in nmap, the help screen mention that it is a "Ping Scan." Most analysts know ping and probably know that ping uses ICMP as its protocol. Well, in this video, you will see how I used Wireshark to observe how nmap discovers a subnet and if it uses ICMP to accomplish this.

With this specific option on Windows 10, the utility uses ARP for its discovery mechanism.

nmap

When you think about it, ARP is a much better protocol to use since ICMP could be rerouted, blocked, or response spoofed. After you figure out your tool behavior, understanding how it behaves on your network and devices becomes obvious.

I encourage you to spend a few minutes with your favorite troubleshooting tools to figure out how they behave. Don’t forget to retest your favorite software with devices and networks you are familiar with whenever a new version comes out to ensure the tool still reports the results the same way and that behavior hasn’t changed.

 

See other hands-on tool reviews by Tony Fortunato here.