How to Find All Hosts on Network with nmap

Jul 24, 2018 - 7 Comments

How to find all hosts on network with nmap

Many advanced users often need to find and list all hosts on a network, often for IP discovery, connecting to a remote machine, or some other system administration or network admin purpose. One of the easiest ways to find all hosts and the host IP addresses on a network is by using the nmap command line tool.

Nmap is compatible with every major operating system including Mac OS, Windows, and Linux, and though it does not come preinstalled by default in MacOS you can either install Homebrew and then install nmap (brew install nmap), or you can install nmap on a Mac directly without a package manager. Thus we’re going to focus on using nmap to find and list all hosts on a network, and we’re assuming you already have nmap on your particular Mac. If you can not use nmap for whatever reason, you may find viewing IP addresses of LAN devices with arp to be useful instead as an alternative solution.

How to Find All Hosts on Network with nmap

Ready to list all hosts IP addresses on a network with nmap? It’s easy, here’s all you need to do:

  1. Launch the Terminal if you have not done so already
  2. Enter the following command string, replacing your network IP and range as appropriate:
  3. nmap -sn 192.168.1.0/24

  4. Hit Return and wait a moment or two to see the detected hosts on the network

Command output of nmap may look something like the following, where host IP addresses of found devices and hardware on the network are detected and displayed:

% nmap -sP 192.168.1.0/20
Starting Nmap ( https://nmap.org ) at 2022-06-15 16:24 PDT
Nmap scan report for 192.168.1.1
Host is up (0.0063s latency).
Nmap scan report for 192.168.1.2
Host is up (0.019s latency).
Nmap scan report for 192.168.1.9
Host is up (0.0051s latency).
Nmap scan report for 192.168.1.11
Host is up (0.021s latency).
Nmap scan report for 192.168.1.12
Host is up (0.0211s latency).
Nmap scan report for 192.168.1.15
Host is up (0.022s latency).
Nmap scan report for 192.168.1.25
Host is up (0.024s latency).
Nmap done: 4096 IP addresses (7 hosts up) scanned in 43.67 seconds

Essentially how this works is that nmap attempts to ping the host IP range on the network to see if they exist, if they do and respond they are returned in the nmap results, and if they don’t or do not respond they will not be listed. That leads to the net obvious question which is how do you detect hosts on the network that do not respond to ping and ICMP request (as some users intentionally disable ICMP request response on Mac, Windows, or Linux computers), but to do that you’d likely have to port scan on the network rather than rely on ping.

You can also use -sP flag, which may work on older versions of nmap if -sn fails. The result should be the same regardless:

nmap -sP 192.168.1.0/24

nmap is one of the best Homebrew packages out there, so if this article interests you but you don’t yet have it, it’s a good reason to fire up Homebrew and install nmap. And of course if you don’t know how to install Homebrew yet you can learn how to do that too.

Do you know of another method of detecting and finding all hosts on a network? Share your tricks in the comments below!

.

Related articles:

Posted by: Paul Horowitz in Command Line, Tips & Tricks

7 Comments

» Comments RSS Feed

  1. Bobber says:

    Most folks, myself included, find that my one router can map out my network just fine. On the other hand, it was very useful for mapping a large corporate network I helped administer about a dozen years ago. But beware: Sometimes a device will crash in response to an nmap port scan. There was one particular Cisco router on the net that would always crash when probed, so I had to specifically exclude that IP address from the port scan.

  2. techcafe says:

    when i enter the nmap command in a terminal window, i get this:

    -bash: nmap: command not found

    what could be the problem? OS is High Sierra running on an iMac.

    • Dan says:

      My best guess is the problem is likely that you did not install nmap first.

      You must install nmap before you can use nmap on the Mac, the second paragraph of the article mentions this with two methods available; install nmap with Homebrew, or install directly.

      I personally use Homebrew but I also install many other command line tools with Homebrew. You could also use MacPorts if you have that. If you’re unfamiliar with nmap or the command line, it’s probably not relevant to you as ultimately everyone has different software usage requirements and needs, and most Mac users don’t use the command line at all. Finding hosts on a network is a pretty specific need, it certainly won’t apply to most people.

    • penguin says:

      LMAO HAHA

  3. Alan Wilson says:

    Also, check out LanScan free from the app store which is easier to use.

  4. Wm Magill says:

    Mac Ports has: nmap 7.70

    Much easier to use than Homebrew.

Leave a Reply

 

Shop on Amazon.com and help support OSXDaily!

Subscribe to OSXDaily

Subscribe to RSS Subscribe to Twitter Feed Follow on Facebook Subscribe to eMail Updates

Tips & Tricks

News

iPhone / iPad

Mac

Troubleshooting

Shop on Amazon to help support this site