The best way to approach this problem is to query each possible IP address on the LAN to see if a host responds. There are several utilities that will do this for you. First, of course, is the venerable ping utility. Most ping implementations can query only a single host at a time, so a completely automated search would require calling ping from a script. Fortunately, there are more convenient solutions. The fping utility can send a ping to a range of addresses or to a whole subnetwork with a single invocation. For example, to ping every address on the 192.168.3.X subnet, we would invoke fping as
fping -g 192.168.3.0/24or
fping -g 192.168.3.1 192.168.3.254
Another, more flexible, tool is nmap. Because it is intended primarily as a security testing tool, nmap is adept at finding hosts on a network. To query the same subnet as in the fping example, we would invoke nmap as
nmap –sP 192.168.3.0/24
All of the utilities that we discussed above are open source and available for Unix/Linux, MAC, and Windows. Because many system administrators configure network firewalls to filter ICMP ping packets, it is best to run these tools from a host on the LAN you are testing.
This was first published in February 2007