I'm studying up on using Nmap, and there is a command that sweeps the network with a simple Ping scan to determine which hosts are online.
The command is this:
1 [ignore_this]# nmap -sP 10.0.0.0/24
And the output:
3 Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at
4 2006-07-14 14:19 BST
5 Host 10.0.0.1 appears to be up.
6 MAC Address: 00:09:5B:29:FD:96 (Netgear)
7 Host 10.0.0.2 appears to be up.
8 MAC Address: 00:0F:B5:96:38:5D (Netgear)
9 Host 10.0.0.4 appears to be up.
10 Host 10.0.0.5 appears to be up.
11 MAC Address: 00:14:2A:B1:1E:2E (Elitegroup Computer System Co.)
12 Nmap finished: 256 IP addresses (4 hosts up) scanned in 5.399 seconds
And I'm a littl confused… the command is nmap -sP 10.0.0.0/24. To my (basic) knowledge in networking, this is just a class A ip address, except the /24 at the end is the subnet mask. Why is he including the subnet mask?
Sorry if I'm a little mis-informed and don't understand the topic very well, but I have no clue at all why the /24 is there. Personally I've never used a subnet, I'm not to familiar with it. The most I've ever done with subnetting is write it out on paper and found out what the host portions/networking and broadcasts parts were. I've never actually used subnetting in a computer, I didn't even know you could essentialy ping an ip address with the /24…
If anyone knows
- Where did he get this from?
- Why did he include it…
- A little more on how it works…
Best Answer
Even though 10.0.0.0 is defined as a Class-A network, you can still define smaller networks inside it.
So 10.0.0.0/24 is used to define a smaller network ranging from 10.0.0.0 to 10.0.0.255. As example, /23 could also have been used to define a network ranging form 10.0.0.0 to 10.0.1.255, etc.
I would suggest you look into the CIDR calculator at the following URL (http://www.subnet-calculator.com/cidr.php)
As a side note, in your command, you are not asking NMAP to ping an IP... you are asking that he scan a defined range. You could also point it toward a single IP, but NMAP will most likely translate it as $ip/32.