How to find out how many clients are on a certain address range?

Question

I tried googling for this but i didnt find anything... I am building a port scanner and i would like to make it so, that i can scan a network range e.g 192.168.2.* and find out how many computers are on that range that are online. Alot like Nmap. I am programming in python. Is this possible in Python?

Your title is misleading. There is only ever one host per IP address. You seem to be asking about address *ranges.* — user207421, Nov 16 '10 at 22:33

score 2 · Answer 1 · answered Nov 15 '10 at 16:19

2

Use python-nmap. Basic usage:

import nmap
nm = nmap.PortScanner()
nm.scan(hosts='192.168.2.0/24', arguments='-n -sP -PE -PA21,23,80,3389')
hosts_list = [(x, nm[x]['status']['state']) for x in nm.all_hosts()]
for host, status in hosts_list:
    print('{0}:{1}'.format(host, status))

For further reference see http://pypi.python.org/pypi/python-nmap

answered Nov 15 '10 at 16:19

Yuval Adam

161,610
92
305
395

Thanks for the reply! I would like to know how to make this function by myself. – Andesay Nov 15 '10 at 16:20
Or is it very complicated? I made the portscanner itself, but i am missing the computer detection code. – Andesay Nov 15 '10 at 16:21
Well, how are you scanning the IP? Are you pinging it? Creating a TCP connection? – Yuval Adam Nov 15 '10 at 16:22
By creating a TCP connection. – Andesay Nov 15 '10 at 16:35
By that heuristic - if you managed to create a connection, then the IP is alive. – Yuval Adam Nov 15 '10 at 16:48
I see.. You just gave me an idea. Thanks for all your input! – Andesay Nov 17 '10 at 15:37
How would i go about finding out how many clients are behind an IP-address (like when one is connected through a router)? – Andesay Nov 17 '10 at 15:50
You have no way of figuring that out, unless you try to hack that LAN. – Yuval Adam Nov 17 '10 at 16:24
OK i see. So when i scan an IP and it responds.. Which machine on the LAN is responding ? Or is it the router itself? – Andesay Nov 18 '10 at 07:58

score 1 · Accepted Answer · answered Nov 15 '10 at 16:42

Here is Draft example that you can start with:

import socket

addr_range = "192.168.1.%d"

ip_address_up = []

# Use UDP. 
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)

s.settimeout(2.0)

for i in range(1, 254):
    try:
        ip = addr_range % i
        socket.gethostbyaddr(ip)
        ip_address_up.append(ip)
    except socket.herror as ex:
        pass

print ip_address_up

or something like this using ICMP (ping) rather thank UDP:

import socket
import ping

ip_address_up = []

addr_range = "192.168.1.%d"

for i in range(1, 254):       
   try:
       ip = addr_range % i
       delay = ping.do_one(ip, timeout=2)
       ip_address_up.append(ip)
   except (socket.herror, socket.timeout) as ex:
       pass

print ip_address_up

score 0 · Answer 3 · answered Nov 15 '10 at 16:22

Using raw sockets you can implement something nmap-like. You will probably find that the most informative probes need to be made using specially crafted packets that do "odd" things, compared to normal programming interfaces. It's well worth reading up on the IP/UDP/TCP RFCs.

Using raw sockets you can generate byte by byte any probing packet of your choosing, with options/configurations set that are normally impossible/hard to do under normal circumstances, but which "trick" a host into revealing a wealth of information.

score 0 · Answer 4 · edited May 23 '17 at 11:58

0

For IPv4 on local net you can resort to ARP using say Scapy, see related question.

edited May 23 '17 at 11:58

Community

1
1

answered Nov 15 '10 at 16:29

Nikolai Fetissov

82,306
11
110
171

How to find out how many clients are on a certain address range?

4 Answers4