Discovering hosts with IP protocol ping scans
Nmap supports an interesting scanning technique named IP protocol ping scan. It attempts to determine if a host is online by sending packets using IP packets with different protocols.
The following recipe describes how to perform IP protocol ping scans.
How to do it...
Open your terminal and enter the following command:
# nmap -sn -PO <target>
If the host responded to any of the requests, you should see something like the following:
# nmap -sn -PO scanme.nmap.org
Nmap scan report for scanme.nmap.org (45.33.32.156)
Host is up (0.18s latency).
Other addresses for scanme.nmap.org (not scanned):
2600:3c01::f03c:91ff:fe18:bb2f
Nmap done: 1 IP address (1 host up) scanned in 0.40 seconds
How it works...
The arguments -sn -PO scanme.nmap.org
tell Nmap to perform an IP protocol ping scan of the host scanme.nmap.org
.
By default, this ping scan will use the protocols IGMP, IP-in-IP, and ICMP to try to determine if the host is online...