Ping Sweep Using nmap on Linux

Ping sweep is the ability to ping multiple devices at once. This can be a lifesaver when looking at which devices are up from the stack of machines while troubleshooting.

Sure, you can do the ping sweep with various tools but using the nmap command to perform ping sweep is one of the most flexible and widely used methods.

So in this tutorial, I will share some practical examples of performing ping sweep using the nmap command.

Prerequisite: Install nmap first

Usually, nmap does not come pre-installed. You can check whether you have it installed by checking the installed version:

nmap -v 

If it throws an error saying Command 'nmap' not found, it can easily be installed with the following command:

For Ubuntu/Debian-based distros:

sudo apt install nmap 

For Fedora/RHEL base:

sudo dnf install nmap

For Arch-based distros:

sudo pacman -S nmap

How to use ping sweep with the nmap command

Once you have it installed, all you have to do is use the nmap command with the -sn flag:

nmap -sn target_IP/s

The simplest way to ping sweep multiple hosts is to append them one by one as shown:

nmap -sn [IP_1] [IP_2] [IP_n] 

Let's say I want to ping three IPs 192.168.1.1, 192.168.1.7 and 192.168.1.8 so I will be using the following:

nmap -sn 192.168.1.1 192.168.1.7 192.168.1.8

And as you can see, all of the tree hosts are up!

But there are more (and better) ways to ping sweep hosts. Especially, when you are dealing with a stack of machines.

Ping sweep the entire subnet with the nmap command

To ping sweep the entire subnet, you can use the wildcard * replacing the last octet (the last part of your IP after the . ):

nmap -sn 192.168.1.*

Ping sweep multiple hosts by specifying the IP range

So if you want to check whether the IPs in a specific range are up or not, you can benefit from this method.

So let's say I want to check IPs from 192.168.1.1 to 192.168.1.10 then I will be using the following:

nmap -sn 192.168.1.1-10

Ping sweep multiple hosts using the ending octet

This is similar to the above method but you get to choose which host to ping by just appending the ending octet.

So let's say I want to ping 192.168.1.1, 192.168.1.7 and 192.168.1.8 which can easily be done using their ending octet:

nmap -sn 192.168.1.1,7,8 

Exclude IP address while ping sweeping using the nmap command

💡
You can exclude multiple addresses using every syntax that I've shown above to ping multiple IPs.

You can exclude the IP address while pinging a bunch of hosts using the --exclude flag.

So let's say I want to exclude 192.168.1.7while scanning the whole subnet so I will be using the following:

nmap -sn 192.168.1.* --exclude 192.168.1.7

Similarly, you can also use the range of IPs to exclude them from the ping.

Let's say I want to exclude IP from 192.168.1.1 to 192.168.1.5 while scanning the entire subnet, so I will be using the following:

nmap -sn 192.168.1.* --exclude 192.168.1.1-5

Pretty easy. Isn't it?

But nmap can do a lot more than just ping

If you are getting started or curious to learn more about networks, the nmap command is one of the most basic networking commands you should start with.

And nmap can do a lot more than what you just saw in this guide.

We have a detailed guide on how you can use the nmap command:

nmap Command Examples in Linux
The nmap command can be used for finding devices on your network, open ports and more. Here are some common uses of nmap.

I hope you will find this guide helpful.

And if you have any queries, let me know in the comments.