linux 如何查询局域网内当前连接的设备?
Linux provides several tools and methods to query the devices connected to the Local Area Network (LAN). Here are some commonly used methods:
Linux 提供了多种工具和方法来查询连接到局域网 (LAN) 的设备。下面是一些常用的方法:
1. Using nmap
1.使用 nmap
nmap
(Network Mapper) is a powerful network scanning tool.
nmap
(Network Mapper)是一款功能强大的网络扫描工具。
Install
nmap
: 安装nmap
:shsudo apt-get install nmap
Scan the network: Replace
192.168.1.0/24
with your network’s IP range.
扫描网络 将192.168.1.0/24
替换为网络的 IP 范围。shsudo nmap -sn 192.168.1.0/24
This command performs a ping scan, which will list the devices that respond to pings.
该命令将执行 ping 扫描,列出响应 ping 的设备。
2. Using arp-scan
2.使用 arp-scan
arp-scan
is another tool that can discover devices in the network using ARP (Address Resolution Protocol).
arp-scan
是另一个可以使用 ARP(地址解析协议)发现网络设备的工具。
Install
arp-scan
: 安装arp-scan
:shsudo apt-get install arp-scan
Scan the network: Replace
eth0
with your network interface if different.
扫描网络 如果网络接口不同,请将eth0
替换为网络接口。shsudo arp-scan --interface=eth0 --localnet
3. Using ping
and arp
3.使用 ping
和 arp
A simple script can combine ping
and arp
commands to find and list the devices.
一个简单的脚本可以结合 ping
和 arp
命令来查找并列出设备。
Script Example: 脚本示例:
sh#!/bin/bash # Define the network range network="192.168.1" # Ping the network for ip in $(seq 1 254); do ping -c 1 -W 1 $network.$ip > /dev/null && echo "Ping $network.$ip: Success" & done wait # List the devices from the ARP cache arp -a
Save this script to a file (e.g.,
scan_network.sh
), make it executable, and run it:
将此脚本保存到一个文件中(例如scan_network.sh
),使其可执行,然后运行它:shchmod +x scan_network.sh ./scan_network.sh
4. Using ip
and arp
4.使用 ip
和 arp
Modern Linux distributions use the ip
command from the iproute2
package instead of the older ifconfig
.
现代 Linux 发行版使用 iproute2
软件包中的 ip
命令,而不是较早的 ifconfig
命令。
Using
ip
to list ARP cache:
使用ip
列出 ARP 缓存:ship neigh
Using
arp
to list ARP cache:
使用arp
列出 ARP 缓存:sharp -n
5. Using netdiscover
5.使用 netdiscover
netdiscover
is another tool that can passively or actively scan for devices in the network.
netdiscover
是另一个可以被动或主动扫描网络设备的工具。
Install
netdiscover
: 安装netdiscover
:shsudo apt-get install netdiscover
Scan the network: 扫描网络
shsudo netdiscover -r 192.168.1.0/24
Example Output 输出示例
Here's an example of what the output might look like using arp-scan
:
下面是使用 arp-scan
时输出结果的示例:
shInterface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.9 with 256 hosts (https://github.com/royhills/arp-scan)
192.168.1.1 00:1d:7e:ad:00:00 Cisco Systems, Inc
192.168.1.2 08:00:27:53:8b:dc CADMUS COMPUTER SYSTEMS
192.168.1.3 b8:27:eb:00:00:00 Raspberry Pi Foundation
3 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.9: 256 hosts scanned in 2.007 seconds (127.56 hosts/sec). 3 responded
Each of these tools and methods provides different levels of detail and can be used depending on the specific requirements and available tools in your Linux environment.
每种工具和方法都提供了不同程度的细节,可根据具体要求和 Linux 环境中的可用工具来使用。
sudo nmap -sn 192.168.1.0/24
这条命令的含义是什么
The command sudo nmap -sn 192.168.1.0/24
is used to perform a network scan to identify devices connected to a specified network range. Let's break down the command:
命令 sudo nmap -sn 192.168.1.0/24
用于执行网络扫描,以识别连接到指定网络范围的设备。让我们来分析一下这条命令:
sudo
: This command runsnmap
with superuser (root) privileges, which may be necessary for certain types of scans or to access certain network interfaces.
sudo
:该命令以超级用户(root)权限运行nmap
,某些类型的扫描或访问某些网络接口可能需要超级用户权限。nmap
: This is the command-line tool for network discovery and security auditing.
nmap
:这是用于网络发现和安全审计的命令行工具。-sn
: This option tellsnmap
to perform a "ping scan." This means thatnmap
will not perform a full port scan on the target devices but will only determine if the hosts are up (alive) by sending ping requests.
-sn
:该选项指示nmap
执行 "ping 扫描"。这意味着,nmap
不会对目标设备执行完整的端口扫描,而只会通过发送 ping 请求来确定主机是否正常运行(存活)。192.168.1.0/24
: This specifies the network range to be scanned. Here,192.168.1.0/24
represents a subnet with the IP address range from192.168.1.0
to192.168.1.255
. The/24
is a CIDR notation indicating that the first 24 bits of the IP address are fixed, leaving the last 8 bits for host addresses within that subnet.
192.168.1.0/24
:指定要扫描的网络范围。这里,192.168.1.0/24
表示 IP 地址范围从192.168.1.0
到192.168.1.255
的子网。/24
是 CIDR 符号,表示 IP 地址的前 24 位是固定的,后 8 位留给该子网内的主机地址。
Detailed Breakdown of 192.168.1.0/24
192.168.1.0/24
的详细分类
192.168.1.0
: The base address of the subnet.
192.168.1.0
:子网的基地址。/24
: CIDR (Classless Inter-Domain Routing) notation for the subnet mask, which in this case is255.255.255.0
. This means that there are 256 possible IP addresses in this range (192.168.1.0
to192.168.1.255
), where.0
is the network address and.255
is the broadcast address.
/24
:子网掩码的 CIDR(无类域间路由)符号,本例中为255.255.255.0
。这意味着在这个范围内(192.168.1.0
至192.168.1.255
)有 256 个可能的 IP 地址,其中.0
是网络地址,.255
是广播地址。
Example of Command Output
命令输出示例
When you run the command, the output will look something like this:
运行该命令后,输出结果将如下所示:
shStarting Nmap 7.91 ( https://nmap.org ) at 2024-05-15 12:00 UTC
Nmap scan report for 192.168.1.1
Host is up (0.00032s latency).
Nmap scan report for 192.168.1.2
Host is up (0.00042s latency).
Nmap scan report for 192.168.1.3
Host is up (0.00050s latency).
Nmap done: 256 IP addresses (3 hosts up) scanned in 2.01 seconds
In this example: 在这个例子中
192.168.1.1
,192.168.1.2
, and192.168.1.3
are the IP addresses of the devices found on the network.
192.168.1.1
、192.168.1.2
和192.168.1.3
是网络上设备的 IP 地址。- The
Host is up
line indicates that the device responded to the ping scan.
Host is up
行表示设备响应了 ping 扫描。 - The latency (e.g.,
0.00032s latency
) indicates the time taken for the ping request to receive a response from the host.
延迟(例如0.00032s latency
)表示 ping 请求从主机收到响应所需的时间。
This command is useful for quickly identifying active devices on a local network without performing a detailed port scan, which can be more intrusive and time-consuming.
该命令可用于快速识别本地网络中的活动设备,而无需执行详细的端口扫描,因为端口扫描可能更具侵入性且耗时更长。
ChatGPT 可能会出错。检查重要信息。