Geek Answers Handbook

The correct way to scan a range of IP addresses

Given the range of IP addresses entered by the user (using various means), I want to determine which of these machines has software that I can talk to.

Here's the main process:

  • Ping these addresses to find available machines

  • Connect to a known socket on available machines

  • Sending a message to successfully installed sockets

  • Compare the answer to the expected answer

Steps 2-4 are right for me. What is the best way to implement the first step in .NET?

I am looking at the System.Net.NetworkInformation.Ping class. Do I have to run multiple addresses at the same time to speed up the process? If I ping one address at a time with a long timeout, it can take a long time. But with a short timeout, I can skip several available machines.

Sometimes pings seem to fail, even when I know that the address points to the active machine. Is it necessary to twice ping in case of refusal of the request?

First of all, when I scan large collections of addresses with the network cable disconnected, Ping throws a NullReferenceException in FreeUnmanagedResources ().!?

Any pointers to a better approach for scanning a range of IP addresses like this?

+4
source share
4 answers

Since not all machines respond to pings (depending on the firewall settings), I suggest skipping step 1, if possible.

If you know the machines with which you will connect to answer calls, the ping class works quite well. It sends only 1 packet, so ping more than once if it crashes. Also, in my experience, the ping class often throws an exception instead of returning a PingReply object if the host is unreachable.

This is my recommended implementation:

public bool Ping (string host, int attempts, int timeout) { System.Net.NetworkInformation.Ping ping = new System.Net.NetworkInformation.Ping (); System.Net.NetworkInformation.PingReply pingReply; for (int i = 0; i < attempts; i++) { try { pingReply = ping.Send (host, timeout); // If there is a successful ping then return true. if (pingReply != null && pingReply.Status == System.Net.NetworkInformation.IPStatus.Success) return true; } catch { // Do nothing and let it try again until the attempts are exausted. // Exceptions are thrown for normal ping failurs like address lookup // failed. For this reason we are supressing errors. } } // Return false if we can't successfully ping the server after several attempts. return false; }
+4
source

Do not forget the headache of people who refuse ping in their firewall rules.

My only suggestion is perhaps the question: do you need to do # 1?

Can't you just try to connect to this famous socket? A successful connection with this nest kills two birds with one stone: yes, the owner is there / alive, and yes, the famous socket is open.

This type of situation is well suited for multithreading, runs it in another thread, and waits until it returns with an answer ...

+4
source

As many people have mentioned, Ping is not the best way to determine if a computer is alive, if absolute mandatory detection of the entire available machine on the subnet is required, you can use some of the tricks that the nmap scanner uses to find available machines.

You can use nmap -sP 192.168.2.1-200 to scan 192.168.2.0 to 192.168.2.255

0
source

It sounds suspicious that someone is trying to write a botnet and scan subnets for infected PCs.

It is unlikely that there will ever be a reason to "discover computers on the network", let them talk to you when and if they want.

-3
source

More articles:


All Articles