There are plenty of free IP scanner tools out there which are capable of scanning entire IP address space and provide results. There are different tools that use different methods for discovery. But the question is, can we call them discovery tools? And how can any IP scanner improve the network discovery? Those are relevant questions, which I am about to try to answer.
There are a couple of use cases for using a free IP scanner. It usually comes in the form of an application. In the first place, the user needs to install it on his/her computer, which can include a downside. Any application available on the Internet for free can be a potential threat to your system. Of course, there are free available tools that are backed by large communities, created by honest developers from the industry. On the other hand, you should be always careful with the choice of software before installing it.
The good quality free IP scanner can be handy when we try to scan the IP address space usually on a local area network. It can provide you with a piece of information about currently active IP addresses, their DNS names, MAC addresses and more. With this intention, the result will be the list of currently active devices or end-points on a particular network subnet with additional information. One of the good and lightweight tool can be the Angry IP scanner.
The good point is why it doesn't improve the discovery? There are a
First, having an ICMP probe return provides just that - a response. The information is extremely shallow. It does not show which network the IP belongs to, if it's a /27, a /25 or whatever mask it is. It does not say anything about the underlying network technology, except that the probe is returned. No overview of routing, underlying transmission, forwarding decisions, topology, or any in-depth information. Some devices may even spoof ICMP probe returns because of the security policies. A number of pieces of information can be guessed by a returning ICMP probe, but really the main benefit is to understand if the the destination IP is reachable from the source IP, and in case of a full port scanner, if ports area reachable from source to destination.
Second, not all network devices will respond to ICMP messages. Which means there might be missing endpoints on the final list. For example firewalls blocking ICMP responses (or ICMP errors) to own and hosted subnets are not uncommon. And once you may assume that the certain IP address or a network is not used, it may be used already and ultimate lead to duplicate IP addresses.
And there can be more reasons. The computer that initiates the IP discovery process doesn't have access to other network subnets by default. Even though it can be helpful to see active network devices responding.
The complete network discovery process is a time-consuming task that requires a huge amount of data collection and correlation. Given that, it still can be very well automated with tools like the IP Fabric platform.
If you have found this article resourceful, please follow our company’s LinkedIn or Blog, where there will be more content emerging. Furthermore, if you would like to test our platform to observe how it can assist you in more efficiently managing your network, please write us through our web page www.ipfabric.io