Meet us at Cisco Live Las Vegas 2024
Home
>
Blog
>
How any free IP scanner cannot improve network discovery

How any free IP scanner cannot improve network discovery

3 minute read
Home
>
Blog
>
How any free IP scanner cannot improve network discovery
Updated: October 27, 2023
October 1, 2019
Updated: October 27, 2023
3 mins

There are plenty of free IP scanner tools out there which are capable of scanning entire IP address space and provide results. There are different tools that use different methods for discovery. But the question is, can we call them discovery tools? And how can any IP scanner improve the network discovery? Those are relevant questions, which I am about to try to answer.

Why should we use free IP scanner

There are a couple of use cases for using a free IP scanner. It usually comes in the form of an application. In the first place, the user needs to install it on his/her computer, which can include a downside. Any application available on the Internet for free can be a potential threat to your system. Of course, there are free available tools that are backed by large communities, created by honest developers from the industry. On the other hand, you should be always careful with the choice of software before installing it.

The good quality free IP scanner can be handy when we try to scan the IP address space usually on a local area network. It can provide you with a piece of information about currently active IP addresses, their DNS names, MAC addresses and more. With this intention, the result will be the list of currently active devices or end-points on a particular network subnet with additional information. One of the good and lightweight tool can be the Angry IP scanner.

Free IP scanner in Linux
Free IP scanner in Linux

Why it doesn't improve the network discovery

The good point is why it doesn't improve the discovery? There are a couple of reasons.

First, having an ICMP probe return provides just that - a response. The information is extremely shallow. It does not show which network the IP belongs to, if it's a /27, a /25 or whatever mask it is. It does not say anything about the underlying network technology, except that the probe is returned. No overview of routing, underlying transmission, forwarding decisions, topology, or any in-depth information. Some devices may even spoof ICMP probe returns because of the security policies. A number of pieces of information can be guessed by a returning ICMP probe, but really the main benefit is to understand if the the destination IP is reachable from the source IP, and in case of a full port scanner, if ports area reachable from source to destination.

Second, not all network devices will respond to ICMP messages. Which means there might be missing endpoints on the final list. For example firewalls blocking ICMP responses (or ICMP errors) to own and hosted subnets are not uncommon. And once you may assume that the certain IP address or a network is not used, it may be used already and ultimate lead to duplicate IP addresses.

And there can be more reasons. The computer that initiates the IP discovery process doesn't have access to other network subnets by default. Even though it can be helpful to see active network devices responding. There are still a couple of reasons why any free IP scanner tools cannot serve well as network discovery.

Complete network discovery process

The complete network discovery process is a time-consuming task that requires a huge amount of data collection and correlation. Given that, it still can be very well automated with tools like the IP Fabric platform.

If you have found this article resourceful, please follow our company’s LinkedIn or Blog, where there will be more content emerging. Furthermore, if you would like to test our platform to observe how it can assist you in more efficiently managing your network, please write us through our web page www.ipfabric.io

How any free IP scanner cannot improve network discovery

There are plenty of free IP scanner tools out there which are capable of scanning entire IP address space and provide results. There are different tools that use different methods for discovery. But the question is, can we call them discovery tools? And how can any IP scanner improve the network discovery? Those are relevant questions, which I am about to try to answer.

Why should we use free IP scanner

There are a couple of use cases for using a free IP scanner. It usually comes in the form of an application. In the first place, the user needs to install it on his/her computer, which can include a downside. Any application available on the Internet for free can be a potential threat to your system. Of course, there are free available tools that are backed by large communities, created by honest developers from the industry. On the other hand, you should be always careful with the choice of software before installing it.

The good quality free IP scanner can be handy when we try to scan the IP address space usually on a local area network. It can provide you with a piece of information about currently active IP addresses, their DNS names, MAC addresses and more. With this intention, the result will be the list of currently active devices or end-points on a particular network subnet with additional information. One of the good and lightweight tool can be the Angry IP scanner.

Free IP scanner in Linux
Free IP scanner in Linux

Why it doesn't improve the network discovery

The good point is why it doesn't improve the discovery? There are a couple of reasons.

First, having an ICMP probe return provides just that - a response. The information is extremely shallow. It does not show which network the IP belongs to, if it's a /27, a /25 or whatever mask it is. It does not say anything about the underlying network technology, except that the probe is returned. No overview of routing, underlying transmission, forwarding decisions, topology, or any in-depth information. Some devices may even spoof ICMP probe returns because of the security policies. A number of pieces of information can be guessed by a returning ICMP probe, but really the main benefit is to understand if the the destination IP is reachable from the source IP, and in case of a full port scanner, if ports area reachable from source to destination.

Second, not all network devices will respond to ICMP messages. Which means there might be missing endpoints on the final list. For example firewalls blocking ICMP responses (or ICMP errors) to own and hosted subnets are not uncommon. And once you may assume that the certain IP address or a network is not used, it may be used already and ultimate lead to duplicate IP addresses.

And there can be more reasons. The computer that initiates the IP discovery process doesn't have access to other network subnets by default. Even though it can be helpful to see active network devices responding. There are still a couple of reasons why any free IP scanner tools cannot serve well as network discovery.

Complete network discovery process

The complete network discovery process is a time-consuming task that requires a huge amount of data collection and correlation. Given that, it still can be very well automated with tools like the IP Fabric platform.

If you have found this article resourceful, please follow our company’s LinkedIn or Blog, where there will be more content emerging. Furthermore, if you would like to test our platform to observe how it can assist you in more efficiently managing your network, please write us through our web page www.ipfabric.io

SHARE
Demo

Try out the platform

Test out IP Fabric’s automated network assurance platform yourself and be inspired by the endless possibilities.

What would this change for your network teams?
Start live demo
 
 
 
 
 
We're Hiring!
Join the Team and be part of the Future of Network Automation
Available Positions
IP Fabric, Inc.
115 BROADWAY, 5th Floor
NEW YORK NY, 10006
United States
This is a block of text. Double-click this text to edit it.
Phone : +1 617-821-3639
IP Fabric s.r.o.
Kateřinská 466/40
Praha 2 - Nové Město, 120 00
Czech Republic
This is a block of text. Double-click this text to edit it.
Phone : +420 720 022 997
IP Fabric UK Limited
Gateley Legal, 1 Paternoster Square, London,
England EC4M 7DX
This is a block of text. Double-click this text to edit it.
Phone : +420 720 022 997
IP Fabric, Inc. © 2024 All Rights Reserved