I had some fun this morning when the headless box that I’m ssh’ing into to do test app runs randomly changed IP address. My goal was to find it on the network from my local box. To my rescue: a cool tool called nmap.
nmap, according to the man page, is a network exploration tool and security/port scanner. Basically, I only ran it in a few forms. But, on the man page, there are many, many options listed.
To use a ping broadcast and find the hosts on the subnet:
1 2 3 4 5 6 7 8 9 10
For some reason, and if someone knows how to enable this please let me know, my remote box wasn’t advertising its hostname, so I wanted to look specifically at the ssh port to see if it was open. To do this, I used a new option and had to run as root:
Note that if you don’t include the -p option, this could take some time. Also, the -sO option is a capital “oh”, not a zero.
So, sweet stuff, eh. Now you can see who else on your network has unsecured ports. :)