Ping Sweep for SSH Hosts



Tweet

Looking for that Raspberry Pi on your local network, but can't remember the IP Address?  Here's an answer.

To perform a "ping sweep" specifically looking for port 22 (SSH) on a network using Nmap, the goal is to identify hosts that are alive and have port 22 open. This is more than just a traditional ICMP ping sweep; it involves a port scan focused on port 22.

The following Nmap command can be used:

Code

nmap -p 22 --open -sS <target_range>nmap -p 22 --open -sS 192.168.1.0/24nmap -p 22 --open -sS 172.16.0.0/12Note: You may need to use sudosudo nmap -p 22 --open -sS 192.168.1.0/24

Explanation of the command:

• nmap: Invokes the Nmap network scanner.
• -p 22: Specifies that only port 22 (SSH) should be scanned.
• --open: Filters the output to only show hosts where port 22 is found to be open.
• -sS: Performs a TCP SYN (Stealth) scan. This is a common and efficient port scanning technique that can often bypass basic firewalls and is less "noisy" than a full TCP connect scan.
• <target_range>: Represents the target IP address or network range to be scanned. Examples include:
  • 192.168.1.1 (single IP address)
  • 192.168.1.0/24 (a /24 subnet, scanning all 254 possible hosts)
  • 192.168.1.1-254 (a range of IP addresses)

This command will scan the specified target(s) and report any hosts that are responsive and have port 22 open, indicating a potential SSH server.