How does network scanning work?

Q:

How does network scanning work?
A:

In a general sense, network administrators use network scanning to identify active hosts on a network by evaluating IP addresses and more. The same types of principles can also be used in cyberattacks to find weaknesses in a system.

In a practical sense, there are different tools and techniques for network scanning. Administrators may conduct ping sweeps, where they find a range of IP addresses that map to live hosts in the network. This may require using tools like Nmap to look at how these IP addresses are mapped.

Administrators can also use port scans, which send messages to each port in a network, to look at where that network is strong or weak. Different types of port scans include a regular or "vanilla" port scan where the scanner sends out communications to all of the ports in a system. Where this is not practical, administrators can use more specific types of scans like a strobe scan, stealth scan or other technique.

Have a question? Ask us here.

View all questions from Justin Stoltzfus.

Share this:
Written by Justin Stoltzfus
Profile Picture of Justin Stoltzfus

Justin Stoltzfus is a freelance writer for various Web and print publications. His work has appeared in online magazines including Preservation Online, a project of the National Historic Trust, and many other venues.

 

Related Terms