Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.


Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.


Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.


Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Featured, Networking

Inventory Network Services with Nmap

Submitted by on January 14, 2019 – 4:32 pm

With the growing number of network-enabled devices in your home, meaningful security becomes elusive. The first step to addressing the situation is knowing what you have. A few examples below use the nmap utility to scan your local network and detect active devices and services.

Install nmap-to-CSV conversion utility

cd ~ && git clone
/bin/cp -p ./nmaptocsv/ /usr/bin/
chmod 755 /usr/bin/

In my experience, the worked only with Python 2.7, so you may need to install this version as an alternative and update the script to use it.

sed 's/env python$/env python2.7/g' -i /usr/bin/

Define scan parameters

# Current date and time
d=$(date +'%Y-%m-%d_%H%M%S')

# Output file

# Network to scan

# Network mask

# Timeout to use with nmap

# Set number of parallel scans to 10 times the number of CPU cores
(( p = `grep -c proc /proc/cpuinfo` * 10 ))

Run the scan

nmap -sn ${netwk}/${netwk_mask} -oG - 2>/dev/null | \
awk '$4=="Status:" && $5=="Up" {print $2}' | sort -uV | \
xargs -n1 -P${p} -I% sh -c \
"nmap --host-timeout ${tout} -p 1-65535 -O -sV -sS -T4 % -oG - 2>/dev/null | \ -d';' -f ip-fqdn-port-protocol-service-version-os | \
tee -a "${f}""

Cleanup the output file

sed '2,${/FQDN/d;}' -i "${f}"
sed '/^\s*$/d' -i "${f}"

Converted to spreadsheet the end result may look something like this

Running this scan on a regular basis and generating a diff report should help you detect new and suspicious devices on your home network.

Print Friendly, PDF & Email

Leave a Reply