Fast IP Range Scanner in Bash
Just a simple script to scan an IP range and do a reverse DNS lookup. This can be useful for building an inventory of systems on your LAN. Just make sure to give your network security a heads-up before you begin.
The syntax:
./ipscan.sh a1-a2.b1-b2.c1-c2.d1-d2
Example:
./ipscan.sh 192-192.168-168.1-254.1-254
This will scan 192.168.1.1 – 192.168.254.254 and attempt tp do a reverse DNS lookup. The output will be stored in /tmp/ipscan* in CSV format.
A couple of options to consider:
max_threads
The script works by firing up a multitude of “ping” threads in the background. If you run too many of them, your system may crash. The max_threads value determines how many “pings” will be started, before the script checks on the number of active “ping” threads. I recommend keeping this value below 1000, but feel free to experiment.
delay
Once the script hit the $max_threads limit, the “delay” variable determines how many second the script will wait before firing up the next batch of “pings”. I found two seconds to be a good setting for this.
I did not spend too much time on this script and I am sure you can optimize it further. If you do, perhaps you could share your version with the public.
The script:
#!/bin/bash
if [ -z $1 ]
then
echo "Specify IP range. Example: ipscan 160-165.10-20.1-254.1-254"
exit 1
else
a1=$(echo $1 | awk -F'.' '{print $1}' | awk -F'-' '{print $1}')
a2=$(echo $1 | awk -F'.' '{print $1}' | awk -F'-' '{print $2}')
b1=$(echo $1 | awk -F'.' '{print $2}' | awk -F'-' '{print $1}')
b2=$(echo $1 | awk -F'.' '{print $2}' | awk -F'-' '{print $2}')
c1=$(echo $1 | awk -F'.' '{print $3}' | awk -F'-' '{print $1}')
c2=$(echo $1 | awk -F'.' '{print $3}' | awk -F'-' '{print $2}')
d1=$(echo $1 | awk -F'.' '{print $4}' | awk -F'-' '{print $1}')
d2=$(echo $1 | awk -F'.' '{print $4}' | awk -F'-' '{print $2}')
range="${a1}-${a2}.${b1}-${b2}.${c1}-${c2}.${d1}-${d2}"
fi
configure() {
max_threads=1000
delay=2
timestamp=$(date +'%Y-%m-%d_%H%M%S')
outdir="/tmp"
outfile="${outdir}/ipscan_${range}_${timestamp}.csv"
if [ -f "${outfile}" ]
then
/bin/rm -f "${outfile}"
fi
}
ip_set() {
ip_address="${a}.${b}.${c}.${d}"
}
ip_ping() {
timeout ${delay} ping -q -c 1 -i 1 -W 1 -w 4 $1 > /dev/null 2>&1 ; echo $?
}
dns_lookup() {
ip_set
if [ `ip_ping ${ip_address}` -eq 0 ]
then
host=""
dig +short -x ${ip_address} | sed 's/.$//g' | while read host
do
if [ -z "${host}" ]
then
host="unknown"
fi
echo "${ip_address},${host}"
done
fi
}
ip_scan() {
i=1
for a in `seq $a1 $a2`
do
for b in `seq $b1 $b2`
do
for c in `seq $c1 $c2`
do
for d in `seq $d1 $d2`
do
echo "Checking ${a}.${b}.${c}.${d}"
dns_lookup >> "${outfile}" & disown
(( i = i + 1 ))
if [ $i -gt ${max_threads} ]
then
i=1
while [ `ps -ef | grep -c [p]ing` -gt ${max_threads} ]
do
echo "Sleeping ${delay}"
sleep ${delay}
done
fi
done
done
done
done
}
# RUNTIME
configure
ip_scan
![wyryr1sn52gntzn65v4fpz5lc6v[1]](https://i2.wp.com/www.krazyworks.com/wp-content/uploads/2021/08/wyryr1sn52gntzn65v4fpz5lc6v1-80x80.jpg "Plundering Facebook Photo Albums")
![clfud46mxf2t5zph2l04zlpgl1d[1]](https://i2.wp.com/www.krazyworks.com/wp-content/uploads/2021/08/clfud46mxf2t5zph2l04zlpgl1d1-80x80.jpg "Scraping a Web Page in Bash")
![DSCF5361[1]](https://i1.wp.com/www.krazyworks.com/wp-content/uploads/2020/10/DSCF53611-80x80.jpg "Processing Videos with ffmpeg and Lightroom")
![Cat-Devouring-A-Bird-Pablo-Picasso[1]](https://i0.wp.com/www.krazyworks.com/wp-content/uploads/2020/10/Cat-Devouring-A-Bird-Pablo-Picasso1-80x80.jpg "Searching Twitter")
![91ebozy1e3b138waujy28agrngy[1]](https://i2.wp.com/www.krazyworks.com/wp-content/uploads/2021/08/91ebozy1e3b138waujy28agrngy1-80x80.jpg "Generating Random Text Files for Testing")
![iwoau71okwxqh4jv3k4ook32qps[1]](https://i2.wp.com/www.krazyworks.com/wp-content/uploads/2021/08/iwoau71okwxqh4jv3k4ook32qps1-80x80.jpg "Finding Cron Jobs")
![5gtysva4wkc8mzc1k3e66vaycxx[1]](https://i1.wp.com/www.krazyworks.com/wp-content/uploads/2021/08/5gtysva4wkc8mzc1k3e66vaycxx1-80x80.jpg "Understanding Memory Utilization in Linux")
![sy2zeb1vp2h8itlxfbbylw0jrm0[1]](https://i0.wp.com/www.krazyworks.com/wp-content/uploads/2019/12/sy2zeb1vp2h8itlxfbbylw0jrm01-80x80.jpg "Validating HTTPS Cache Peers for Squid")
![Photo-2019-10-07-14-39-03_0266[1]](https://i1.wp.com/www.krazyworks.com/wp-content/uploads/2019/11/Photo-2019-10-07-14-39-03_02661-80x80.jpg "Verifying SNMP Connectivity on Multiple Hosts")
To clarify this a little bit better:
If I have two IP addresses, is there some standard rule or algorithm I can use to determine whether these two IP addresses are relatively close geographically. If so, how precise is this?
What is an email reverse lookup and what is it used for?
Does it strictly provide who owns that email address. Surely privacy isnt invaded.
What is work of boath?
Ok, I’ve had an email server up for about a year, and occasionally we have emails we send detected as spam. I did have the reverse dns pointer records setup from our ISP, but I am questioning if I am using the correct settings. I am suspicious that these servers which are flagging our email as spam could possibly be set to perform reverse dns lookups, and seeing that the domain tied to our IP doesn’t match.
We have a domain, lets just call it mydomain.com
We have a static public IP address, and behind that address are several servers to handle our website, VPN, email, etc…
The A record for that domain points to our public IP address.
We have to MX records, the lowest number (highest priority) points to a hosted email filtering service which does offisite filtering and then delivers to our mail server. the 2nd MX record points to mail.mydomain.com.
There is also an A record for mail.mydomain.com which points to our public IP address.
the email addresses are in the format user@mydomain.com
I have the reverse DNS pointer setup to point to mail.mydomain.com
Should this have been setup to point to mydomain.com instead?
We are not open relay.
That was one of the first things I did when I setup exchange.