# Tools
## Network scan
The `nmap` utility is useful to ping servers. For Ubuntu, this is available on the package repositories via `sudo apt install nmap`. For Windows, the binaries can be downloaded from the official `nmap` [download page](https://nmap.org/download.html) - note that this also requires an additional installation of `ncap` and MVC 2013 redist (installers provided in the ZIP package).
``` sudo nmap -sn -T4 192.168.1.0/24 ```
Note that `nmap` will suggest possible services using each open port, so don't be surprised when you see names for unknown services. See the following [Reddit comment](https://www.reddit.com/r/AskNetsec/comments/875tqk/why_does_my_lg_webos_tv_have_a_portsecurity/dwb5xed?utm_source=share&utm_medium=web2x&context=3):
The first thing you need to understand is that ANY program can run on ANY port. Your basic nmap scan is only checking the port, and is giving you a list of common programs associated with that port. It does NOT mean those are what's actually running on that port.
... At a minimum, if you can safely interact with a host, you should include the -sV switch so that it tries to figure out what is actually running on the port, and not just return a port number. If it returns with a question mark after the service, that means it was unable to determine the service, and is just guessing based on port number.
While `arp-scan` is often suggested as a possible alternative, this is conditioned on the computer having pinged and stored the record on the address table. Pinging is the better option.