I previously wrote a post on how to detect Wi-Fi traps on your network and mentioned a couple of smartphone apps you can use to scan your home network. The apps do a pretty good job of scanning your network automatically and providing some information about each device.
I didn’t go into details about applications in this post as it was geared towards catching unauthorized users on your network. In this article, I will go into more detail about these two applications that can be used on Apple or Android devices, and I will also mention desktop applications that can be run on Windows and Mac OS X.
These network scan tools let you not only see all the devices on your network and their IP addresses, but also view shared folders, open TCP / UDP ports, hardware MAC addresses, and more. So why do you need this information?
While this is a bit technical, it can help you make your network more secure. For example, you may accidentally discover shared folders on your network. Anyone who connects to your network using a cable or wireless network can easily find shared folders and copy this data to their computer.
By looking at the open ports for a computer or device, you can easily see if Remote Desktop is enabled, an FTP or HTTP server is running, and file sharing is enabled. If you never connect to your computer remotely, then enabling Remote Desktop is a security risk.
Windows Network Scanner
Let’s start with a free tool for Windows PCs called SoftPerfect Network Scanner I like this tool because it is updated frequently, works on Windows 10, and is both 32 and 64 bit. The program also doesn’t require installation, which means you can carry it with you on a USB drive or save it to Dropbox and use it on any computer.
When you run the executable file for your version of Windows (determine whether you have 32-bit or 64-bit Windows), you may see a message stating that Windows Firewall has blocked the program. Make sure the Private Networks checkbox is checked and click Allow Access.
After downloading the program, you will need to enter the starting and ending range of IP addresses for your network. If you don’t know this, don’t worry. Just click on Options, IP Address, and then click on Auto Detect Local IP Range.
You will see a pop-up with discovered IP addresses for IPv4 and IPv6 on any network cards you installed, including virtual ones. For most home users, you will only see one item in the IPv4 and IPv6 list. If you don’t have IPv6 setting, you should click on the network card in the IPv4 list.
You will now be taken to the main interface again, but now the IP range is full. You will see a Start Scan button on the right, which you can click to start scanning.
However, before scanning, you must first set the scan settings. Click Options and then Program Options. On the General tab, the only option you can choose is Always Analyze Device. By default, the scanner only shows devices that are responding to certain requests, so the final list may not show all devices that are actually on your network because some devices simply don’t respond.
The scan takes a little longer (a few minutes versus a few seconds), but it’s worth it if you really want to see all the devices on your network. The Advanced and Workstation tabs are really only useful for corporate environments where you have many computers on the same network and want information about each computer. The Ports tab is where we can go next.
Select the Check for open TCP ports check box, and then click the small paper icon in the far right corner of the text box. This will open another window that lists some of the TCP port groups. You want to click HTTP and Proxy and then press SHIFT and click Database Servers to select all three items.
Back at the main screen, you should see all the port numbers listed in the text box. Go ahead and also check all the boxes for the open UDP ports. At this point, click OK to return to the main program screen. Now click “Start Scan” and you should see the results slowly add to the list.
In my tests, the program was able to find 16 devices on the network when the “Always analyze device” checkbox was checked, compared to 11 items if this checkbox was not checked. Any item with a plus sign to the left of the IP address means it has shared folders. You can click on the + sign to see the shared folders.
The Host Name column should give you a friendly name for the device. On the right, you will see the TCP Ports column, which will list all open ports for this device. Obviously numbers don’t make much sense unless you know what they mean, so check out this Wikipedia page for a detailed description of each port number.
If something has port 80 (HTTP) specified, it usually means that it has some kind of web interface, and you can try connecting to it through a browser by simply entering the IP address. Port 443 is for secure HTTP (HTTPS), which means you can connect to it securely as well.
Mac network scanner
On a Mac, you have several options. LanScan is a free app in the Mac Store that does a very simple scan and displays the IP address, MAC address, hostname and vendor. The free version will only display the first four hostnames in full, while the rest will only display the first three characters. Slightly annoying, but probably not a big deal on most home networks.
You will also notice that it only found 12 items, and this is because it has no options to scan every IP address, whether it responds or not. The best network scanner for Mac is Angry IP Scanner shown below. It is open source and works on Windows, Mac and Linux.
By default, the program also scans open ports, which LanScan does not. The only problem with this program is that you must have Java installed to run the program. Java is a major security risk and is disabled by default on most Macs, so you’ll have to manually enable it.
Smartphone Applications
I have two apps that I use, both are free and one can be downloaded on Apple or Android devices. Both apps are excellent and provide pretty much the same information, but each has its own pros and cons.
Fing is a free app available in the Google Play and iTunes stores with a beautiful interface. You don’t need to worry about entering any range of IP addresses with these apps because they figure it out on their own. Once you start scanning with Fing, you get a nice list of devices with some basic information like hostname, MAC address, IP address, etc.
If you click on a device, you get a different screen where you can give the device your own name (a feature that I really like), enter a location, and even add additional notes. If you scroll down the page, you will see a Services option that lets you see how the device scans for open ports.
The only drawback I noticed about this app is that it doesn’t list every device on the network. It only found about 12 devices on my network out of 16 found by Windows.
The second app I like to use is Net Analyzer, which can be downloaded for free from the App Store. You start a scan by clicking the “Scan” button in the upper right corner and in a few seconds you will receive a list of all your devices.
Using this app, I got 15 devices, which is pretty close to the total number of devices on the network. With Net Analyzer, you will also see several colored letters on devices that have certain services enabled. Green P means it is pingable, brown B means Bonjour services are available (Apple devices), red G means it is a gateway device (router, etc.), and blue U means UPNP services are available and DLNA. P>
You can tap a device to get more information and run queries on the device. Tap the Query with Tools option shown below after clicking on a specific device.
On the next screen, you will see several options including Ping, Route, Ports, Whois, and DNS. Click Ports, select General or All, and then click Start at the top.
During the scan, you will see which ports are open and active, as well as which ports are blocked. The app also has other tools that you can use to scan specific devices on the network for more information.
Hopefully, these tools will allow you to fully see which devices are on your network, as well as which services and ports are open. If you have any questions, do not hesitate to leave comments. Enjoy!
–