Angry IP Scan. Multi platform IP scanner in Java, and binaries in deb and rpm package for Linux. Windows version also available.

Basic theory on scanning is also presented there. Where there exist two scan:

  1. port scanners
  2. IP scanner

How?

  1. whether the host is up (alive, responding) or down (dead, not responding)
  2. average roundtrip time (of IP packets to the destination address and back) – the same value as shown by the ping program
  3. TTL (time to live) field value from the IP packet header, which can be used to find out the rough distance to the destination address (in number of routers the packet has traveled)
  4. host and domain name (by using a DNS reverse lookup)
  5. versions of particular services running on the host (e.g., “Apache 2.0.32 (Linux 2.6.9)” in case of a web server)
  6. open (responding) and filtered TCP and UDP port numbers