Ping sweep is the process of pinging an entire range of network IP addresses or individual IPs to find out whether they're alive and responding. An attacker's first step in any large-scale scanning is to enumerate all of the hosts that are responding. Penetration testers can leverage fping or nmap or even write custom Bash scripts to do the activity:
fping -g IPrange
nmap -sP IPrange
for i in {1..254}; do ping -c 1 10.10.0.$i | grep 'from'; done
Sometimes, attackers can get a roadblock during the ping sweep due to the firewall that blocks all of the ICMP traffic. In case of an ICMP block, we can utilize the following command to identify alive hosts by specifying a specific list of port numbers during the ping sweep:
nmap -sP -PT 80 IPrange
The following screenshot shows all of the live hosts that were discovered using the fping tool: