Identifying a Computer Name with a Ping Sweep Tool with PowerShell

Posted on April 20, 2015 by Jeff Hicks in PowerShell with 0 Comments

I hope you’ve been following along in this series as we build a PowerShell tool to ping a range of IP addresses in a given subnet. In the last article, we left with a pretty decent tool that displayed the IP address for computers that responded. Although that may be all you need, lets try to get a more rich result since PowerShell is already writing an object to the pipeline. It would probably be helpful to see the computer name.

PowerShell Ping Sweep Tool Article Series

  1. Building a Ping Sweep Tool with PowerShell
  2. PowerShell Ping Sweep Tool: Adding Parameter Validation
  3. Adding Trace Information to a PowerShell Ping Tool
  4. Identifying a Computer Name with a PowerShell Ping Sweep Tool
  5. Building a PowerShell Ping Sweep Tool: Adding a Port Check

If you are running Windows 8 or later, you can easily use the Resolve-DnsName cmdlet with an IP address.

Using PowerShell's Resolve-DnsName cmdlet. (Image Credit: Jeff Hicks)

Using PowerShell’s Resolve-DnsName cmdlet. (Image Credit: Jeff Hicks)

Excellent. I can see that the NameHost property is what I want. Although I’m not a big fan of using raw .NET when there is a perfectly good cmdlet to use, this can serve as an alternative method:

Using .NET to grab the host name in Windows PowerShell. (Image Credit: Jeff Hicks)

Using .NET to grab the host name in Windows PowerShell. (Image Credit: Jeff Hicks)

This approach provides us with a different property name but gives us the same result. It would be nice to be able to write an object to the pipeline with the IP address and its host name. It’s possible that the IP address is not registered with DNS, so I should handle that error. Here’s the relevant change to the function.

Here’s what happens when I run the new version.

Our result after running test-subnet. (Image Credit: Jeff Hicks)

Our result after running test-subnet. (Image Credit: Jeff Hicks)

Another useful entry might the device’s MAC address. I can’t guarantee that the host will be a Windows host or that I will have permissions to access it, so I can’t rely on WMI or CIM cmdlets. However, there is an old-school alternative. When I ping a remote IP address, an entry will be made in the arp table.

Using the ARP command in Windows PowerShell.  (Image Credit: Jeff Hicks)

Using the ARP command in Windows PowerShell. (Image Credit: Jeff Hicks)

I can also get a specific IP address.

Using a specific IP address with the ARP command in Windows PowerShell.  (Image Credit: Jeff Hicks)

Using a specific IP address with the ARP command in Windows PowerShell. (Image Credit: Jeff Hicks)

The physical address is the MAC address. To obtain the MAC address, I will have to parse the ARP output. I’ll need to get just the line with the MAC. There are a few ways I could parse the text output. Here’s one approach:

Parsing the text output. (Image Credit: Jeff Hicks)

Parsing the text output. (Image Credit: Jeff Hicks)

I can split this line into an array of three elements. I am splitting on the white spaces between the columns using a regular expression pattern.

I find it helpful to trim the line first so that there are no extra spaces.

Trimming the first line. (Image Credit: Jeff Hicks)

Trimming the first line. (Image Credit: Jeff Hicks)

The MAC address is the second element.

Sponsored

I can use this code in my function so that if the address can be pinged, I can get the MAC and add it to the output. Here’s the new version of Test-Subnet.

After testing, I realized I needed to take the local IP address into account.

The local address won’t be in the ARP table. If the address I’m pinging is the same as the local address, I’ll need to take other steps to get the MAC.

I also included some error handling in the rare situation where the address can be pinged but not retrieved from the ARP cache. I don’t think this is even possible, but it is only a few lines of code, so I included it to be safe.

Most of my tests have been with a small subnet subset, but I should really test the entire thing end to end. I’m also a little curious about how long this will take.

Testing our function in Windows PowerShell. (Image Credit: Jeff Hicks)

Testing our function in Windows PowerShell. (Image Credit: Jeff Hicks)

Subtracting the begin and finish times shows this took about 6 minutes.

Our function took six minutes to complete. (Image Credit: Jeff Hicks)

Our function took six minutes to complete. (Image Credit: Jeff Hicks)

You might get different results depending on the quality of your network and especially name resolution. In fact all of the extra bits could be totally optional. You could create the function so that the basic output is the IP address and if you want the additional detail, it is specified by parameter.

Sponsored

There are some advanced things we could do to really speed up performance with runspaces or the use of background jobs, but that is definitely advanced material and beyond the scope of this series. However, there is one more feature I think we can add and I’ll cover that next time.

Sponsored

Tagged with , ,