This project is a comprehensive network scanning and monitoring tool written in Python. It provides real-time visibility into network devices, their status, and network performance metrics. The scanner uses multiple discovery methods to detect devices on a local network and continuously monitors their connectivity status.
- Multi-Method Device Discovery: Uses ARP scanning, nmap integration, and ping sweeps for comprehensive device detection
- Real-Time Monitoring: Continuously monitors device status with configurable scan intervals
- Device Information Gathering: Collects MAC addresses, hostnames, vendor information, and response times
- Port Scanning: Scans common ports on discovered devices to identify running services
- Network Performance Testing: Optional speed test integration using speedtest-cli
- Alerting System: Notifications when devices come online, go offline, or are newly discovered
- MAC Address Vendor Lookup: Built-in OUI database with API fallback for vendor identification
- Response Time Tracking: Monitors and displays average response times for each device
- Historical Data: Tracks first seen, last seen timestamps for all devices
- Graceful Fallbacks: Works even when optional dependencies are missing
- Cross-Platform Support: Compatible with Linux, macOS, and Windows
Represents individual network devices with properties:
- IP address and MAC address
- Vendor information and hostname
- Online status and response time history
- Open ports and timestamp tracking
Main scanner class handling:
- Network discovery using multiple methods
- Device information management
- Monitoring and alerting functionality
- Performance tracking and statistics
-
ARP Scanning
- Primary method using scapy library
- Fallback to system ARP table parsing
- Fast and reliable for local network devices
-
Nmap Integration
- Uses nmap for comprehensive network scanning
- Provides additional device information
- Optional dependency with graceful fallback
-
Ping Sweep
- Concurrent ping scanning across network range
- Detects devices that don't respond to ARP/nmap
- Uses ThreadPoolExecutor for performance
- Python 3.6+
- Standard library modules:
socket,subprocess,threading,ipaddress
scapy- Advanced packet manipulation and ARP scanningdnspython- DNS reverse lookups for hostnamestabulate- Formatted table outputspeedtest-cli- Network speed testingnmap- System tool for advanced network scanning
- Clone or download the project files
git clone <repository-url>
cd scanner- Install Python dependencies
pip install scapy dnspython tabulate speedtest-cli- Install system dependencies (optional)
# Ubuntu/Debian
sudo apt install nmap
# macOS
brew install nmap
# Windows
# Download from https://nmap.org/download.html- Set up execution permissions (Linux/macOS)
chmod +x scanner.py
chmod +x run_scanner_sudo.shpython3 scanner.py# Enable speed testing
python3 scanner.py --speed-test
# Custom scan interval (seconds)
python3 scanner.py --interval 60
# Combined options
python3 scanner.py --speed-test --interval 45
# Show help
python3 scanner.py --helpFor enhanced functionality requiring root privileges:
./run_scanner_sudo.shThe scanner displays a real-time table with the following information:
| Column | Description |
|---|---|
| IP Address | Device IP address |
| MAC Address | Hardware address |
| Vendor | Device manufacturer |
| Hostname | Device hostname (if available) |
| Status | Online/Offline with visual indicators |
| Avg Response | Average ping response time |
| Open Ports | List of detected open ports |
| Last Seen | Timestamp of last successful contact |
π‘ NETWORK SCANNER - LIVE MONITORING
================================================================================
Network: 192.168.1.0/24
Scan #5 | Total Devices: 12 | Online: 8 | Avg Scan Time: 15.3s
Last Scan: 2025-09-06 14:30:15
βββββββββββββββββ¬ββββββββββββββββββββ¬ββββββββββββββββββ¬βββββββββββββββ¬βββββββββββ¬βββββββββββββββ¬ββββββββββββββ¬ββββββββββββ
β IP Address β MAC Address β Vendor β Hostname β Status β Avg Response β Open Ports β Last Seen β
βββββββββββββββββΌββββββββββββββββββββΌββββββββββββββββββΌβββββββββββββββΌβββββββββββΌβββββββββββββββΌββββββββββββββΌββββββββββββ€
β 192.168.1.1 β AA:BB:CC:DD:EE:FF β Cisco β router.local β π’ Online β 2.3ms β 22, 80, 443 β 14:30:15 β
β 192.168.1.100 β 11:22:33:44:55:66 β Apple β iPhone β π’ Online β 15.7ms β None β 14:30:12 β
βββββββββββββββββ΄ββββββββββββββββββββ΄ββββββββββββββββββ΄βββββββββββββββ΄βββββββββββ΄βββββββββββββββ΄ββββββββββββββ΄ββββββββββββ
scanner/
βββ scanner.py # Main scanner application
βββ run_scanner_sudo.sh # Wrapper script for elevated privileges
βββ README.md # This documentation
βββ requirements.txt # Python dependencies (if created)
- Auto-detect local network range using system routing information
- Parallel ARP scanning using scapy or system commands
- Concurrent ping sweep with ThreadPoolExecutor (50 workers)
- nmap integration for comprehensive device enumeration
- MAC address resolution for devices found via ping only
- Concurrent execution for ping sweeps and port scans
- Background port scanning to avoid blocking main discovery
- Response time tracking with rolling averages
- Efficient data structures using sets and dictionaries
- Smart caching of vendor information and hostnames
- Graceful degradation when optional dependencies are missing
- Timeout management for all network operations
- Exception handling with informative error messages
- Fallback methods for each discovery technique
- Local network only: Scanner operates within local subnet
- Non-intrusive scanning: Uses standard network protocols
- Root privileges: Some features may require elevated permissions
- Rate limiting: Built-in delays to avoid network flooding
-
Permission denied errors
- Solution: Use the provided wrapper script or run with sudo
- Example:
sudo python3 scanner.py
-
No devices found
- Check network connectivity
- Verify network range auto-detection
- Try running with elevated privileges
-
Slow performance
- Reduce scan interval
- Check network congestion
- Disable unnecessary features
-
Missing dependencies
- Scanner provides fallback functionality
- Install optional dependencies for full features
- Check error messages for specific missing packages
- Web interface for remote monitoring
- Database integration for historical data storage
- Email/SMS alerts for critical events
- Custom port lists and scanning profiles
- Network topology visualization
- SNMP integration for managed devices
- Configuration file support
- Language: Python 3.6+
- Architecture: Object-oriented with threading
- Performance: Scans 254 IPs in ~15-30 seconds
- Memory usage: Minimal (<50MB typical)
- Network protocols: ICMP, ARP, TCP
- Supported platforms: Linux, macOS, Windows
This project is created for educational and network administration purposes. Please ensure compliance with local network policies and regulations when using this tool.
When submitting improvements or bug fixes:
- Follow existing code style and conventions
- Add appropriate error handling
- Update documentation for new features
- Test across different network environments
- Consider performance implications
- Project Type: Network Security and Monitoring Tool
- Development Language: Python
- Key Technologies: Socket programming, threading, network protocols
- Application Domain: Network administration and security monitoring
This documentation provides a comprehensive overview of the Real-Time Network Scanner project, suitable for academic or professional project submissions.