nmap
"I create each hour anew only by completely forgetting the past. I am never content simply to have been happy."
-Andre Gide, The Immoralist

OS fingerprinting (must be root)
[root@localhost resinblade]# nmap -O 192.168.1.1

Starting Nmap 4.53 ( http://insecure.org ) at 2008-05-25 14:27 EDT
Interesting ports on resinbladeap1 (192.168.1.1):
Not shown: 1711 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
53/tcp open  domain
80/tcp open  http
MAC Address: 00:0F:66:01:5C:13 (Cisco-Linksys)
Device type: general purpose
Running: Linux 2.4.X
OS details: Linux 2.4.18 - 2.4.32 (likely embedded)
Uptime: 0.049 days (since Sun May 25 13:17:18 2008)
Network Distance: 1 hop

OS detection performed. Please report any incorrect results at http://insecure.org/nmap/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 4.225 seconds

Ping sweep an IP range
[resinblade@localhost ~]$ nmap -sP 192.168.1.0-255

Starting Nmap 4.53 ( http://insecure.org ) at 2008-05-25 14:58 EDT
Host resinbladeap1 (192.168.1.1) appears to be up.
Host 192.168.1.5 appears to be up.
Host 192.168.1.7 appears to be up.
Host 192.168.1.10 appears to be up.
Host 192.168.1.71 appears to be up.
Nmap done: 256 IP addresses (5 hosts up) scanned in 2.222 seconds

check these:
-sS - scan by SYN packet
-sT - scan by TCP
-sU - scan by UDP
-sX - use all flags in a TCP packet (xmas tree scan)
-sN - use no flags in a TCP packet (null scan)