Any system that has a personal firewall will just pretend not to be there unless it has been configured to open a specific port. In addition, a security conscious network administrators could block certain protocols that might be used by hackers to probe the network. Then you have the whole business of NAT (network address translation) where significant numbers of computers can hide behind a single IP address.

You can make DNS requests to attempt to resolve fixed IP addresses that have been assigned hostnames. Working with dynamic IP addresses is going to be more difficult since these will be allocated on an as needed basis by a DHCP server.

The problem with 'Testing for live IP addresses' is that it is typical hacker/virus behaviour and is guarded against by Network security tools.