mailing list archives
Re: nmap VS DHCP
From: H D Moore <hdm () secureaustin com>
Date: Thu, 25 May 2000 07:15:45 -0500
Ajay Gupta2 wrote:
[ snip ]
Therefore, these nmap scan results are less valuable for fingerprinting as the data is not tied directly to the
machines. Is it possible to having nmap identify MAC addresses which is less likely to change (I believe this was
discussed some time ago on this list). In the least, is it possible for nmap to inform whether or not the network is
If ports 67/68 UDP were open, you know you found a DHCP client/server.
MAC addresses can only be seen on the LOCAL network, but you can use
NetBIOS name queries to grab each machines MAC/NAME and store and
correleate these yourself (i.e. nmblookup -A ipaddress).