Home page logo
/

Nmap Announce mailing list archives

Re: Updated scanning techniques
From: Nelson Brito <nelson () sekure org>
Date: Sat, 09 Sep 2000 19:22:22 -0300

Lennert Buytenhek wrote:

On Sat, 9 Sep 2000, Lance Spitzner wrote:

Do a quick '-sP' ping sweep.  Then, do an 'arp -a' on your system.
This will show you the MAC address for all the IP address.  Any system
that you did NOT get in your ping sweep, but you DID see in your MAC
table is most likely firewalling any packets sent to it.  Nothing
exciting, but can be helpful.

On linux, you can accomplish the same with arping(8) that comes with the
iputils package. Basically it pings a host with ARP requests.

greetings,
Lennert

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Using arptool.c, by Cristiano Licoln Mattos, do the same thing:
 ARPTool v0.1, (c) Cristiano Lincoln Mattos, 1999. 
<lincoln () hotlink com br> 
 Sintax: arptool [-i interface] [-m] [-c] [-s hwsrc hwdest ipsrc ipdst
op]
         -i interface: use this interface.  If ommited, default to eth0
         -m: network map mode.  Will identify all hosts on the same 
                  cable segment. 
         -s src_hwaddress dst_hwaddress src_ipaddress dst_ipaddress
operation:
            send arbitrary ARP packets.  The hardware address must be 
                specified in the usual form, i.e. 00:00:FD:FF:1E:C1.
                  Operation is 1 for ARP request, 2 for ARP reply. 
         -c interval: continuous mode.  Will keep sending the specified 
              packets every interval seconds (requires -s or -m).

You can find arptool.c at Packet Storm...

PS: Os brazucas detonando! =)

Sem mais,
-- 
Nelson Brito
open(S, shift || $ENV{'HOME'} . "/.signature") || die "open: $!\n";
foreach(<S>){ chop; split(//, $_); print reverse @_; print "\n"; }
close(S);

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]