Nmap Development mailing list archives
RE: NMAP and MAC Addresses
From: "Dario Ciccarone (dciccaro)" <dciccaro () cisco com>
Date: Tue, 12 Feb 2008 19:42:26 -0500
I won't comment on nbtstat.se as I'm still using the same options on nmap that I've been using since about v2.x - never ask me what I think about the new features ;) About the second comment - hm. I do work for Cisco, yeah, but I don't do network management. With that caveat: I have no clue if we have any MIB that can be queried in order to get something akin to the output of a "show mac add dyn". Not to mention: for that to work, you would need for the remote device to (a) be configured for SNMP, (b) to allow queries from your IP address, (b) for you to know, depending of access required to said counters, either the read or write community string. Other than that - I agree :) Dario
-----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Brandon Enright Sent: Tuesday, February 12, 2008 7:38 PM To: Dario Ciccarone (dciccaro) Cc: nmap-dev () insecure org; bmenrigh () ucsd edu; Sydie,Colin Subject: Re: NMAP and MAC Addresses -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Your right, of course. I'll point out though that Nmap does have nbstat.nse for trying to divine MAC addresses from Windows boxes. And then outside of Nmap, there is always SNMP to query the router for a given VLAN. Brandon On Tue, 12 Feb 2008 19:33:07 -0500 "Dario Ciccarone (dciccaro)" <dciccaro () cisco com> wrote:The question shows lack of understanding of how an IP network works. Local network = ARP, encap L3 on L2, transmit. Non-local = ARP for default gateway, encap on L2 frame to local gateway, drop into the wire. Comer and Stevens, or just Stevens. If on a budget,http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/gg24 3376.htmlSo - neither nmap nor any other tool will be able to giveyou the MACaddress of a device outside your L2 broadcast domain. Well, actually you can try a "nbtstat -A <ip_address>" for Windows machines. Dario-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) iD8DBQFHsjvzqaGPzAsl94IRAv05AJ9GNmPF/I38P45EmttpnnS7k5H/FwCgkR3N HVsbZMnVM1dNZAwTnXD5+t8= =eX02 -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NMAP and MAC Addresses Sydie, Colin (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- Re: NMAP and MAC Addresses Brandon Enright (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- Re: NMAP and MAC Addresses doug (Feb 12)
- RE: NMAP and MAC Addresses Sydie, Colin (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- RE: NMAP and MAC Addresses Sydie, Colin (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- Re: NMAP and MAC Addresses Jay Chandler (Feb 12)
- RE: NMAP and MAC Addresses Rob Nicholls (Feb 12)
- Re: NMAP and MAC Addresses Brandon Enright (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)