Nmap Announce mailing list archives

Re: Updated scanning techniques

From: Nelson Brito <nelson () sekure org>
Date: Sat, 09 Sep 2000 19:22:22 -0300

Lennert Buytenhek wrote:


On Sat, 9 Sep 2000, Lance Spitzner wrote:

Do a quick '-sP' ping sweep.  Then, do an 'arp -a' on your system.
This will show you the MAC address for all the IP address.  Any system
that you did NOT get in your ping sweep, but you DID see in your MAC
table is most likely firewalling any packets sent to it.  Nothing
exciting, but can be helpful.


On linux, you can accomplish the same with arping(8) that comes with the
iputils package. Basically it pings a host with ARP requests.

greetings,
Lennert

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).


Using arptool.c, by Cristiano Licoln Mattos, do the same thing:
 ARPTool v0.1, (c) Cristiano Lincoln Mattos, 1999. 
<lincoln () hotlink com br> 
 Sintax: arptool [-i interface] [-m] [-c] [-s hwsrc hwdest ipsrc ipdst
op]
         -i interface: use this interface.  If ommited, default to eth0
         -m: network map mode.  Will identify all hosts on the same 
                  cable segment. 
         -s src_hwaddress dst_hwaddress src_ipaddress dst_ipaddress
operation:
            send arbitrary ARP packets.  The hardware address must be 
                specified in the usual form, i.e. 00:00:FD:FF:1E:C1.
                  Operation is 1 for ARP request, 2 for ARP reply. 
         -c interval: continuous mode.  Will keep sending the specified 
              packets every interval seconds (requires -s or -m).

You can find arptool.c at Packet Storm...

PS: Os brazucas detonando! =)

Sem mais,
-- 
Nelson Brito
open(S, shift || $ENV{'HOME'} . "/.signature") || die "open: $!\n";
foreach(<S>){ chop; split(//, $_); print reverse @_; print "\n"; }
close(S);

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to 
nmap-hackers-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).

Current thread:

Updated scanning techniques Lance Spitzner (Sep 12)
- Re: Updated scanning techniques Lennert Buytenhek (Sep 12)
  - Re: Updated scanning techniques Nelson Brito (Sep 12)
- Re: Updated scanning techniques Dug Song (Sep 12)
  - RE: Updated scanning techniques Robert Purdy (Sep 12)
  - Re: Updated scanning techniques Lance Spitzner (Sep 12)
    - Re: Updated scanning techniques Darren Reed (Sep 12)