nmap VS DHCP

[Ajay Gupta2 <Ajay.Gupta2 () ey com>]

Hello All,

I recently came across successive nmap scans of a network yielding significantly different machines up (in terms of IP 
addresses).  The network has a Class C address and is using DHCP to assign the IPs to its various hosts, several of 
which did not have hostnames.

Nmap identified the IP addresses, hostnames, open ports and OS of machines that were up.  Since the network was using 
DHCP and not all machines had host names, there was little to tie the remaining data (IP address, open ports & OS) to 
the machines on the network, as the IP addresses (by which machines are generally identified) changed between the scans.

Therefore, these nmap scan results are less valuable for fingerprinting as the data is not tied directly to the 
machines.  Is it possible to having nmap identify MAC addresses which is less likely to change (I believe this was 
discussed some time ago on this list).  In the least, is it possible for nmap to inform whether or not the network is 
running DCHP?

Any thoughts?

Thanks,
 - Ajay Gupta
Ernst & Young
eRisk Solutions 
703-288-2270


*******************************************************************************
Note:          The information contained in this message may be privileged and confidential and protected from 
disclosure.  If the reader of this message is not the intended recipient, or an employee or agent responsible for 
delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or 
copying of this communication is strictly prohibited. If you have received this communication in error, please notify 
us immediately by replying to the message and deleting it from your computer.  Thank you.  Ernst & Young LLP
*******************************************************************************