Nmap Development mailing list archives
Re: MAC address
From: Curtis Doty <Curtis () GreenKey net>
Date: Thu, 26 Feb 2004 12:41:26 -0800 (PST)
10:28am Fyodor said:
I would like to print the MAC address for a host based on the packets received. As Testic mentions this will only work on a LAN. And of course only on Ethernet and similar systems (like 802.11B). It is still valuable enough that I hope to add it this year. If someone wants it desperately enough, you can consider sending a patch earlier :). I might also do a number-of-hops test of some sort both as useful information in itself and to determine whether the next hop is the actual target and thus corresponds to the received MAC.
To audit LANs, I'm in the habit of firing up Craig Leres' arpwatch and using nmap to generate the sweep of ARPs. But directly integrating this into nmap would be really handy for ad-hoc MAC collecting. FYI, recent arpwatch activity after much dormancy: ftp://ftp.ee.lbl.gov/arpwatch-2.1a13.tar.gz v2.1 Thu Jan 22 14:05:27 PST 2004 v2.0.2 Sat Jun 7 03:15:03 PDT 1997 If course, there is always this rather lowbrow way on linux: nmap -sP LAN/MASK ; arp -n |grep -v incomplete I should point out that collecting MACs across VLANs is a separate puzzle to solve and would involve targeting weaknesses in your upstream switch fabric. ../C --------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List archive: http://seclists.org
Current thread:
- MAC address testic (Feb 26)
- Re: MAC address MadHat (Feb 26)
- Re: MAC address Fyodor (Feb 26)
- Re: MAC address Curtis Doty (Feb 26)
- <Possible follow-ups>
- RE: MAC address Seymour, Keith E. (Feb 26)
- Re: MAC address MadHat (Feb 26)