Re: Helping NMap Get Better OS Detection

[Jake Kallman <jkallman () unr nevada edu>]

This is actually something that I am looking to integrate into a package
that I am developing that I posted a few months back.  I'm hoping to write
a MAC address scanning ability into the network monitoring program that I
am currently writing.  Unfortunately it is being pushed back, as the
semester nears an end and the pressure to get a first release of the
package for my undergrad class out is mounting.  However, over the summer
I'm hoping to get a few things done, MAC address collection for machines
on a LAN being one of them.  If i can get something out over the summer I
will keep you updated.

Jake

On Thu, 8 Apr 2004, MadHat wrote:

> On Apr 8, 2004, at 9:39 PM, Alan S. Jones wrote:
> > At 09:33 PM 4/8/2004 -0500, MadHat wrote:
> > > On Apr 8, 2004, at 8:24 PM, Alan S. Jones wrote:
> > > You can only report the MAC if it is on the local network.  If it has
> > > to get past switches into another subnet, the MAC is not included.
> > > The
> > > only way I know around this is to use some protocols that report the
> > > MAC, the main one being NetBIOS and the nbtstat packets on udp/137,
> > > but
> > > without that there is little you can do to get the MAC from a
> > > distance.
> >
> > This is actually what I was thinking, when available i.e. on a Local
> > LAN
> > same subnet, etc NMap should report the MAC address.  If it can't
> > figure it
> > out don't worry, but the default should report it if it can be
> > obtained.
> >
> > This would be helpful for local LAN diagnostics and getting all the
> > info in
> > one place.
>
> Ah.  This was discussed back on Feb 26th of this year and Fyodor did
> say:
>
> "I would like to print the MAC address for a host based on the packets
> received.  As Testic mentions this will only work on a LAN.  And of
> course only on Ethernet and similar systems (like 802.11B).  It is
> still valuable enough that I hope to add it this year.  If someone
> wants it desperately enough, you can consider sending a patch earlier
> :).  I might also do a number-of-hops test of some sort both as useful
> information in itself and to determine whether the next hop is the
> actual target and thus corresponds to the received MAC."
>
> So, yes it would be nice, and will probably be added, but Fyodor is
> working on his books lately, so I doubt it will be added soon, unless
> someone else steps up.
>
>
> ---------------------------------------------------------------------
> For help using this (nmap-dev) mailing list, send a blank email to
> nmap-dev-help () insecure org . List archive: http://seclists.org

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org