Re: How to find MAC address

[Andreas Ericsson <ae () op5 se>]

Martin O'Neal wrote:
> We're not going to agree on this; the answer *was* misleading.  You
> stated that MAC addresses were lost as soon as they go through a router,
> which is incomplete.  They are lost from IP, they are not lost in
> entirety.  

That's a bit like saying what you flush down the toilet doesn't vanish 
entirely. The question is just how much muck you're prepared to go 
through to get it. In that sense you'd need to apply physical violence 
to the nic in order to lose the MAC address entirely.

What I (and Brandon) *meant* was that the information is not included in 
the ethernet header that reaches the destination host. I shall try to be 
more explicit in the future.


> Nmap may not gather MAC addresses using alternative mechanisms at the
> moment, but there is no reason that it can't.  It already interacts with
> higher protocols, like RPC and NetBIOS name service, from which it
> already gathers the hostname.  The mac address is available via the same
> interface.

If you want to suggest improvements to nmap just spit them out. 
Preferrably accompanied by a patch, I imagine. Given your apparent 
expertise in the field I should think you're well up to the task.

> > FYI, MS NetBIOS is broadcast which also only works on local subnets, 
>
>
> Er, FYI it is neither limited to broadcast, nor limited to local
> subnets.  Another misleading answer.

I stand corrected.

-- 
Andreas Ericsson                   andreas.ericsson () op5 se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev