Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: hi, i got a question.

From: Brandon Enright <bmenrigh () ucsd edu>
Date: Fri, 10 Nov 2006 21:35:26 +0000
On Fri, 2006-11-10 at 15:12 -0600, oscar miranda wrote:

hi, my problem and a crossroads, i'm a JAVA programmer and i've used nmap to
audit a network, but i'd like to ask if it's possible to retrive or get the
MAC Address for such IPs from the network, i don't know if nmap do it or if
there is an option to do it, by the way, i read a text from the "Nmap
Reference Guide (Man Page)" where it says that nmap can do this, but i've
looked it for in the whole "Reference guide" and i don't find any option
about it, also i've found out some packages in JAVA (Jpcap both keita fujii
and sourceForge) that retrives the MAC Address (Hardware address) but these
only works when i run it under the same network, my idea is to run it from
network's outside and get it, i would be thankful and i'd apreciate if you
consider my question and forward an answer or a post, thanks.



Unfortunately it is not possible to determine the MAC address of a host
that is not on the local Ethernet segment.  This isn't an Nmap
limitation, it's a fundamental limitation of data-link protocols like
Ethernet.  If you want to determine the MAC of an end-station you'll
need to use a higher layer protocol like NetBIOS or SNMP to expose that
information.

Take a look at 'nbtscan' for using NetBIOS and 'snmpwalk' for talking to
your routers.

One of the Nmap SoC projects added some basic network mapping and
trace-routing features to Nmap.  If the last hop information were fed
into something like an NSE script or some SNMP library binding it may be
reasonable to use either NetBIOS or SNMP to try to query for the MAC.  A
project like this would probably be well suited for another SoC project
assuming Google and Fyodor both decide to do SoC again.

Brandon


-- 
Brandon Enright
Network Security Analyst
UCSD ACS/Network Operations
bmenrigh () ucsd edu


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: