Nmap Development mailing list archives
RE: NMAP and MAC Addresses
From: "Rob Nicholls" <robert () everythingeverything co uk>
Date: Wed, 13 Feb 2008 01:44:26 -0000
Wasn't the original question posed to the list: "Is there a way to retrieve MAC addresses from any subnet using NMAP?" Dario answered that with a detailed answer that he probably hoped would explain to Colin why the answer is basically a "no" (because IP networks don't work that way). Colin said he is trying to get the MAC address of *every* device (including "Microsoft to Linux to Other"). So how exactly does "Locate a product called "CC Get MAC Address"" answer the question that was posed to this list? If Colin had looked into it in a bit more detail, the CC Get MAC Address tool clearly states "CCGMA is based on Microsoft Netbios technology" so... a) you can do exactly the same thing (for free; CCGMA is shareware and costs money) using Nmap with the nbstat.nse script (or through Windows' built in nbtstat tool, which is also free) b) you still won't get a MAC address for Linux or Other devices (or Windows devices that are filtering NetBIOS traffic). There is no good answer. You might be able to get some information through NetBIOS, some through SNMP (if it's enabled and you have the right community string), or some other kind of voodoo mechanism, but AFAIK there is no definitive way to get the information that Colin appears to be seeking. Regards, Rob -----Original Message----- From: Sydie, Colin [mailto:Colin.Sydie () landesk com] Sent: 13 February 2008 01:19 To: Dario Ciccarone (dciccaro); nmap-dev () insecure org Subject: RE: NMAP and MAC Addresses Don't take it personal! You stated, "So - neither nmap nor any other tool will be able to give you the MAC address of a device outside your L2 broadcast domain." That's a bold statement to make considering it can be done. Here is the tool: http://www.youngzsoft.net/cc-get-mac-address/cmacsetup.exe If you don't know the answer, don't give BS responses. -----Original Message----- From: Dario Ciccarone (dciccaro) [mailto:dciccaro () cisco com] Sent: Tuesday, February 12, 2008 4:46 PM To: Sydie, Colin; nmap-dev () insecure org Subject: RE: NMAP and MAC Addresses Here. Let me share with you how this works - not on this list but on any list. Someone shows up. Asks a question. People with an understanding of the issue replies trying to help the person. It isn't actually my responsability to locate the tool. Feel free to send us all a link, and I will find the time to (a) read the docs, (b) install it, and (c) get a packet capture while the tool is running to understand how it can magically bend the rules of the protocol. Having said that, let me share with you a link - http://catb.org/~esr/faqs/smart-questions.html Pay special attention to http://catb.org/~esr/faqs/smart-questions.html#keepcool Thanks, Dario
-----Original Message----- From: Sydie, Colin [mailto:Colin.Sydie () landesk com] Sent: Tuesday, February 12, 2008 7:40 PM To: Dario Ciccarone (dciccaro); nmap-dev () insecure org Subject: RE: NMAP and MAC Addresses The answer shows lack of knowledge of products that are available. Locate a product called "CC Get MAC Address" and discover the utility does provide MAC address feedback from devices on alternate subnets. The issue with this product is that I cannot run it as a stand alone service and provide the STD OUT result. Not a good answer. -----Original Message----- From: Dario Ciccarone (dciccaro) [mailto:dciccaro () cisco com] Sent: Tuesday, February 12, 2008 4:33 PM To: Sydie, Colin; nmap-dev () insecure org Subject: RE: NMAP and MAC Addresses The question shows lack of understanding of how an IP network works. Local network = ARP, encap L3 on L2, transmit. Non-local = ARP for default gateway, encap on L2 frame to local gateway, drop into the wire. Comer and Stevens, or just Stevens. If on a budget, http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/gg24 3376.html So - neither nmap nor any other tool will be able to give you the MAC address of a device outside your L2 broadcast domain. Well, actually you can try a "nbtstat -A <ip_address>" for Windows machines. Dario-----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Sydie, Colin Sent: Tuesday, February 12, 2008 7:11 PM To: nmap-dev () insecure org Subject: NMAP and MAC Addresses Hello, I need a little help with NMAP. I'm trying to run it on anetwork inwhich I wish to return MAC addresses from every system.These systemscan be anything from Microsoft to Linux to Other. I wantto retrieveeverything with a MAC address based on an IP address query. I can get it to work on the same subnet however; I can't seem to retrieve MAC addresses from systems on a different subnet.Is there away to retrieve MAC addresses from any subnet using NMAP? Thanks, Colin Sydie
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NMAP and MAC Addresses Sydie, Colin (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- Re: NMAP and MAC Addresses Brandon Enright (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- Re: NMAP and MAC Addresses doug (Feb 12)
- RE: NMAP and MAC Addresses Sydie, Colin (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- RE: NMAP and MAC Addresses Sydie, Colin (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)
- Re: NMAP and MAC Addresses Jay Chandler (Feb 12)
- RE: NMAP and MAC Addresses Rob Nicholls (Feb 12)
- Re: NMAP and MAC Addresses Brandon Enright (Feb 12)
- RE: NMAP and MAC Addresses Dario Ciccarone (dciccaro) (Feb 12)