Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How do I do an arp scan with nmap?

From: "Kurt Buff, GSEC/GCIH/PCIP" <kurt.buff () gmail com>
Date: Sat, 6 Mar 2021 11:25:02 -0700
This seems better done by querying the switch and/or router for its MAC/ARP
tables.

Assuming they are capable of such, and you have access to them.

Kurt

On Sat, Mar 6, 2021 at 1:02 AM ToddAndMargo via dev <dev () nmap org> wrote:


Hi All,

I caught a rogue network (192.168.213) with windows arp:

C:\>arp -a

Interface: 192.168.210.100 --- 0x5
   Internet Address      Physical Address      Type
   192.168.210.1         00-90-7f-05-0f-5c     dynamic
   224.0.0.22            01-00-5e-00-00-16     static
   224.0.0.251           01-00-5e-00-00-fb     static
   239.255.255.250       01-00-5e-7f-ff-fa     static
   255.255.255.255       ff-ff-ff-ff-ff-ff     static

Interface: 192.168.213.56 --- 0x11
   Internet Address      Physical Address      Type
   192.168.213.1         02-90-7f-05-0f-60     dynamic
   192.168.213.255       ff-ff-ff-ff-ff-ff     static
   224.0.0.22            01-00-5e-00-00-16     static
   224.0.0.251           01-00-5e-00-00-fb     static
   239.255.255.250       01-00-5e-7f-ff-fa     static
   255.255.255.255       ff-ff-ff-ff-ff-ff     static

What is the syntax to get nmap to find all host on
a physical network even if their software networks
are different?

Many thanks,
-T


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: