Welcome to the Linux Foundation Forum!

scan network for mac addresses with nmap

How can I scan my lan for mac addresses for all the pc's in it? Tried finding a switch for Nmap but no luck so far.

Edit: nevermind, found it: nmap -sP 192.168.0.0/24

Comments

  • mfillpot
    mfillpot Posts: 2,177
    Good find, there is a lot more that you can discover with nmap. Checkout the nmap man page at http://linux.die.net/man/1/nmap
  • marc
    marc Posts: 647
    SkyHiRider wrote:
    How can I scan my lan for mac addresses for all the pc's in it? Tried finding a switch for Nmap but no luck so far.

    Edit: nevermind, found it: nmap -sP 192.168.0.0/24

    Nice! Thanks for sharing it :D
  • gomer
    gomer Posts: 158
    So, that's one way. There is also a tool out there called arp-scan that will also work well. Especially if you are not trying to determine if there is second logical network on your physical LAN (e.g. someone using addresses outside of your subnet). You can also just ping your network's broadcast network and then check your ARP table. You can also check your switch's MAC address table or forwarding database. Or if you have a hub, not a switch, just sniff the wire w/ wireshark or tcpdump.

    And there are otherm more intrusive ways, too ... like arp poisoning and depending on the switching infrastructure, turning yourself into a trunk port on the switch, or forging some 802.3 frame w/ funny source MAC addresses, etc.

Categories

Upcoming Training