Linux.com

Home Linux Community Forums Hardware Networking scan network for mac addresses with nmap

scan network for mac addresses with nmap

Link to this post 23 May 10

How can I scan my lan for mac addresses for all the pc's in it? Tried finding a switch for Nmap but no luck so far.

Edit: nevermind, found it: nmap -sP 192.168.0.0/24

Link to this post 23 May 10

Good find, there is a lot more that you can discover with nmap. Checkout the nmap man page at http://linux.die.net/man/1/nmap

Link to this post 24 May 10

SkyHiRider wrote:

How can I scan my lan for mac addresses for all the pc's in it? Tried finding a switch for Nmap but no luck so far.

Edit: nevermind, found it: nmap -sP 192.168.0.0/24

Nice! Thanks for sharing it :D

Link to this post 25 Jun 10

So, that's one way. There is also a tool out there called arp-scan that will also work well. Especially if you are not trying to determine if there is second logical network on your physical LAN (e.g. someone using addresses outside of your subnet). You can also just ping your network's broadcast network and then check your ARP table. You can also check your switch's MAC address table or forwarding database. Or if you have a hub, not a switch, just sniff the wire w/ wireshark or tcpdump.

And there are otherm more intrusive ways, too ... like arp poisoning and depending on the switching infrastructure, turning yourself into a trunk port on the switch, or forging some 802.3 frame w/ funny source MAC addresses, etc.

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board