From: Rajesh Kumar Dilli (drajesh@tcs-america.com)
Date: Tue Feb 04 2003 - 19:24:09 EST
Relying fully on the ARP tables will not enable you to map a network.
If your goal is to do passive network mapping then you can build
a table of arp and corresponding ip address, then use this knowledge
along with other information such as TTL from these ip addresses to map
the network.
DRajesh
-----Original Message-----
From: Jason Lewis [mailto:jlewis@packetnexus.com]
Sent: Tuesday, February 04, 2003 3:37 PM
To: pen-test@securityfocus.com
Subject: Using ARP to map a network
I have searched and can't seem to find any tools to help map a network
based on ARP tables.
It seems to me, I could take ARP tables from several machines and build
a
network map. If machines were behind a router the ARP tables would show
multiple IP's with the same MAC. With enough ARP tables, wouldn't I be
able to build a map?
Is my theory flawed?
My goal is to do passive network mapping based on any local information
I
can obtain from computers or network devices. Anyone have any ideas?
jas
------------------------------------------------------------------------
---- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT