WalkerWiki - wiki.alanwalker.uk

User Tools

Site Tools

Trace:
arp-scan

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
arp-scan [2016/09/20 19:21] – [Example Output] walkeradminarp-scan [2023/03/09 22:35] (current) – external edit 127.0.0.1
Line 12: Line 12:
 \\  \\ 
 \\  \\ 
-=== Operation ====+==== Operation ====
 \\  \\ 
 To use <color red>arp-scan</color> enter the following from the command line: To use <color red>arp-scan</color> enter the following from the command line:
 \\  \\ 
     sudo arp-scan -l     sudo arp-scan -l
 +<color red>arp-scan</color> will not show the <color red>local NIC</color> doing the scan mac address
 \\  \\ 
 \\  \\ 
Line 23: Line 24:
 Interface: eth0, datalink type: EN10MB (Ethernet) Interface: eth0, datalink type: EN10MB (Ethernet)
 Starting arp-scan 1.8.1 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/) Starting arp-scan 1.8.1 with 256 hosts (http://www.nta-monitor.com/tools/arp-scan/)
-192.168.1.1     00:1d:aa:a5:66:08       DrayTek Corp. +192.168.100.1     11:1d:aa:a6:66:1b       DrayTek Corp. 
-192.168.1.    b8:ac:6f:2c:cf:44       Dell Inc +192.168.100.    aa:ac:6f:0c:cf:66       Dell Inc 
-192.168.1.    3c:d9:2b:54:cd:94       (Unknown) +192.168.100.    ac:da:0b:6b:cd:ab       (Unknown) 
-192.168.1.    38:60:77:df:da:fe       (Unknown) +192.168.100.    ab:61:bb:df:da:dd       (Unknown) 
-192.168.1.    b8:27:eb:25:73:7d       (Unknown) +192.168.100.    aa:00:eb:06:ba:bd       (Unknown) 
-192.168.1.    b8:27:eb:a2:83:97       (Unknown) +192.168.100.    aa:00:eb:a0:ba:ab       (Unknown) 
-192.168.1.    b8:a3:86:6a:4a:d0       (Unknown) +192.168.100.    aa:aa:b6:6a:ba:d1       (Unknown) 
-192.168.1.16    40:8d:5c:1e:76:bb       (Unknown) +192.168.100.16    b1:bd:6c:1e:b6:bb       (Unknown) 
-192.168.1.51    00:19:fb:88:64:96       BSkyB Ltd +192.168.100.61    11:1a:fb:bb:6b:a6       BSkyB Ltd 
-192.168.1.56    c0:33:5e:41:7a:d1       (Unknown) +192.168.100.66    a6:aa:6e:b1:ba:d1       (Unknown) 
-192.168.1.56    c0:33:5e:41:7a:d1       (Unknown) (DUP: 2) +192.168.100.66    a6:aa:6e:b1:ba:d1       (Unknown) (DUP: 2) 
-192.168.1.62    b8:3e:59:28:43:30       (Unknown) +192.168.100.60    aa:ae:6a:0b:ba:a1       (Unknown) 
-192.168.1.54    00:ae:fa:f0:a4:a9       (Unknown) +192.168.100.62    11:ae:fa:f1:ab:aa       (Unknown) 
-192.168.1.59    f4:5c:89:ec:0f:9b       (Unknown) +192.168.100.63    fb:6c:ba:ec:1f:ab       (Unknown) 
-192.168.1.61    b8:3e:59:19:02:0d       (Unknown)+192.168.100.64    aa:ae:6a:1a:10:1d       (Unknown)
 </file> </file>
 +\\ 
 +<color red>*Note: these are fabricated IP and MAC Addresses</color> so don't go looking for them :)
 +\\ 
 +\\ 
 +\\ 
 +==== Searching for a particular MAC ====
 +\\ 
 +If there are a lot of devices on the network, and you know the MAC, you can search using <color red>arp-scan</color>
 + and filter the output with <color red>grep</color>
 +\\ 
 +    sudo arp-scan -l | grep "MAC"
 +    
 +    sudo apr-scan -l | grep "00:a1:d0:00-4a:01"
 +\\ 
 +\\ 
  
arp-scan.1474395716.txt.gz · Last modified: 2023/03/09 22:35 (external edit)