From: Edwin van Andel (evanandel@yafsec.com)
Date: Wed Feb 05 2003 - 06:24:01 EST
Why bother? If you're mapping from the outside, the most you will get from it
is a dmz mapping since nat will probably be used for the internal networks.
Why not use nmap's idlescan feature? You've already got the ip of the edge
router if i'm correct and from the arp table one or more internal ip's.With
the idlescan you can look for openports thus active machines on the inside
net as seen from the edge router....
This will be far more current than the dynamic arp table as well.
http://www.nmap.org/nmap/idlescan.html
On Wednesday 05 February 2003 00:36, Jason Lewis wrote:
> I have searched and can't seem to find any tools to help map a network
> based on ARP tables.
>
> It seems to me, I could take ARP tables from several machines and build a
> network map. If machines were behind a router the ARP tables would show
> multiple IP's with the same MAC. With enough ARP tables, wouldn't I be
> able to build a map?
>
> Is my theory flawed?
>
> My goal is to do passive network mapping based on any local information I
> can obtain from computers or network devices. Anyone have any ideas?
>
> jas
>
>
>
> ---------------------------------------------------------------------------
>- This list is provided by the SecurityFocus Security Intelligence Alert
> (SIA) Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT