Re: mac to ip address tools

From: arif.jatmoko@sea.ccamatil.com
Date: Wed Oct 26 2005 - 00:09:12 EDT


In case of ARP poisoning attack, arpwatch will help you. You could also
detect those poisoning and its promiscious mode using same tool like
Ettercap.

cheers,
Arif Jatmoko

|+---------------------+--------------------------------------------------|
|| kukulkan | |
|| <ismandya@sains.co|         To:        Chris Moody |
|| m.my> | <chris@siliconhotrod.com> |
|| |         cc:        Glyn Geoghegan |
|| 10/26/2005 07:44 | <glyng@moiler.com>, pen-test@securityfocus.com,|
|| AM | (bcc: Arif Jatmoko/IDN/SEA/CCA) |
|| |         Subject:        Re: mac to ip address |
|| | tools |
|| | |
|+---------------------+--------------------------------------------------|

yeah. There are about 500-600 machines in this place, I say this because
these are the registered machines. What about those not registered?
there is one thing that bother them is that when we tried to use arp it
seems that they are about 100  machines  with the same mac address.
Wonder could this be the the machines here have been poisoned?

Chris Moody wrote:

> The biggest problem with your question lies in topology restrictions.
>
> Unless you have a host system in the broadcast domain (aka subnet) of
> the host ip in question, all your arp responses will be that of the
> gateway enroute to the end host.
>
> You'll get -very- skewed results if you're trying to map say...1000
> machines (most of which live on different subnets) and see nothing but
> the MAC of your router as the resolved address.
>
> For something enterprise wide, you will need to look at scripting a
> arp cache harvesting mechanism.  This can report back the REAL mac to
> ip mapping for the host system.
>
> Contact me offline for more information on how to accomplish this.
>
> -Chris
>
> Glyn Geoghegan wrote:
>
>> arp -a
>>
>> --  G l y n   G e o g h e g a n
>>
>>
>> On 25 Oct 2005, at 10:48, kukulkan wrote:
>>
>>> Hi list,
>>>
>>> Need help. Is there any open source tools linux or windows, that
>>> when given a MAC address, the list(s) of IP address can be obtained?
>>>
>>> kukulkan
>>>
>>>
>>> ----------------------------------------------------------------------
>>> --------
>>> Audit your website security with Acunetix Web Vulnerability Scanner:
>>> Hackers are concentrating their efforts on attacking applications
>>> on your website. Up to 75% of cyber attacks are launched on
>>> shopping carts, forms, login pages, dynamic content etc. Firewalls,
>>> SSL and locked-down servers are futile against web application
>>> hacking. Check your website for vulnerabilities to SQL injection,
>>> Cross site scripting and other web attacks before hackers do!
>>> Download Trial at:
>>>
>>> http://www.securityfocus.com/sponsor/pen-test_050831
>>> ----------------------------------------------------------------------
>>> ---------
>>>
>>>
>>
>>
>>
------------------------------------------------------------------------------

>>
>> Audit your website security with Acunetix Web Vulnerability Scanner:
>> Hackers are concentrating their efforts on attacking applications on
>> your website. Up to 75% of cyber attacks are launched on shopping
>> carts, forms, login pages, dynamic content etc. Firewalls, SSL and
>> locked-down servers are futile against web application hacking. Check
>> your website for vulnerabilities to SQL injection, Cross site
>> scripting and other web attacks before hackers do! Download Trial at:
>>
>> http://www.securityfocus.com/sponsor/pen-test_050831
>>
-------------------------------------------------------------------------------

>>
>>
>>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
futile against web application hacking. Check your website for
vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:06 EDT