RE: Using ARP to map a network

From: Rajesh Kumar Dilli (drajesh@tcs-america.com)
Date: 02/05/03

  • Next message: Rod Strader: "RE: Routes that are susceptible to SNMP"
    From: "Rajesh Kumar Dilli" <drajesh@tcs-america.com>
    To: <jlewis@packetnexus.com>, <pen-test@securityfocus.com>
    Date: Tue, 4 Feb 2003 16:24:09 -0800
    
    

    Relying fully on the ARP tables will not enable you to map a network.
            If your goal is to do passive network mapping then you can build
    a table of arp and corresponding ip address, then use this knowledge
    along with other information such as TTL from these ip addresses to map
    the network.

    DRajesh

    -----Original Message-----
    From: Jason Lewis [mailto:jlewis@packetnexus.com]
    Sent: Tuesday, February 04, 2003 3:37 PM
    To: pen-test@securityfocus.com
    Subject: Using ARP to map a network

    I have searched and can't seem to find any tools to help map a network
    based on ARP tables.

    It seems to me, I could take ARP tables from several machines and build
    a
    network map. If machines were behind a router the ARP tables would show
    multiple IP's with the same MAC. With enough ARP tables, wouldn't I be
    able to build a map?

    Is my theory flawed?

    My goal is to do passive network mapping based on any local information
    I
    can obtain from computers or network devices. Anyone have any ideas?

    jas

    ------------------------------------------------------------------------

    ----
    This list is provided by the SecurityFocus Security Intelligence Alert
    (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please
    see:
    https://alerts.securityfocus.com/
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/
    


    Relevant Pages

    • RE: Using ARP to map a network
      ... If my goal is to passively map a network, what is the best way to do that? ... > I'm not quite sure how ARP harvesting ... >> This list is provided by the SecurityFocus Security ...
      (Pen-Test)
    • Re: Using ARP to map a network
      ... Using ARP to map a network ... > This list is provided by the SecurityFocus Security Intelligence Alert ...
      (Pen-Test)
    • Using ARP to map a network
      ... I have searched and can't seem to find any tools to help map a network ... based on ARP tables. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
      (Pen-Test)
    • RE: Using ARP to map a network
      ... The only way to truly passively map a network, ... >> there are machines that infrequently communicate outwards ... For more information on SecurityFocus' SIA ...
      (Pen-Test)
    • RE: Using ARP to map a network
      ... would that mean "mapping a network without sending out any packet"? ... mapping services and hosts on the local network ... spoofing ARP Replies, sending your MAC out for every known IP, and then ... >>> This list is provided by the SecurityFocus Security ...
      (Pen-Test)