find local computers
MKlinke
mklinke at axsi.com
Mon Mar 1 11:54:15 UTC 2004
On Monday 01 March 2004 09:07, Marty Landman wrote:
> At 09:36 AM 3/1/2004, MKlinke wrote:
> >"nmap" will also ping as well as return the DNS name of the
> > computers it finds
>
> I tried this on a fbsd box where nmap is installed and the results
> weren't thorough, explained to me that the arp cache wouldn't have
> every node in it if they weren't recently accessed. If that's not
> right then it's likely my misunderstanding.
>
Nmap can attempt to discover machines in various ways. The manual is
well worth the read. "man nmap". I can't say what may have been going
on with the "fbsd" box but as regards pings, here's an excerpt:
Ping scanning: Sometimes you only want to know which hosts on a
network are up. Nmap can do this by sending ICMP echo request
packets to every IP address on the networks you specify. Hosts
that respond are up. Unfortunately, some sites such as
microsoft.com block echo request packets. Thus nmap can also
send a TCP ack packet to (by default) port 80. If we get an RST
back, that machine is up. A third technique involves sending a
SYN packet and waiting for a RST or a SYN/ACK. For non-root
users, a connect() method is used.
By default (for root users), nmap uses both the ICMP and ACK
techniques in parallel. You can change the -P option described
later.
Note that pinging is done by default anyway, and only hosts that
respond are scanned. Only use this option if you wish to ping
sweep without doing any actual port scans.
Regards, Mike Klinke
More information about the redhat-list
mailing list