How to use the command arp-scan (with examples)
The arp-scan command is used to send ARP packets to hosts in order to scan the local network. It is a useful tool for network administrators and security professionals to discover and identify devices on the network.
Use case 1: Scan the current local network
Code:
arp-scan --localnet
Motivation: By using the --localnet option, the arp-scan command will scan the current local network and display the ARP packets received from each host. This can be helpful for network troubleshooting or identifying unknown devices on the network.
Explanation:
arp-scanis the command to be executed.--localnetis the option to specify scanning the current local network.
Example output:
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
192.168.1.1 XX:XX:XX:XX:XX:XX Manufacturer
192.168.1.2 XX:XX:XX:XX:XX:XX Manufacturer
192.168.1.3 XX:XX:XX:XX:XX:XX Manufacturer
...
Use case 2: Scan an IP network with a custom bitmask
Code:
arp-scan 192.168.1.1/24
Motivation: In this use case, the arp-scan command is used to scan an IP network with a custom bitmask. This allows the user to specify a particular range of IP addresses to be scanned, providing more targeted results.
Explanation:
arp-scanis the command to be executed.192.168.1.1/24is the IP network range to be scanned, with a bitmask of /24.
Example output:
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
192.168.1.1 XX:XX:XX:XX:XX:XX Manufacturer
192.168.1.2 XX:XX:XX:XX:XX:XX Manufacturer
192.168.1.3 XX:XX:XX:XX:XX:XX Manufacturer
...
Use case 3: Scan an IP network within a custom range
Code:
arp-scan 127.0.0.0-127.0.0.31
Motivation: This use case demonstrates how to scan an IP network within a custom range. By providing the starting and ending IP addresses, the arp-scan command can be used to scan a specific range of IP addresses.
Explanation:
arp-scanis the command to be executed.127.0.0.0-127.0.0.31is the IP network range to be scanned, from 127.0.0.0 to 127.0.0.31.
Example output:
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.9.7 with 32 hosts (https://github.com/royhills/arp-scan)
127.0.0.0 XX:XX:XX:XX:XX:XX Manufacturer
127.0.0.1 XX:XX:XX:XX:XX:XX Manufacturer
127.0.0.2 XX:XX:XX:XX:XX:XX Manufacturer
...
Use case 4: Scan an IP network with a custom net mask
Code:
arp-scan 10.0.0.0:255.255.255.0
Motivation: In this use case, the arp-scan command is used to scan an IP network with a custom net mask. By specifying the network IP and the subnet mask, the user can scan a specific network segment.
Explanation:
arp-scanis the command to be executed.10.0.0.0:255.255.255.0is the IP network range to be scanned, with a net mask of 255.255.255.0.
Example output:
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
10.0.0.1 XX:XX:XX:XX:XX:XX Manufacturer
10.0.0.2 XX:XX:XX:XX:XX:XX Manufacturer
10.0.0.3 XX:XX:XX:XX:XX:XX Manufacturer
...
Conclusion:
The arp-scan command is a versatile tool for scanning local networks and identifying devices. By using various options, users can customize the scanning process to target specific IP addresses or ranges. This can be valuable for network administration, troubleshooting, and security purposes.
