Re: Determine IP address assigned to MAC

From: "Secure Buddha" <securebuddha@xxxxxxxxx>
Date: 13 Jan 2006 02:01:44 -0800

This ia actually the job of the reverse address resolution
protocol(rarp). Google for it to find out more information if you so
desire. However, this rarp protocol will not apply to your scenario
becuase there are no static address assignments.

To successfully acquire the information that you need for a given node
you will need to send a broadcast to the subnet that you are attempting
to access using the "ping" utility. This will then elicit a response
from all the nodes located on the desired node's subnet. More
importantly, the node that you are trying to access.

Now that you have received a echo_reply from the subnet nodes, your arp
cache will contain all the MAC address to IP address resolutions. You
can then "grep" the cache for the needed MAC address to IP address
pairing.

for instance:
buddha@linux:~> ping -b <subnet broadcast>
PING <subnet broadcast>(<subnet broadcast>) 56(84) bytes of data.
64 bytes from <subnet broadcast>: icmp_seq=1 ttl=64 time=0.130 ms
64 bytes from <subnet broadcast>: icmp_seq=2 ttl=64 time=0.078 ms
64 bytes from <subnet broadcast>: icmp_seq=3 ttl=64 time=0.087 ms
64 bytes from <subnet broadcast>: icmp_seq=4 ttl=64 time=0.109 ms
64 bytes from <subnet broadcast>: icmp_seq=5 ttl=64 time=0.097 ms
64 bytes from <subnet broadcast>: icmp_seq=6 ttl=64 time=0.086 ms

buddha@linux:~> /sbin/arp -a
? (<node1>) at 00:0A:41:7E:B8:A0 [ether] on eth0
? (<node2>) at 00:0A:41:7E:B8:A1 [ether] on eth0
? (<node3>) at 00:0A:41:7E:B8:A2 [ether] on eth0

Now this whole process is dependent on a few things:

1. You are capable of sending broadcasts to the internal subnet. It may
be rejected from a external router or firewall through ingress rules.

2. Host resident firewalls may deny echo_requests.

3. Egress filtering may be in place to deny information leakage from
the internal network/subnets.

Hopefully, that'll help. Good luck.
Thomas

.

Follow-Ups:
- Re: Determine IP address assigned to MAC
  - From: Moe Trin

References:
- Determine IP address assigned to MAC
  - From: Ian Pilcher

Prev by Date: Re: Determine IP address assigned to MAC
Next by Date: Re: UPnP NAT
Previous by thread: Re: Determine IP address assigned to MAC
Next by thread: Re: Determine IP address assigned to MAC
Index(es):
- Date
- Thread

Relevant Pages

Re: Now can I get rid of WINS?
... > Browsing Network Places requires NetBIOS name resolution, which DNS ... Don't need Network Places? ... He might benefit on a single subnet but that is not likely. ...
(microsoft.public.windows.server.dns)
Re: Explorer view
... I have salso seen this in my home network when the server is not on the same ... subnet as the client, or the name resolution is slow or incomplete. ...
(microsoft.public.sharepoint.windowsservices)
Re: DNS A Record Order.
... Subnet A and B have DC's .5 in each. ... The resolution of the domain name foo.com points to the 2 dc's ... We have turned off round robin DNS. ... I would expect that then the DNS server would return recored in the ...
(microsoft.public.win2000.dns)
Re: Dont use the "use" clause
... the examiner can handle the extra name resolution! ... choice is sometimes a driver for the desire to employ "use"? ... Then the desire to strip away chunks of the name becomes less pressing. ... is it encourages this kind of naming because nobody ever has to worry about what a name might look like with bits of it missing. ...
(comp.lang.ada)
DNS A Record Order.
... Subnet A and B have DC's .5 in each. ... We have turned off round robin DNS. ... Is there a way to "lock" the resolution order for the domain A records? ...
(microsoft.public.win2000.dns)