Chinaunix首页 | 论坛 | 博客
  • 博客访问: 744381
  • 博文数量: 95
  • 博客积分: 1754
  • 博客等级: 上尉
  • 技术积分: 1607
  • 用 户 组: 普通用户
  • 注册时间: 2010-03-12 10:06
文章分类

全部博文(95)

文章存档

2015年(3)

2013年(15)

2012年(77)

分类: LINUX

2012-06-06 09:12:12

1,在安装之前需要安装
yum install -y libpcap libpcap-devel
如果没有安装yum工具
需要用rpm安装如下软件包
[root@oradba arp-scan-1.8]# yum list|grep libpcap
libpcap.i386                               14:0.9.4-15.el5             installed
libpcap.x86_64                             14:0.9.4-15.el5             installed
libpcap-devel.i386                         14:0.9.4-15.el5             installed
libpcap-devel.x86_64                       14:0.9.4-15.el5             installed
2,下载软件包
wget
3,编译软件包
tar xvf arp-scan-1.8.tar.gz
cd arp-scan-1.8
./configure
make && make install
查看网段所有的主机
[root@oradba arp-scan-1.8]# arp-scan -l
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8 with 256 hosts ()
192.168.100.1   00:24:1d:17:d6:e3       GIGA-BYTE TECHNOLOGY CO.,LTD.
192.168.100.4   00:26:b9:51:68:ef       Dell Inc   //网卡
192.168.100.5   20:cf:30:6f:6f:c6       ASUSTek COMPUTER INC.
192.168.100.6   48:5b:39:86:1c:62       ASUSTek COMPUTER INC.
192.168.100.7   48:5b:39:86:1c:3a       ASUSTek COMPUTER INC.

有多个网卡可以指定选择哪个网卡
[root@gateway ~]# arp-scan --interface=eth1 -l
Interface: eth1, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8 with 256 hosts ()
192.168.100.1   00:24:1d:17:d6:e3       GIGA-BYTE TECHNOLOGY CO.,LTD.
192.168.100.4   00:26:b9:51:68:ef       Dell Inc
192.168.100.5   20:cf:30:6f:6f:c6       ASUSTek COMPUTER INC.
192.168.100.6   48:5b:39:86:1c:62       ASUSTek COMPUTER INC.
192.168.100.7   48:5b:39:86:1c:3a       ASUSTek COMPUTER INC.
192.168.100.8   bc:30:5b:ad:74:22       Dell Inc.
192.168.100.9   00:26:b9:8e:16:17       Dell Inc
192.168.100.15  00:26:b9:35:cf:63       Dell Inc
192.168.100.17  00:0c:29:08:6a:06       VMware, Inc.
192.168.100.18  00:0c:29:08:6a:06       VMware, Inc.
192.168.100.19  00:0c:29:08:6a:06       VMware, Inc.
192.168.100.20  00:0c:29:08:6a:06       VMware, Inc.
192.168.100.22  00:24:1d:17:d6:e3       GIGA-BYTE TECHNOLOGY CO.,LTD.
192.168.100.23  84:2b:2b:59:31:4f       Dell Inc.
192.168.100.24  00:26:b9:8e:16:17       Dell Inc

指定某一段IP地址
[root@gateway ~]# arp-scan --interface=eth1 192.168.100.0/29
Interface: eth1, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8 with 8 hosts ()
192.168.100.1   00:24:1d:17:d6:e3       GIGA-BYTE TECHNOLOGY CO.,LTD.
192.168.100.4   00:26:b9:51:68:ef       Dell Inc
192.168.100.5   20:cf:30:6f:6f:c6       ASUSTek COMPUTER INC.
192.168.100.6   48:5b:39:86:1c:62       ASUSTek COMPUTER INC.
192.168.100.7   48:5b:39:86:1c:3a       ASUSTek COMPUTER INC.

用于更新MAC地址,便于在扫描时知道使用的是那个厂商的网卡
[root@gateway ~]# get-oui -v
Fetching OUI data from
Fetched 2642079 bytes
Opening output file ieee-oui.txt
16445 OUI entries written to file ieee-oui.txt
[root@gateway ~]# get-iab -v
Fetching IAB data from
Fetched 608631 bytes
Opening output file ieee-iab.txt
3995 IAB entries written to file ieee-iab.txt


 
其它用法可以参照arp-scan --help
阅读(18575) | 评论(2) | 转发(3) |
给主人留下些什么吧!~~

alang852012-06-06 10:56:06

weilua: 写的比较清晰,明细。还不错。.....
多来这里逛逛,兄弟。你会有不少收获。

weilua2012-06-06 10:52:49

写的比较清晰,明细。还不错。