Backtrack, Tools

Discover other computers or devices on the network

1. Open your BackTrack VM.

2. Goto Applications->BackTrack->Information Gathering->Network Analysis->Identify Live Hosts->netdiscover

3. Execute the following command to scan the local network:

netdiscover -i eth1 -r xxx.xxx.x.0/24

to get a response similar to this:

Currently scanning: Finished!   |   Screen View: Unique Hosts                 
 
 8 Captured ARP Req/Rep packets, from 5 hosts.   Total size: 480               
 _____________________________________________________________________________
   IP            At MAC Address      Count  Len   MAC Vendor                   
 ----------------------------------------------------------------------------- 
 xxx.xxx.x.x     yy:yy:yy:yy:yy:yy    02    120   Unknown vendor               
 xxx.xxx.x.x     aa:aa:aa:aa:aa:aa    01    060   DIGITAL EQUIPMENT CORPORATION
 xxx.xxx.x.xx    00:00:00:00:00:00    01    060   Vixen Co., Ltd.              
 xxx.xxx.x.xx    cc:cc:cc:cc:cc:cc    01    060   Unknown vendor               
 xxx.xxx.x.x     ee:ee:ee:ee:ee:ee    03    180   Unknown vendor

Usage
netdiscover [-i device] [-r range | -l file | -p] [-s time] [-n node] [-c count] [-f] [-d] [-S] [-P] [-C]
-i device: your network device
-r range: scan a given range instead of auto scan. 192.168.6.0/24,/16,/8
-l file: scan the list of ranges contained into the given file
-p passive mode: do not send anything, only sniff
-F filter: Customize pcap filter expression (default: “arp”)
-s time: time to sleep between each arp request (miliseconds)
-n node: last ip octet used for scanning (from 2 to 253)
-c count: number of times to send each arp reques (for nets with packet loss)
-f enable fastmode scan, saves a lot of time, recommended for auto
-d ignore home config files for autoscan and fast mode
-S enable sleep time supression betwen each request (hardcore mode)
-P print results in a format suitable for parsing by another program
-L in parsable output mode (-P), continue listening after the active scan is completed