Note: The VMs are configured to use NatNetwork in Virtualbox. I will execute the python script on my Kali Linux machine and try to scan the entire network. Okay, before jumping to writing the code in Python I’ll tell you about the setup that I have: I am currently on Windows 10 and I have Virtualbox running with two VMs (1. It easily handles most tasks like scanning, tracerouting, probing, unit tests, attacks, or network discovery. It can forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. This capability allows the development of tools that can probe, scan, or attack networks. Scapy: Enables the user to send, sniff and dissect and forge network packets.argparse: To understand what this does read my first article here.Now that we know how does the network scanner works internally, let’s start writing it in Python. If it is still not clear what ARP is and how it works then refer to the images below. Network Scanner uses ARP Request and Response to scan the entire network to find active devices on the network and also to find their MAC Addresses. After receiving the broadcast message, the device with the IP address equal to the IP address in the message will send an ARP Response containing its MAC Adress to the sender.This request is broadcasted meaning every device in the network will receive this but only the device with the intended IP address will respond. The sending device sends an ARP Request containing the IP Address of the device it wants to communicate with.ARP involves two steps to find the MAC address:
For instance, a device wants to communicate with the other device on the network, then the sending device uses ARP to find the MAC Address of the device that it wants to communicate with. ARP is used to find out the MAC Address of a particular device whose IP address is known. In a network, most of the computers use the IP Address to communicate with other devices, however, in reality, the communication happens over the MAC Address. To understand how the Network Scanner scans the entire network we need to first understand what is ARP (Address Resolution Protocol). A popular tool that’s commonly used CyberSecurity professionals is nmap. It scans the network and returns an IP address and it’s corresponding MAC address if the device is present. This tool takes an IP address or a range of IP addresses as input and then scans each IP Addresses sequentially and determines whether a device is present on that particular IP address or not. It is also used for diagnostic and investigative purposes to find and categorize what devices are running on a network. A network scanner is a software tool that scans the network for connected devices.
0 kommentar(er)
