Ping not working? try ARP



I’ll confess to having a lot to learn about IP ethernet networking. I feel pretty comfortable with basic TCP/IP (v4), the concept of UDP vs. TCP ports, ICMP pings, etc… but ARP is something that I haven’t dabbled much with. It is, of course, a layer that TCP depends on. When a machine sends a packet to another machine, it sends an arp packet out to “discover” the hardware (MAC) address of the machine on the other end, so ARP underlies everything. These days ICMP is many times blocked by firewall rules. The default with XP’s software firewall is to block ICMP pings for instance.


This is a good thing, but within a LAN it can make life a bit trickier for someone scanning to see what machines are up. So, when the ping command fails… linux.com has an article on arping which is a tool to send an arp ping (makes sense…) These arp requests are non-routable so you can’t do an arp through a router to another network, but an arping will answer with the reply and MAC address of the host being pinged. That’s your ticket to identify if a firewalled host is up on your network.

Given that arp is required for tcp ip address/mac discovery, it can’t be blocked which makes it an excellent ICMP workaround.

So, another neat use of arp is to see what machines your computer has communicated with on the LAN, running arp gives the current IP to MAC address routing table, running this from a router/firewall would likely identify each machine on a network. The command ip neighbours should give a similar result (on one machine that was “ip neigh” instead….) All of the above commands will need to be run with root priviliges.

Related Posts

Blog Traffic Exchange Related Posts
  • IPtables magic, or... Blocking Aggressive Outbound Traffic with IPtables Blocking Aggressive Outbound Traffic with IPtables. For starters, I've tested this on a test system that started out with NO iptables rules, and then moved on to an IPCop install (the vmware download from vmwarez.com...) I've detailed previously one dilemma that I had with regard to my own cable connection......
  • Network security - how safe is your network? Looking at ARP A while back I did a network security series and one of the points that I mentioned was that it's important to know what is normal for your network. In other words, what machines are NORMALLY connected, what services are normally running, etc. Well, I'm about to start a serious......
  • Network Security guide for the home or small business network - preface OK, this is an ambitious idea, but the two articles on Titan Rain and the lack of IT security training has planted a bug under the saddle so to speak.... I don't know how many parts will be in this series. In fact, I may add to it from time......
Blog Traffic Exchange Related Websites
  • Todays Screening Equipment Ever wonder how the Mayans, Egyptians and the Romans worked with the earth and created such massive structures? They had all man operated systems to haul the rocks and mortar to the desired place. Animals sweating over wagons filled with building materials. What would they have built if they had......
  • Hidden IP Address Easy Information When connecting on the Internet, your property computer is assigned a public Ip. As you visit Websites or other Internet servers, that public Ip is transmitted and recorded in log files kept on those servers. Access logs leave behind a trail of one's Internet activity. When it were possible to......
  • Pinball Machines Collectibles -> Arcade, Jukeboxes and Pinball -> Pinball-> Machines Pinball machines are very special to many people and over the years, they have become very collectible. Whether you are looking for a pinball machine to restore or one that is in perfect order, they are a great addition to any......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site