Ping not working? try ARP
I’ll confess to having a lot to learn about IP ethernet networking. I feel pretty comfortable with basic TCP/IP (v4), the concept of UDP vs. TCP ports, ICMP pings, etc… but ARP is something that I haven’t dabbled much with. It is, of course, a layer that TCP depends on. When a machine sends a packet to another machine, it sends an arp packet out to “discover” the hardware (MAC) address of the machine on the other end, so ARP underlies everything. These days ICMP is many times blocked by firewall rules. The default with XP’s software firewall is to block ICMP pings for instance.
This is a good thing, but within a LAN it can make life a bit trickier for someone scanning to see what machines are up. So, when the ping command fails… linux.com has an article on arping which is a tool to send an arp ping (makes sense…) These arp requests are non-routable so you can’t do an arp through a router to another network, but an arping will answer with the reply and MAC address of the host being pinged. That’s your ticket to identify if a firewalled host is up on your network.
Given that arp is required for tcp ip address/mac discovery, it can’t be blocked which makes it an excellent ICMP workaround.
So, another neat use of arp is to see what machines your computer has communicated with on the LAN, running arp gives the current IP to MAC address routing table, running this from a router/firewall would likely identify each machine on a network. The command ip neighbours should give a similar result (on one machine that was “ip neigh” instead….) All of the above commands will need to be run with root priviliges.
Popularity: 1% [?]
Related Posts - Network Security - Arp spoofing So.... what is arp spoofing (poisoning).... and what are it's implications? ARP spoofing involves tricking a machine into thinking that you're machine is, yet another. Let's put this in IP address terms. Let's say that 192.168.0.1 is the default gatway on the network and 192.168.0.150 is our target. We are......
- Network Security - Hub or Switch? So, for those that have a little bit of knowledge about network hardware, you've probably heard this. "You can't sniff switched networks".... wrong.... let's see what this is about. Older networking hardware was dominated by what's called a hub. This was basically a "dumb" device that when it received data,......
- Network Security guide for the home or small business network - Part 2 - A Software Firewall Do I really need a hardware firewall? I'm running XP Service Pack 2 with the built in firewall? (or norton, or zonealarm?) Well, personal firewalls (the name that software firewalls go by) are good for a great many things that hardware firewalls AREN'T. They do have their limitations though and......
Related Websites - How To Protect your Wi-Fi network from unauthorized access Wireless security is of major concern at this time. Terrorists might use your unprotected Wireless network for sending e-mails and/or Cyber Terrorists can use it for hacking into Government websites/networks. Your IP address will be traced by the Cyber Police and you'll be in unnecessary trouble. Very less people actually......
- Increase Traffic to Blog, pt1 This is part one in a three part series dedicated to increasing traffic to your blog in a number of different ways. Now that you have your blog set up and you are beginning to post useful information in its pages, the next step is to start attracting useful readers......
- Pinball Machines Collectibles -> Arcade, Jukeboxes and Pinball -> Pinball-> Machines Pinball machines are very special to many people and over the years, they have become very collectible. Whether you are looking for a pinball machine to restore or one that is in perfect order, they are a great addition to any......
Similar Posts
- What is a Ping?
- Network Security – how should an open wireless access point be run beside a safe network?
- Strange Problem Made Simple | Verizon DSL Modem confusion
- Strange net problems with a Netgear FS608 switch
- Network Security – Arp spoofing