ping
or using fping
for ranges.
You could also use nmap to send other types of ICMP packets (this will avoid filters to common ICMP echo request-response).nmap
, but it slower and somewhat nmap
has problems identifying hosts up../udp-proto-scanner.pl 199.66.11.53/24
This will send these UDP probes to their expected port (for a /24 range this will just take 1 min): DNSStatusRequest, DNSVersionBindReq, NBTStat, NTPRequest, RPCCheck, SNMPv3GetRequest, chargen, citrix, daytime, db2, echo, gtpv1, ike,ms-sql, ms-sql-slam, netop, ntp, rpc, snmp-public, systat, tftp, time, xdmcp.ping -b 10.10.5.255
ping -b 255.255.255.255
-PEPM
flag of nmap
to perform host discovery sending ICMPv4 echo, timestamp, and subnet mask requests: nmap -PEPM -sP –vvv -n 10.12.5.0/24
pip install scapy
Yersina
to capture CDP frames and show the information-c
parameter to 0
. The spoof mode generates custom packets similar to the ones a real VoIP device would transmit in the corporate network. To use it, set the -c
parameter to 1
. The spoof with a pre-madepacket mode sends the same packets as a Cisco 7971G-GE IP phone. To use it, set the -c
parameter to 2
.-i
parameter specifies the attacker’s network interface, and the -E
parameter specifies the name of the VOIP device being imitated. We chose the name SEP001EEEEEEEEE, which is compatible with the Cisco naming format for VoIP phones. The format consists of the word “SEP” followed by a MAC address. In corporate environments, you can imitate an existing VoIP device by looking at the MAC label on the back of the phone; by pressing the Settings button and selecting the Model Information option on the phone’s display screen; or by attaching the VoIP device’s Ethernet cable to your laptop and observing the device’s CDP requests using Wireshark.includeSubdomains
so the wwww.facebook.com example from before won't work anymore as facebook.com uses HSTS with includeSubdomains
.