In this recipe, we will learn how to perform the discovery of live network devices/machines over the network, using two methods: Passive information gathering and active information gathering.
We will examine the network traffic of our environment as a part of our passive information gathering, followed by active information gathering, in which we will send packets over the network to detect active machines and services running on them.
In order to begin with this recipe, we will be using a simple ARP sniffing/scanning tool called netdiscover. It is a net-discovery tool which can be used for active/passive ARP reconnaissance.
Let's start with passive reconnaissance: