Common tools for scanning
In the following sections, we will learn how to scan for live hosts using different tools and protocols. Some protocols are more likely to produce more accurate results when scanning on target networks, and we will see why.
Address Resolution Protocol scanning tools
As both internal and external footprinting require us to establish a target list by finding IP address ranges and live hosts, we will take a look at a few network utilities that can be used to find live hosts. Ettercap, for instance, is a good internal network mapping and remapping utility, and has a built-in Address Resolution Protocol (ARP) scanning solution that can be called directly from the command line as follows:
root@wnld960:~# ettercap -T -i eth0 // ...