Common tools for scanning

In the following sections, we will learn how to scan for live hosts using different tools and protocols. Some protocols are more likely to produce more accurate results when scanning on target networks, and we will see why.

Address Resolution Protocol scanning tools

As both internal and external footprinting require us to establish a target list by finding IP address ranges and live hosts, we will take a look at a few network utilities that can be used to find live hosts. Ettercap, for instance, is a good internal network mapping and remapping utility, and has a built-in Address Resolution Protocol (ARP) scanning solution that can be called directly from the command line as follows:

root@wnld960:~# ettercap -T -i eth0 // ...

Get Penetration Testing with Perl now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.