It is very easy on Linux to find out very useful networking details. The netdiscover utility will display a listing of all hosts on your local network. This would be very useful if run on a wireless network that does not have host isolation enabled. This can help you find networked printers and other useful things on your network. Knowing what hosts are on a network is a very important part of penetration testing. The nmap utility may also be used to locate and display active hosts on the chosen network. This nmap example will scan a 192.168.1.0/24 network and return information on all hosts found.
sudo nmap -sP -PU161 192.168.1.0/24 |
Here is the output I got.
jason@Yog-Sothoth:~$ sudo nmap -sP -PU161 192.168.1.0/24 #custom UDP scan Starting Nmap 7.60 ( https://nmap.org ) at 2020-06-12 12:16 AEST Nmap scan report for _gateway (192.168.1.1) Host is up (0.00036s latency). MAC Address: C8:14:51:5F:A9:47 (Huawei Technologies) Nmap scan report for 192.168.1.3 Host is up (0.070s latency). MAC Address: 30:07:4D:CB:11:05 (Samsung Electro-mechanics(thailand)) Nmap scan report for Yog-Sothoth (192.168.1.2) Host is up. Nmap done: 256 IP addresses (3 hosts up) scanned in 64.40 seconds |
This returned all hosts on the Local Area Network except the one I was using for the scan.
As well as the MAC addresses of the networking hardware in each device. To print the kernel routing tables, use the route command. The route -n command will do this just fine. To print the gateway IP address of your PC, use this command.
jason@Yog-Sothoth:~$ ip route show 0.0.0.0/0 | awk '{print $3}' 192.168.1.1 |
Thes networking tips should be very useful for those of you who are learning networking on Linux and needed some more tips.