A simple Python active and passive network scanner for linux and OSX
Simple python script which uses pcap, arp-scan, and avahi to:
Note: Since IP addresses change, the hosts are finger printed via their MAC address.
Note: On linux it uses avahi to get hostnames, but doesn’t work on OSX
Fing is a great and fast network scanner, I have their app on my iPad. However, the fing commandline tool for RPi I have noticed errors in the MAC address and therefor don’t trust it for this application.
brew install pcap arp-scan
sudo apt-get install libpcap-dev arp-scan
Download and unzip, then from inside the package:
sudo python setup.py install
If you are working on it:
sudo python setup.py develop
To see all run time options:
Basic, to search for addresses on your network, use:
sudo netscan -a -r 5000 -i en1
|interface to listen to, ex. en0, en1|
|-r, --range||what ports to scan (1 … n), where n in this case is 5000 (upper limit)|
The default is to display results to the screen.
Note: This has to be run as root
sudo netscan -p 1000 -j network.json -i en1
|-p, --passive||conduct passive mode, scan 1000 packets and output results|
|-j, --json||output results to a json file|
sudo netscan -a -p 1000 -w network.html -i en1
|-w, --webpage||output to webpage name network.html|
JSON files can be hard to read (one long string), this puts it into an easier form to digest.
This is designed to work with Node.js netscan but that is still work in progress.