Few days back, I had to find the MAC address of a machine whose IP address I know. Simple solution is to use ARP but the question is how ? One solution that I have is ping the machine and check your ARP cache. e.g. you need to find out the MAC address of machine having IP address, 192.168.16.134, do the following :-
-bash-2.05b# ping -c 1 -s 1 192.168.16.134
PING 192.168.16.134 (192.168.16.134) 1(29) bytes of data.
9 bytes from 192.168.16.134: icmp_seq=1 ttl=255
— 192.168.16.134 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
-bash-2.05b# arp -na
? (192.168.16.134) at 00:0B:2B:1A:D7:36 [ether] on eth0
? (192.168.16.19) at 00:0B:2B:12:BA:DA [ether] on eth0
Nice to have information.
From the comment by adoldo I came to know that same thing can be done using following command on linux systems (as root)
arping [IP Address]
When knowledge poures, it poures from everywhere. we can also do an nmap which gives way more information than would be required I think, including ports (hAck3rs’ 0xd31ght)
$ nmap 192.168.16.11
Starting Nmap 4.00 ( http://www.insecure.org/nmap/ ) at 2006-12-07 09:43 AKST
Interesting ports on 192.168.16.11:
(The 1669 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
6000/tcp open X11
MAC Address: 00:0F:FE:1B:9B:A7 (G-pro Computer)
Nmap finished: 1 IP address (1 host up) scanned in 1.553 seconds
Cool stuff !