Netdiscover is a network discovery tool used to detect hosts and services on a local area network (LAN). It sends ARP requests to the network and then listens for responses from hosts on the network. Netdiscover can be used to map out the network topology, identify live hosts, and gather information about the services running on those hosts.
Netdiscover is a command-line tool that is available for Linux, BSD, and macOS operating systems. It is often used by network administrators and security professionals to perform network reconnaissance and identify potential vulnerabilities on the network. Netdiscover is a passive tool that does not send any packets to the hosts on the network, which makes it a useful tool for network mapping and reconnaissance. However, it should be used ethically and with the permission of the network owner.
Netdiscover can be used with a range of command-line options to customize its behavior. For example, it can be used to scan a specific range of IP addresses, exclude certain IP addresses from the scan, or output the results in different formats.
Netdiscover runs simply by calling executing the command in auto mode:
Command: netdiscover
In case, if you want to specify any range then the command is:
Command: netdiscover -r <range>
Furthermore, you can also scan for multiple ranges. This is useful when you have a large network with multiple subnets & networks.
Command: netdiscover -l <file>
For passive scanning, the command is:
Command: netdiscover -p -r <range,optional>
For parsable output, you have to specify the -PN attribute at the end of the command:
Command: netdiscover -r <range> -PN
Conclusion –
Netdiscover works by sending ARP requests to the local network and listening for responses. ARP (Address Resolution Protocol) is a protocol used to map a network address (such as an IP address) to a physical address (such as a MAC address). When Netdiscover sends an ARP request, it sends a broadcast message to all hosts on the network, asking each host to respond with its physical address.
When a host receives an ARP request, it checks whether the requested IP address is its own. If it is, the host responds with its physical address. Netdiscover listens for these responses and uses them to build a list of hosts on the network. The list includes the IP address, MAC address, and hostname (if available) of each host that responds to the ARP request.
Netdiscover can be a useful tool for network administrators and security professionals to identify potential security risks on a local network. However, it should be used responsibly and with the permission of the network owner. Unauthorized use of network scanning tools can be illegal and can lead to serious consequences.
