Very simply I am looking to get a list of all devices on a specific subnet for the purpose of identifying their mac address to find all devices by a particular vendor on that network.
Presently I am using nmap to accomplish this, however it makes me specify a host, example 10.0.0.0/24, which is good for 10.0.0.0 addresses, however I would like to be able to get the 10.0.1.0 devices and 10.1.1.0 devices as well.
Any ideas?
try this:
nmap -TAggressive -n -sS -p80 10.0.0.0/24 &>/dev/null
nmap -TAggressive -n -sS -p80 10.0.1.0/24 &>/dev/null
nmap -TAggressive -n -sS -p80 10.1.1.0/24 &>/dev/null
arp -an | awk 'BEGIN {print "MAC IP"}{++i;print $4, $2} END { print i,"hosts found"}' | tr -d '()'