Tom Brown wrote:
In CentOS 4 does anyone know the switches to get NMAP to reveal the MAC of the host being scanned ?
Others have given you good answers, but I felt I could share some insight on the matter..
The MAC address of a NIC is used by switches to send packets out the right port - As soon as you add a routing element, all traffic to a routed IP appears to be destined for the router, if one goes by the MAC address in the packet.
If the destination MAC were to be encoded in the packet, no switches would be able to keep their internal tables sane, as it would be flooded with MACs, all on the same port (the one connected to the gateway).
When a switch recieves a packet adressed to a MAC that doesn't appear in the switch-internal list, the packet will be flooded (sent out on all ports). Once a packet from that MAC passes through the switch, that MAC will be added to the list, and future packets only leave that one port.
The main function of a switch is to keep irrelevant packets away from hosts, but packets to unknown (to the switch) hosts get sent everywhere, just like a Hub would do.
-- Cheers, Morten :wq _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
