Layer 2 Config and Analysis

Investigate layer 2 activity on a local network


See and analyze information from the interfaces

ip addr show     # List all IPs for all interfaces
ip route show    # Show all known routes
ip link set eth0 down    # Disable eth0 interface
ip link set eth0 up      # Enable eth0 interface
ip neigh         # List the ARP table

Make changes to the interfaces

ip addr add dev eth0     # Configures an IP
ip route add default via    # Configure default route

Layer 2 Scanning

Try to find other devices on the local network using ARP scanning and other neat tricks. These generally require sudo permissions because it is frame crafting.

sudo arp-scan -I eth0
sudo netdiscover -r
sudo nmap -sn

nbtscan -r     # Scanning with NetBIOS, more useful inside a domain

alive6 eth0            # Send IPv6 ICMP out an interface

Scapy is another great tool to craft frames on the wire :) 👷‍♂ī¸

Last updated