Layer 2 Config and Analysis
Investigate layer 2 activity on a local network
Basics
See and analyze information from the interfaces
ip addr show # List all IPs for all interfaces
ip route show # Show all known routes
ip link set eth0 down # Disable eth0 interface
ip link set eth0 up # Enable eth0 interface
ip neigh # List the ARP table
Make changes to the interfaces
ip addr add 192.168.1.1/24 dev eth0 # Configures an IP
ip route add default via 192.168.1.1 # Configure default route
Layer 2 Scanning
Try to find other devices on the local network using ARP scanning and other neat tricks. These generally require sudo
permissions because it is frame crafting.
sudo arp-scan -I eth0 192.168.0.0/24
sudo netdiscover -r 192.168.0.0/24
sudo nmap -sn 192.168.0.0/24
nbtscan -r 192.168.0.0/24 # Scanning with NetBIOS, more useful inside a domain
alive6 eth0 # Send IPv6 ICMP out an interface
Scapy is another great tool to craft frames on the wire :) 👷♂️
Last updated
Was this helpful?