how to find out mac addresses of all machines on network
Solution 1:
You can use nmap to run a ping scan.
nmap -sP 192.168.254.*
Starting Nmap 5.00 ( http://nmap.org ) at 2011-03-09 11:32 GMT
Host xyzzy.lan (192.168.254.189) is up (0.00022s latency).
MAC Address: 00:0C:29:5B:A5:E0 (VMware)
Host plugh.lan (192.168.254.196) is up (0.00014s latency).
MAC Address: 00:0C:29:2E:78:F1 (VMware)
Host foo.lan (192.168.254.200) is up.
Host bar.lan (192.168.254.207) is up (0.00013s latency).
MAC Address: 00:0C:29:2D:94:A0 (VMware)
Nmap done: 256 IP addresses (4 hosts up) scanned in 3.41 seconds
Edit:
A sed script to filter the output to IP -> MAC - put this in a file.
/^Host.*latency.*/{
$!N
/MAC Address/{
s/.*(\(.*\)) .*MAC Address: \(.*\) .*/\1 -> \2/
}
}
/[Nn]map/d
s/^Host .*is up/& but MAC Address cannot be found/
and use it like this
nmap -sP 192.168.254.0/20 | sed -f sedscript
192.168.254.189 -> 00:0C:29:5B:A5:E0
192.168.254.196 -> 00:0C:29:2E:78:F1
Host foo.lan (192.168.254.200) is up but MAC Address cannot be found.
192.168.254.207 -> 00:0C:29:2D:94:A0
Solution 2:
Use nmap. Important to run it as root so you get the MAC addresses. Example:
sudo nmap -sP 192.168.1.0/24
Will scan 192.168.1.1 - 192.168.1.255. Look up CIDR notation on wiki if you're not familiar with this subnet notation.
You should be able to get nmap from the repos of any recentish Linux distro, e.g.
sudo apt-get install nmap
or
sudo yum install nmap
A sample output from my network:
Host 192.168.1.1 is up (0.0069s latency).
MAC Address: 00:0D:54:9B:D8:F4 (3Com)
Host 192.168.1.78 is up (0.0068s latency).
MAC Address: 00:0C:29:BC:3D:1C (VMware)
Host 192.168.1.91 is up (0.0038s latency).
MAC Address: 00:0C:29:8A:F4:A3 (VMware)
Host 192.168.1.92 is up (0.0039s latency).
MAC Address: 00:0C:29:65:60:5F (VMware)
Host 192.168.1.158 is up (0.033s latency).
MAC Address: 00:0C:29:82:24:EA (VMware)
Host 192.168.1.186 is up (0.0024s latency).
MAC Address: 00:0C:29:3E:26:1F (VMware)
Host 192.168.1.190 is up (0.0066s latency).
Solution 3:
Try this command:
arp-scan --interface=eth0 192.168.1.0/24
Solution 4:
As long as you run this command from a host in the same network segment, nmap will report all of the MAC address for each host is discovers.
For example:
sudo nmap 192.168.1.0/24 -sP
Starting Nmap 4.76 ( http://nmap.org ) at 2011-03-09 06:29 EST
Host old.net (192.168.1.1) appears to be up.
MAC Address: 00:18:39:C5:A1:DC (Cisco-Linksys)
For the MAC addresses I need to be root on my Ubuntu box. Also a simple method for a single host is just to ping it and look at the arp table with arp -a if you wanted to only use commands normally included in the initial install of a distribution:
arp -a | grep -v incomplete
foo.net (192.168.1.145) at 00:0d:4b:6a:2c:cb [ether] on eth0
Solution 5:
Depending on your LAN topology, your best shot may be to display the MAC address table on your switches.
So for example, if your switch infrastructure is Cisco, you may try a
sh mac address-table
on every switch.
If you have many switches, you may automate this task through the use of SNMP.
Another option and (again) depending on your topology and your type of networking equipment, you may also try to get the mac addresses of your devices displaying the arp table on your routers.
With either of this two methods you will also obtain the list of mac addresses of any devices that are connected to your network infraestructure: PCs, printers, access points, etc. In the first case, even of devices without an IP address. This may or may not be want you want, but it may worth a try.