Published in


Poor Man’s device discovery (DNS)

# If you don’t want dnsmasq to read /etc/resolv.conf or any other
# file, getting its servers from this file instead (see below), then
# uncomment this.
# Add other name servers here, with domain specs if they are for
# non-public domains.
# mac-vendor.txt — Ethernet vendor file for arp-scan
# This file contains Ethernet vendor mappings for arp-scan. These are used
# to determine the vendor for a give Ethernet interface given the MAC address.
# Each line of this file contains a MAC-vendor mapping in the form:
# <MAC-Prefix><TAB><Vendor>
# Where <MAC-Prefix> is the prefix of the MAC address in hex, and <Vendor>
# is the name of the vendor. The prefix can be of any length from two hex
# digits (one octet) to twelve hex digits (six octets, the entire Ethernet
# hardware address).
# For example:
# 012345 would match 01:23:45:xx:xx:xx, where xx represents any value;
# 0123456 would match 01:23:45:6x:xx:xx; and
# 01234567 would match 01:23:45:67:xx:xx.
# …truncated…
# The alphabetic hex characters [A-F] must be entered in upper case.
# The order of entries in this file are not important.
# arp-scan will attempt to match larger prefixes before trying to match
# smaller ones, and will stop at the first match.
# Blank lines and lines beginning with “#” are ignored.
# Additional information is available on the arp-scan wiki at
B82734FAB128 raspberrypi.home
~# ifconfig eth0 | grep HWaddr
eth0 Link encap:Ethernet HWaddr b8:27:34:fa:b1:28
~# arp-scan -l -m /etc/mac-dns.txt
Interface: eth0, datalink type: EN10MB (Ethernet)
Starting arp-scan 1.8.1 with 256 hosts ( b8:27:34:fa:b1:28 raspberrypi.home
…(truncated output)…14 packets received by filter, 0 packets dropped by kernel
Ending arp-scan 1.8.1: 256 hosts scanned in 2.584 seconds (99.07 hosts/sec). 11 responded
# or if you want it to read another file, as well as /etc/hosts, use
# this.
arp-scan -l -m /etc/mac-dns.txt | head -n-3 | tail -n+3 | cut -f1,3-
*/15 * * * * arp-scan -l -m /etc/mac-dns.txt | head -n-3 | tail -n+3 | cut -f1,3- > /etc/hosts.home && pkill -SIGHUP dnsmasq
~# dig raspberrypi.home; <<>> DiG 9.9.5–9+deb8u6-Raspbian <<>> raspberrypi.home
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13944
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
; EDNS: version: 0, flags:; udp: 4096
;raspberrypi.home. IN A
raspberrypi.home. 0 IN A
;; Query time: 8 msec
;; WHEN: Thu Aug 04 22:25:23 CEST 2016
;; MSG SIZE rcvd: 61



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store