Arp-scan 1.8 - a discovery and fingerprinting tool that uses the address resolution protocol (ARP) to find systems and determine Internet Protocol (IP) addresses and hosts on the local network - has been updated to incorporate the latest IP and MAC address information, added support for Apple Mac OS X to now include Tiger, Leopard and Snow Leopard, new ARP decoding and display, and minor bug fixing.
Arp-scan, which is released under open source GNU General Public License (GPLv3), was developed five years ago by security and penetration testing expert Roy Hills, founder of IT security company NTA Monitor.
Roy Hills said "I have developed and released a new version of arp-scan to incorporate the latest vendor information, keep up-to-date with network and operating system developments and provide additional support and detail to testers.
"Arp-scan is widely-used throughout the industry and is an effective system discovery and fingerprinting tool for identifying IP addresses and hosts where testers may have to scan large address spaces.
"Using arp-scan is an essential first-step in auditing an organisation's network, allowing testers or network managers to quickly map the systems and identify any potential security issues that may need resolving on a local network."
Today, arp-scan has become an important part of the on-site penetration tester's toolkit. It is also valuable for network managers wanting to monitor and keep track of their organisation's systems information.
Since its launch in 2006, arp-scan has been accessed thousands of times - in the last year alone, arp-scan has been downloaded more than 12,000 times.
Roy Hills also developed ike-scan - a popular open source tool that discovers, fingerprints and tests IPsec VPN servers.
This article was first released on: 15th March 2011
I wish to highlight the outstanding work that your consultant undertook whilst doing the ICT Health Check for the Council.
Particularly notable was the level of technical knowledge displayed by NTA’s consultants, and we were also impressed that they were willing to share this knowledge with the network team.
We have found NTA to be an excellent supplier, offering a very good service at a competitive price. A key differentiator is that they are happy to answer any questions...
I have found NTA to be an approachable knowledgeable partner, and have no hesitation in recommending their services.
The quality of both the initial work and follow-up advice and guidance was excellent, and NTA provided full lifecycle support to the development and delivery of our Online Services portfolio.
On one occasion our third-party did not believe the vulnerability was an issue - having had their software tested by another well-known security testing company - and NTA Monitor were...
NTA Monitor are very supportive, especially regarding general questions about Information Security issues such as hacking and vulnerabilities.