Para escanear una red en busca de servidores de DHCP a través del comando Nmap utilizamos el siguiente comando.
sudo nmap -sU -p 67 --script=dhcp-discover 192.168.1.0/24
En este caso estoy escaneando la red 192.168.1.0 con mascara de 24 bits, el resultado fue el siguiente, donde solo se encontro la ip 192.168.1.1 como servidor de DHCP.
Starting Nmap 6.40 ( http://nmap.org ) at 2015-12-28 22:41 CST Nmap scan report for speedtouch.lan (192.168.1.1) Host is up (0.0076s latency). PORT STATE SERVICE 67/udp open|filtered dhcps MAC Address: 00:24:17:B6:F6:26 (Thomson Telecom Belgium) Nmap scan report for Chromecast.lan (192.168.1.4) Host is up (0.23s latency). PORT STATE SERVICE 67/udp closed dhcps MAC Address: A4:77:33:00:CB:C9 (Unknown) Nmap scan report for android-15f298e1d459a581.lan (192.168.1.5) Host is up (0.36s latency). PORT STATE SERVICE 67/udp closed dhcps MAC Address: EC:1F:72:D9:F6:8C (Unknown) Nmap scan report for android-c71732d9c21c46cb.lan (192.168.1.10) Host is up (0.23s latency). PORT STATE SERVICE 67/udp closed dhcps MAC Address: 20:02:AF:CB:D8:1A (Murata Manufactuaring Co.) Nmap scan report for speedtouch.lan (192.168.1.254) Host is up (0.24s latency). PORT STATE SERVICE 67/udp open dhcps | dhcp-discover: | DHCP Message Type: DHCPACK | Server Identifier: 192.168.1.1 | Subnet Mask: 255.255.255.0 | Domain Name Server: 192.168.1.1 | Domain Name: lan |_ Router: 192.168.1.1 MAC Address: 00:24:17:B6:F6:26 (Thomson Telecom Belgium) Nmap scan report for mint1.lan (192.168.1.14) Host is up (0.00013s latency). PORT STATE SERVICE 67/udp closed dhcps Nmap done: 256 IP addresses (6 hosts up) scanned in 19.62 seconds
Acerca del Autor
Mas informacion sobre el autor de este Blog