Enumeration – Linux

Network Interfaces & Routes

ifconfig
ip a
netstat -r
netstat -antp

ifconfig / ip a – show network interfaces and addresses.
netstat -r – routing table.
netstat -antp – active TCP connections with PID (Linux).

Internal Ping Sweeps (IPv4)

Simple ping sweep

for ip in $(seq 1 254); do ping -c1 -W1 192.168.0.$ip | grep "ttl="; done

Backgrounded sweep

for i in {1..254} ;do (ping -c 1 172.16.5.$i | grep "bytes from" &) ;done

Use the variant that matches the target subnet.

Internal Ping Sweeps (IPv6)

IMPORTANT: Always append the related network interface when working with IPv6!

<command> <ipv6-address>%<NIC>
# e.g.
ping6 fe80::250:56ff:fe94:3f16%ens160

`ff02::1` - all IPv6 nodes

The multicast group “all IPv6 nodes” (EXCLUSIVE to IPv6)

ping6 -I ens160 ff02::1

ping6 -I <iface> ff02::1

Neighbor Table

ip -6 neigh

# MAC addresses confirm these are real hosts:

#fe80::250:56ff:fe94:64ef dev ens160 lladdr 00:50:56:94:64:ef router STALE
#fe80::250:56ff:fe94:3f16 dev ens160 lladdr 00:50:56:94:3f:16 STALE

Connections

ncat -6 -vv fe80::250:56ff:fe94:3f16%evil-c 33060

Linux

Enumeration – Linux

Network Interfaces & Routes

Internal Ping Sweeps (IPv4)

Simple ping sweep

Backgrounded sweep

Internal Ping Sweeps (IPv6)

ff02::1 - all IPv6 nodes

Neighbor Table

Connections

`ff02::1` - all IPv6 nodes