Discovering Devices on the Network with Python ARP

Introduction

Discovering devices on a network is a fundamental requirement for network administrators and security experts. ARP (Address Resolution Protocol) is a crucial network protocol used to translate IP addresses into MAC addresses. The Python Scapy library is a powerful tool for creating and analyzing network packets. In this article, we will learn how to perform ARP discovery using Python Scapy and explore how we can use it to find devices on the network.

Learning Objectives

• Understand the OSI Model
• Understand what ARP protocol is
• Learn to perform ARP Discover operations using Python’s Scapy library
• Learn to write ARP Discover code to detect devices on the network

Understanding the OSI Model:

The OSI (Open Systems Interconnection) Model is a reference model that systematically defines and standardizes network communication. This model divides network communication into seven layers, each responsible for specific functions. The OSI Model breaks down the communication process into understandable and manageable parts, explaining how different network components interact with each other, For more read our Blog.

Layers of the OSI Model:

1. Physical Layer
2. Data Link Layer
3. Network Layer
4. Transport Layer
5. Session Layer
6. Presentation Layer
7. Application Layer

In conclusion, the OSI Model makes network communication understandable and manageable by dividing it into layers. Each layer performs a specific function and standardizes the communication process.

Understanding How ARP Works:

ARP (Address Resolution Protocol) is a protocol used to translate IP addresses of devices on a network into their corresponding MAC addresses. Network devices need to know the MAC address of the target device to establish communication, and they use ARP to obtain this information.

When a device needs to learn the MAC address of a device with a specific IP address, it sends an ARP request (ARP Request). This request is broadcasted, meaning it is sent to all devices on the network. The device with the target IP address receives the ARP request and responds with an ARP reply (ARP Reply) containing its own MAC address.

The device that initiated the ARP request receives this reply and learns the MAC address of the target device, allowing communication to begin. Additionally, the device stores this information in its memory for a period of time, eliminating the need to send ARP requests again for subsequent communications.

ARP plays a fundamental role in network communication by facilitating the establishment of communication between devices, arp sniffiger with Python.

Let’s Start Writing Our ARP Discover Code

Below is an example class in Python that performs ARP discovery using the Scapy library. These codes send ARP packets to detect devices within a specific IP range.

from scapy.all import ARP, Ether, srp

class ARPDiscover:
    def __init__(self, interface):
        self.interface = interface

    def discover(self, target_ip):
        # Create ARP packet
        arp = ARP(pdst=target_ip)

        # Create Ethernet frame
        ether = Ether(dst="ff:ff:ff:ff:ff:ff")

        # Combine ARP packet and Ethernet frame
        packet = ether/arp

        # Send packets and capture responses
        result = srp(packet, timeout=3, iface=self.interface, verbose=False)[0]

        # Process responses
        devices = []
        for sent, received in result:
            devices.append({'ip': received.psrc, 'mac': received.hwsrc})

        return devices

if __name__ == "__main__":
    interface = "eth0"
    target_ip = "192.168.1.0/24"

    scanner = ARPDiscover(interface)
    devices = scanner.discover(target_ip)

    print("Devices Found:")
    for device in devices:
        print(f"IP: {device['ip']}, MAC: {device['mac']}")

This code sends ARP packets to detect devices within the specified target IP address range and prints the responses received on the screen(Check my professional arp discovery tool called netprobe).

End of Chapter Assignment:

1. Integrate argparse into the program: argparse is a Python module used to handle command-line arguments. By adding this module to your program, you can make your program more flexible for users to use.
2. Share the project on GitHub or a similar platform: Share your program on a platform like GitHub to make it accessible to other developers. This allows you to reach a wider audience and encourage contributions.
3. Tag me on LinkedIn: Tag me in the LinkedIn post of your shared project to reach more people. Here’s the link to my LinkedIn profile: Halil İbrahim Deniz.

These assignments will help you improve your programming skills and share your project with a broader audience. Good luck!

Conclusion

Performing ARP Discover operations using the Scapy library in Python provides network administrators with an important tool for detecting devices on the network and enhancing network security. In this article, you learned what ARP is, how to write ARP Discover code using Python’s Scapy library, and how to detect devices on the network. With this knowledge, you can effectively manage your network.