Ubuntu 18.04 を搭載したコンピューターを新しくセットアップし、自宅の Wi-Fi に接続しました。arp -a同じネットワークに接続されている他のデバイスをスキャンするコマンドを実行しようとすると、非常に奇妙な出力が表示されます。
まず、次の点を確認して接続が正常であることを確認しますifconfig。
john@home:~$ ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 246054 bytes 21958490 (21.9 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 246054 bytes 21958490 (21.9 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlo1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.14 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::e3f:e0a5:2438:a96a prefixlen 64 scopeid 0x20<link>
inet6 240d:1a:6a5:c900:1420:b3cc:994b:1b7b prefixlen 64 scopeid 0x0<global>
inet6 240d:1a:6a5:c900:74f4:f504:3a41:bc12 prefixlen 64 scopeid 0x0<global>
ether 04:33:c2:c4:02:a2 txqueuelen 1000 (Ethernet)
RX packets 2452125 bytes 3302288691 (3.3 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 964749 bytes 117659686 (117.6 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
IP アドレスは 192.168.1.14 です。次に試しましたarp -a:
john@home:~$ arp -a
? (192.168.1.19) at 92:c4:78:3c:46:16 [ether] on wlo1
_gateway (192.168.1.1) at e4:7e:66:1f:bf:4c [ether] on wlo1
? (192.168.1.5) at 26:36:46:f9:69:83 [ether] on wlo1
私のiPadのIPアドレスは192.168.1.19で、私の携帯電話のIPアドレスは であることが確認できたので、これは理にかなっています。192.168.1.5
しかし、しばらくしてarp -a再度実行してみると、驚くべき出力が得られました。
john@home:~$ arp -a
? (192.168.1.206) at <incomplete> on wlo1
? (192.168.1.183) at <incomplete> on wlo1
? (192.168.1.107) at <incomplete> on wlo1
? (192.168.1.8) at <incomplete> on wlo1
? (192.168.1.18) at <incomplete> on wlo1
? (192.168.1.165) at <incomplete> on wlo1
? (192.168.1.186) at <incomplete> on wlo1
? (192.168.1.110) at <incomplete> on wlo1
? (192.168.1.77) at <incomplete> on wlo1
? (192.168.1.33) at <incomplete> on wlo1
? (192.168.1.178) at <incomplete> on wlo1
? (192.168.1.123) at <incomplete> on wlo1
? (192.168.1.112) at <incomplete> on wlo1
? (192.168.1.96) at <incomplete> on wlo1
? (192.168.1.117) at <incomplete> on wlo1
? (192.168.1.74) at <incomplete> on wlo1
? (192.168.1.95) at <incomplete> on wlo1
? (192.168.1.84) at <incomplete> on wlo1
? (192.168.1.41) at <incomplete> on wlo1
? (192.168.1.62) at <incomplete> on wlo1
? (192.168.1.51) at <incomplete> on wlo1
? (192.168.1.8) at <incomplete> on wlo1
? (192.168.1.29) at <incomplete> on wlo1
? (192.168.1.18) at <incomplete> on wlo1
? (192.168.1.231) at <incomplete> on wlo1
? (192.168.1.252) at <incomplete> on wlo1
? (192.168.1.241) at <incomplete> on wlo1
? (192.168.1.198) at <incomplete> on wlo1
? (192.168.1.219) at <incomplete> on wlo1
? (192.168.1.208) at <incomplete> on wlo1
? (192.168.1.165) at <incomplete> on wlo1
? (192.168.1.186) at <incomplete> on wlo1
? (192.168.1.143) at <incomplete> on wlo1
? (192.168.1.132) at <incomplete> on wlo1
? (192.168.1.153) at <incomplete> on wlo1
? (192.168.1.110) at <incomplete> on wlo1
? (192.168.1.99) at <incomplete> on wlo1
? (192.168.1.120) at <incomplete> on wlo1
? (192.168.1.77) at <incomplete> on wlo1
? (192.168.1.66) at <incomplete> on wlo1
? (192.168.1.87) at <incomplete> on wlo1
? (192.168.1.44) at <incomplete> on wlo1
? (192.168.1.33) at <incomplete> on wlo1
? (192.168.1.54) at <incomplete> on wlo1
? (192.168.1.11) at <incomplete> on wlo1
? (192.168.1.21) at <incomplete> on wlo1
? (192.168.1.234) at <incomplete> on wlo1
? (192.168.1.244) at <incomplete> on wlo1
? (192.168.1.201) at <incomplete> on wlo1
? (192.168.1.222) at <incomplete> on wlo1
? (192.168.1.211) at <incomplete> on wlo1
? (192.168.1.168) at <incomplete> on wlo1
? (192.168.1.189) at <incomplete> on wlo1
? (192.168.1.178) at <incomplete> on wlo1
? (192.168.1.135) at <incomplete> on wlo1
? (192.168.1.156) at <incomplete> on wlo1
? (192.168.1.145) at <incomplete> on wlo1
? (192.168.1.102) at <incomplete> on wlo1
? (192.168.1.123) at <incomplete> on wlo1
? (192.168.1.112) at <incomplete> on wlo1
? (192.168.1.69) at <incomplete> on wlo1
? (192.168.1.90) at <incomplete> on wlo1
? (192.168.1.47) at <incomplete> on wlo1
? (192.168.1.36) at <incomplete> on wlo1
? (192.168.1.57) at <incomplete> on wlo1
? (192.168.1.3) at <incomplete> on wlo1
? (192.168.1.24) at <incomplete> on wlo1
? (192.168.1.237) at <incomplete> on wlo1
? (192.168.1.226) at <incomplete> on wlo1
? (192.168.1.247) at <incomplete> on wlo1
? (192.168.1.204) at <incomplete> on wlo1
? (192.168.1.193) at <incomplete> on wlo1
? (192.168.1.214) at <incomplete> on wlo1
? (192.168.1.171) at <incomplete> on wlo1
? (192.168.1.160) at <incomplete> on wlo1
? (192.168.1.181) at <incomplete> on wlo1
? (192.168.1.138) at <incomplete> on wlo1
? (192.168.1.159) at <incomplete> on wlo1
? (192.168.1.148) at <incomplete> on wlo1
? (192.168.1.105) at <incomplete> on wlo1
? (192.168.1.126) at <incomplete> on wlo1
? (192.168.1.115) at <incomplete> on wlo1
? (192.168.1.72) at <incomplete> on wlo1
? (192.168.1.93) at <incomplete> on wlo1
? (192.168.1.82) at <incomplete> on wlo1
? (192.168.1.39) at <incomplete> on wlo1
? (192.168.1.60) at <incomplete> on wlo1
? (192.168.1.49) at <incomplete> on wlo1
? (192.168.1.6) at <incomplete> on wlo1
? (192.168.1.27) at <incomplete> on wlo1
? (192.168.1.16) at <incomplete> on wlo1
? (192.168.1.229) at <incomplete> on wlo1
? (192.168.1.250) at <incomplete> on wlo1
? (192.168.1.207) at <incomplete> on wlo1
? (192.168.1.196) at <incomplete> on wlo1
? (192.168.1.217) at <incomplete> on wlo1
? (192.168.1.174) at <incomplete> on wlo1
? (192.168.1.163) at <incomplete> on wlo1
? (192.168.1.184) at <incomplete> on wlo1
? (192.168.1.141) at <incomplete> on wlo1
? (192.168.1.130) at <incomplete> on wlo1
? (192.168.1.151) at <incomplete> on wlo1
? (192.168.1.108) at <incomplete> on wlo1
? (192.168.1.97) at <incomplete> on wlo1
? (192.168.1.118) at <incomplete> on wlo1
? (192.168.1.75) at <incomplete> on wlo1
? (192.168.1.64) at <incomplete> on wlo1
? (192.168.1.85) at <incomplete> on wlo1
? (192.168.1.42) at <incomplete> on wlo1
? (192.168.1.63) at <incomplete> on wlo1
? (192.168.1.52) at <incomplete> on wlo1
? (192.168.1.9) at <incomplete> on wlo1
? (192.168.1.30) at <incomplete> on wlo1
? (192.168.1.19) at <incomplete> on wlo1
? (192.168.1.232) at <incomplete> on wlo1
? (192.168.1.253) at <incomplete> on wlo1
? (192.168.1.242) at <incomplete> on wlo1
? (192.168.1.199) at <incomplete> on wlo1
? (192.168.1.220) at <incomplete> on wlo1
? (192.168.1.209) at <incomplete> on wlo1
? (192.168.1.166) at <incomplete> on wlo1
? (192.168.1.187) at <incomplete> on wlo1
? (192.168.1.176) at <incomplete> on wlo1
? (192.168.1.133) at <incomplete> on wlo1
? (192.168.1.154) at <incomplete> on wlo1
? (192.168.1.111) at <incomplete> on wlo1
? (192.168.1.100) at <incomplete> on wlo1
? (192.168.1.121) at <incomplete> on wlo1
? (192.168.1.78) at <incomplete> on wlo1
? (192.168.1.67) at <incomplete> on wlo1
? (192.168.1.88) at <incomplete> on wlo1
? (192.168.1.45) at <incomplete> on wlo1
? (192.168.1.34) at <incomplete> on wlo1
? (192.168.1.55) at <incomplete> on wlo1
? (192.168.1.12) at <incomplete> on wlo1
_gateway (192.168.1.1) at e4:7e:66:1f:bf:4c [ether] on wlo1
? (192.168.1.22) at <incomplete> on wlo1
? (192.168.1.235) at <incomplete> on wlo1
? (192.168.1.224) at <incomplete> on wlo1
? (192.168.1.245) at <incomplete> on wlo1
? (192.168.1.202) at <incomplete> on wlo1
? (192.168.1.223) at <incomplete> on wlo1
? (192.168.1.212) at <incomplete> on wlo1
? (192.168.1.169) at <incomplete> on wlo1
? (192.168.1.190) at <incomplete> on wlo1
? (192.168.1.179) at <incomplete> on wlo1
? (192.168.1.136) at <incomplete> on wlo1
? (192.168.1.157) at <incomplete> on wlo1
? (192.168.1.146) at <incomplete> on wlo1
? (192.168.1.103) at <incomplete> on wlo1
? (192.168.1.124) at <incomplete> on wlo1
? (192.168.1.113) at <incomplete> on wlo1
? (192.168.1.70) at <incomplete> on wlo1
? (192.168.1.91) at <incomplete> on wlo1
? (192.168.1.80) at <incomplete> on wlo1
? (192.168.1.37) at <incomplete> on wlo1
? (192.168.1.58) at <incomplete> on wlo1
? (192.168.1.15) at <incomplete> on wlo1
? (192.168.1.4) at <incomplete> on wlo1
? (192.168.1.25) at <incomplete> on wlo1
? (192.168.1.238) at <incomplete> on wlo1
? (192.168.1.227) at <incomplete> on wlo1
? (192.168.1.248) at <incomplete> on wlo1
? (192.168.1.205) at <incomplete> on wlo1
? (192.168.1.194) at <incomplete> on wlo1
? (192.168.1.215) at <incomplete> on wlo1
? (192.168.1.172) at <incomplete> on wlo1
? (192.168.1.161) at <incomplete> on wlo1
? (192.168.1.182) at <incomplete> on wlo1
? (192.168.1.139) at <incomplete> on wlo1
? (192.168.1.128) at <incomplete> on wlo1
? (192.168.1.149) at <incomplete> on wlo1
? (192.168.1.106) at <incomplete> on wlo1
? (192.168.1.127) at <incomplete> on wlo1
? (192.168.1.116) at <incomplete> on wlo1
? (192.168.1.73) at <incomplete> on wlo1
? (192.168.1.94) at <incomplete> on wlo1
? (192.168.1.83) at <incomplete> on wlo1
? (192.168.1.40) at <incomplete> on wlo1
? (192.168.1.61) at <incomplete> on wlo1
? (192.168.1.50) at <incomplete> on wlo1
? (192.168.1.7) at <incomplete> on wlo1
? (192.168.1.28) at <incomplete> on wlo1
? (192.168.1.17) at <incomplete> on wlo1
? (192.168.1.230) at <incomplete> on wlo1
? (192.168.1.251) at <incomplete> on wlo1
? (192.168.1.240) at <incomplete> on wlo1
? (192.168.1.197) at <incomplete> on wlo1
? (192.168.1.218) at <incomplete> on wlo1
? (192.168.1.175) at <incomplete> on wlo1
? (192.168.1.164) at <incomplete> on wlo1
? (192.168.1.185) at <incomplete> on wlo1
? (192.168.1.142) at <incomplete> on wlo1
? (192.168.1.131) at <incomplete> on wlo1
? (192.168.1.152) at <incomplete> on wlo1
? (192.168.1.109) at <incomplete> on wlo1
? (192.168.1.98) at <incomplete> on wlo1
? (192.168.1.119) at <incomplete> on wlo1
? (192.168.1.76) at <incomplete> on wlo1
? (192.168.1.65) at <incomplete> on wlo1
? (192.168.1.86) at <incomplete> on wlo1
? (192.168.1.43) at <incomplete> on wlo1
? (192.168.1.32) at <incomplete> on wlo1
? (192.168.1.53) at <incomplete> on wlo1
? (192.168.1.10) at <incomplete> on wlo1
? (192.168.1.31) at <incomplete> on wlo1
? (192.168.1.20) at <incomplete> on wlo1
? (192.168.1.233) at <incomplete> on wlo1
? (192.168.1.254) at <incomplete> on wlo1
? (192.168.1.243) at <incomplete> on wlo1
? (192.168.1.200) at <incomplete> on wlo1
? (192.168.1.221) at <incomplete> on wlo1
john@home:~$
これは何ですか? 何が起こったのですか?arp -a同じネットワーク上の他のデバイスをスキャンしてリストするはずだと思っていました。この結果は何ですか?
答え1
arp -a同じネットワーク上の他のデバイスをスキャンしてリストするはずだと思いました。
arp -aスキャンは行いません。カーネルの IPv4 ネットワーク ネイバー キャッシュのみを表示します。出力内のエントリは、すでにキャッシュ内に存在するため表示されるものであり、 を実行したから表示されるものではありませんarp。
これらの結果は何ですか?
不完全なエントリとは、特定の IP アドレスのネットワーク ネイバーの MAC アドレスを検出する要求が送信されたが、応答が (まだ) 受信されていないことを意味します。有効な応答がすぐにある場合はエントリが完了し、しばらくキャッシュに残ります。有効な応答がない場合は、不完全なエントリはすぐにキャッシュから削除されます。
今何があったの?
OS 内の何かがこれらすべての IP アドレスにアクセスしようとしました。実際のスキャナー (例 ) であった可能性がありますnmap 192.168.1.0/24。
完全なエントリにならない不完全なエントリは、OS が関連する IP アドレスに定期的にアクセスしようとしない限り、最終的には消えてしまいます。新しいアクセスを試行するとエントリが再び表示されるか、またはエントリが最初から消えないようにすることができます。
スキャナなどを実行している(または実行し続けている)のがあなたであれば、心配する必要はありません。 からの出力はarp -a正常です。 が現在いくつかのエントリしか出力していない場合でもarp -a、次のようにすると多くのエントリが出力されます。
nmap 192.168.1.0/24; arp -a
自分に責任がない場合は、調査する価値があります。知らないうちに OS からネットワークがスキャンされたという事実は、OS が侵害されたことを示している場合とそうでない場合があります。