i learned in class today that FF:FF:FF:FF:FF:FF is a broadcast address. if someone were to do a ping to FF:FF:FF:FF:FF:FF with a source address of FF:FF:FF:FF:FF:FF, what exactly would happen? i know this wouldnt go past a router and i dont think this would do anything to a switched network either. however, if im thinking right wouldnt this make everyone talk to everyone on a network joined by a hub? which would be pretty bad....

A ping from a broadcast source will usually be discarded or deauthenticated since it has no valid unicast source. A ping to a specific IP will be precluded by an ARP request through a broadcast address to engage a response from the target. The ping will proceed direct to that address. Pings can progress through routers. ARP requests are usually limited by the bounds of the router. For distant services, DNS is used.

You might wait to learn more from your class before writing further questions.

The only place I can see that such a test might cause a problem would be on a network with SCADA devices. Since SCADA devices weren't originally designed for IP networks they've been adapted but do not always have such stringent checks on packets as native IP devices do.

A ping from a broadcast source will usually be discarded or deauthenticated since it has no valid unicast source. A ping to a specific IP will be precluded by an ARP request through a broadcast address to engage a response from the target. The ping will proceed direct to that address. Pings can progress through routers. ARP requests are usually limited by the bounds of the router. For distant services, DNS is used.

You might wait to learn more from your class before writing further questions.

This is why when preforming scans inside the LAN arp protocol is used but outside a SYN protocol is used