Mark Knecht <markknecht <at> gmail.com> writes:
> Is there a simple way for me to discover the IP address of any random > Windows machine that dropped by and hooked up to my network? emerge fping man fping I use this for a /24 net scan: fping -g 10.10.2.0/24 > Extra points if there's a way to discover if a machine has attached by > wireless..... Never thought about this, you'd have to script something. Get the first 3 hex numbers of all of the know wireless chip vendors and then search the registered MAC addresses for these strings. There are databases that exist that tell you which vendor the (wireless) ethernet chipsets belong to. That is the first 3/6 hex numbers in a MAC address uniquely identify the manufacture. You'd have to brute force if the ethernet connect is wired, wireless or unknown based on a table of the MAC entries (or something like that). But remember, if the operating system is set to not answer pings (fping) then, you'll have to look at something more sophisticated, like snort or wireshark outputs. If somebody has a dual boot system (windows and linux) then you need to result some to hacker recon(profiling) techniques to discern the running OS...... ymmv, James
