In a message dated: Sun, 17 Feb 2002 12:40:09 EST
Jim McGlaughlin said:
> I am looking for an information resource that discusses command
> line utilities and how to use them to figure out network
> hierarchy, in the form of parent/child IP addresses.
[...snip...]
>I have found tools that do the whole thing for you but I am
> interested in the process and how it works. If I can find the
> info I am looking for I will use it to learn Python.
I've found over the years, and this especially goes for the automated
net mapping tools, that the "parent/child" relationship is one that
can be determined only if you already know the basic network design
to begin with.
For example, who determines if the IP address is one of a "parent" or
a "child"? The person who designed the network in the first place.
Here's a question, is the default gateway IP a parent or a child?
What about the NFS server? The DNS or NIS server ?
The automated tool sets do little to organize the diagram of the
network it "auto-discovers" other than just show you what's connected
to a specific ethernet "segment". They won't show you what's a
server of what, what's a client of what, etc. Usually, the
network/system administrator already knows that, and is just trying
to save some time from having to draw things themselves.
What you might want to do is this:
1. use something like fping to ping a subnet and find live IP
addresses.
2. use nessus or something like that to then scan the live
IP addresses for open ports.
3. For each IP with open ports, draw a picture or make some
notation that will list each open port on that IP address.
Now you have a complete list of active IPs on a subnet with a list of
open ports on each active system. From this you should be able to
determine which ones are servers and which ones are clients.
Obviously certain IP addresses are likely to be gateways or IP
addresses of routers or managed hubs/switches, in which case there
won't, or shouldn't, be any open ports. You could then probe each
on using snmp to determine the manufacturer and model name of the
equipment.
Does that help?
Oh, by the way, you should check out scotty and tkined. They do a
lot of this stuff already. They won't help you learn python, but
they will help you monitor your network, and you can dig into the
code to see how they do certain things.
*****************************************************************
To unsubscribe from this list, send mail to [EMAIL PROTECTED]
with the text 'unsubscribe gnhlug' in the message body.
*****************************************************************
