Yeah, but don't forget the 'rogue' machines I'm trying to find out provably don't have a default gateway configured.
My current IP address is 192.168.69.111 I have a machine connected to the same hub as I am, with the IP 10.10.10.10 and no default gateway There's no way I can make LANGuard see that machine unless: 1- I have an IP of the same subnet 2- I correctly configure TCP/IP on that machine. This totally defeats my purpose! I was thinking it was possible to send a broadcast and receiving information about all machines connected to the network, even if they had a different subnet and no gateway! Filipe Joel de Almeida Network Consultant [EMAIL PROTECTED] Mobile: +351 967819600 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of King, John Sent: segunda-feira, 22 de Abril de 2002 21:14 To: NT 2000 Discussions Subject: RE: Network discovery I am not sure how Etherpeek works, but with a basic sniffer you will see an IP address of some sort. Which from what you said sounds like what you see. Now for example, say that you see the IP address 192.168.1.127 in your sniffer program. Open LANguard or any other network scanner and for an address range put in 192.168.1.1 - 192.168.1.254 ... Get it? Now the scanner will scan all of the addresses in between and show you which ones are live.. Just look for the first three numbers of the octet and put 1-254 at the end.. Does that help? Maybe you already understood this..? All that the sniffer will do is point you in the proper direction, by showing you the 'active' IPs on your network. Then you have to scan the full subnet ranger with a scanner to find out what IPs are really being used.. Good Luck ~John ~~~Snort, sniffing packets not glue~~~ -----Original Message----- From: Filipe Joel de Almeida [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 4:06 PM To: NT 2000 Discussions Subject: RE: Network discovery Well, with etherpeek I can only see information packet by packet, and nothing shows up on the nodes or protocols tab... any help on how to use all the data I have already captured to give me a list of all the IP addresses? With Languard, it requires me to specify witch IP's to scan, but I don't know that!! Am I messing up somewhere? Filipe Joel de Almeida Network Consultant [EMAIL PROTECTED] Mobile: +351 967819600 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Allhiser Sent: segunda-feira, 22 de Abril de 2002 20:41 To: NT 2000 Discussions Subject: RE: Network discovery Ahh. You can let the sniffer run for a while. This will let you know who is doing what on your network. For a simple list of addresses, try a simple scanner: http://www.gfi.com/lannetscan/index.htm This, of course depends on what hosts are running at the time. -----Original Message----- From: Filipe Joel de Almeida [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 2:42 PM To: NT 2000 Discussions Subject: RE: Network discovery I've installed the demo version, and it allows me to see packet by packet what's the source address and the destination address, but it seems there's no way of just getting a list of all the addresses. Filipe Joel de Almeida Network Consultant [EMAIL PROTECTED] Mobile: +351 967819600 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Allhiser Sent: segunda-feira, 22 de Abril de 2002 19:13 To: NT 2000 Discussions Subject: RE: Network discovery Depending on the hardware you connect the sniffer to a mirrored or spanned port. the port effectively becomes a hub. -----Original Message----- From: Filipe Joel de Almeida [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 1:09 PM To: NT 2000 Discussions Subject: RE: Network discovery Thanks, I'll look it out. What If I was connected by switches, what could I do to do this? Filipe Joel de Almeida Network Consultant [EMAIL PROTECTED] Mobile: +351 967819600 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Allhiser Sent: segunda-feira, 22 de Abril de 2002 18:52 To: NT 2000 Discussions Subject: RE: Network discovery Yes. Especially since you are connected by hubs. www.wildpackets.com -----Original Message----- From: Filipe Joel de Almeida [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 1:01 PM To: NT 2000 Discussions Subject: RE: Network discovery Is that software able to sniff my network and find all active IP addresses in any subnet? If so, where can I get it? Filipe Joel de Almeida Network Consultant [EMAIL PROTECTED] Mobile: +351 967819600 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of John Allhiser Sent: segunda-feira, 22 de Abril de 2002 18:46 To: NT 2000 Discussions Subject: RE: Network discovery I use and like Wild Packets EtherPeek. -----Original Message----- From: Filipe Joel de Almeida [mailto:[EMAIL PROTECTED]] Sent: Monday, April 22, 2002 12:50 PM To: NT 2000 Discussions Subject: RE: Network discovery > If you network is as disastrous as it sounds, then you may not know what > IP ranges are being used. If that is the case maybe a TCP sniffer could > shed some light on what IPs are on the network. You are right! That is specifically what Is happening! Isn't there any good sniffer that could tell me what IP's are running around on my network? I can't seem to be able to make windump work! ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
