Re: utility that scans lan for client?
Mel Flynn mel.flynn+fbsd.questi...@mailing.thruhere.net wrote: On Monday 23 March 2009 19:59:36 John Almberg wrote: What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. security/nmap If the box pings, you can simply scan your LAN like: $ nmap -sP 192.168.2.0/24 Or, with no ports needed: $ ping -n -t 5 -i 10 192.168.200.255 Granted you need to know the broadcast address. If you know the interface name, you can get the broadcast address from ifconfig: $ ping -n -t 5 -i 10 ` ifconfig xl0 | sed -n -e 's/^.* broadcast //p' ` BTW both ping and ifconfig are in /sbin, which is perhaps somewhat less likely to be in PATH than /bin and /usr/bin. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Tue, Mar 24, 2009 at 12:43:34AM -0700, per...@pluto.rain.com wrote: Mel Flynn mel.flynn+fbsd.questi...@mailing.thruhere.net wrote: On Monday 23 March 2009 19:59:36 John Almberg wrote: What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. security/nmap If the box pings, you can simply scan your LAN like: $ nmap -sP 192.168.2.0/24 Or, with no ports needed: $ ping -n -t 5 -i 10 192.168.200.255 Granted you need to know the broadcast address. If you know the interface name, you can get the broadcast address from ifconfig: That only works if the OS is configured to reply to broadcast ping, which appears to be usually disabled nowadays. At least on FreeBSD 7.1 net.inet.icmp.bmcastecho defaults to 0. -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
I suspect that you don't have a switch that can port 'mirror' or 'span'. If you do, let us know. Otherwise, if you *really* want to find out what is on your switched Ethernet network, and nmap/arp etc. isn't enough, then I'd recommend an application called 'ettercap'. It runs on the CLI, and a colleague also has a nice GUI for it (under Linux) as well. This will allow you to infiltrate the network at Layer-2 by arp poisoning all connected devices, and intercepting all traffic. Essentially, you perform a MitM, and you become the host (or in a small environment the default gw) that the device is trying to talk to. This way, you can find out not only what the host is, but what it is saying. Please understand that this approach has significant side effects. You can do extensive harm to your local network by using this approach, so read up on it, and be careful. Know what you are doing, and know the ramifications of simply disconnecting yourself from the network prior to stopping the procedure. Not only that, but if you don't own control of the switched environment, this is a very good way to get yourself blocked completely from it. This tactic, and port mirror/span/monitor are the easiest ways to know what is really going on with regards to the wire (if you don't have ACL's and other mitigation/protection strategies already in place). Thanks. This is probably overkill for this little LAN. There are only 8 machines on it, mainly servers and a big printer and this Vonage device. The clients are mainly wireless devices that come and go, depending on who is in the building. The network is just one Cisco router and an Apple Airport Extreme for wireless (the best wireless access point I've ever used.) The wireless network just extends the wired LAN, so all wired and wireless devices are in the same address space. We actually have a couple cheap Airport Express boxes spread around the building, but they are essentially repeaters for the Airport Extreme, to extend the range. All the machines are either FreeBSD servers or Apple laptops (with the occasional rogue Windows laptop that sneaks in :-) The whole network is simple and cheap, with a minimum of wires, but it works. It just bugged me that I didn't know the IP address of the Vonage box. - John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
utility that scans lan for client?
I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. Yes, I am obsessive :-) Any help, much appreciated. -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
Maybe nmap can help you in this case From: John Almberg jalmb...@identry.com To: freebsd-questions@freebsd.org Sent: Monday, March 23, 2009 7:59:36 PM Subject: utility that scans lan for client? I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. Yes, I am obsessive :-) Any help, much appreciated. -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. Yes, I am obsessive :-) Any help, much appreciated. nmap Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: utility that scans lan for client?
On Monday 23 March 2009 19:59:36 John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. security/nmap If the box pings, you can simply scan your LAN like: $ nmap -sP 192.168.2.0/24 Starting Nmap 4.76 ( http://nmap.org ) at 2009-03-23 11:05 AKDT hosts snipped Nmap done: 256 IP addresses (18 hosts up) scanned in 1.11 seconds There's tons of options available (including OS fingerprinting), most of which will require root to run as it needs on-the-fly changes to IP packets. -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Mon, Mar 23, 2009 at 02:59:36PM -0400, John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. How about something as simple as arp -a? This lists the arp cache of machines recently heard by your machine. If you know the IP address of the machine in question and its not in your arp table, ping it. Then the MAC address will appear unless there is a router between here and there. No need to be root. -- David Kelly N4HHE, dke...@hiwaay.net Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Mon, 23 Mar 2009 14:59:36 -0400, John Almberg jalmb...@identry.com wrote: What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. As it has been suggested, nmap is a good tool. Another simple variation would be: % arp -a And for a more detailed analysis, the successor of Ethereal called Wireshark can be very handy (requires X). It makes you be able to see anything that's going on on the LAN (read: everything that reaches your NIC). -- Polytropon From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: utility that scans lan for client?
http://www.softperfect.com/products/networkscanner/ -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of David Kelly Sent: Monday, March 23, 2009 3:19 PM To: John Almberg Cc: freebsd-questions@freebsd.org Subject: Re: utility that scans lan for client? On Mon, Mar 23, 2009 at 02:59:36PM -0400, John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. How about something as simple as arp -a? This lists the arp cache of machines recently heard by your machine. If you know the IP address of the machine in question and its not in your arp table, ping it. Then the MAC address will appear unless there is a router between here and there. No need to be root. -- David Kelly N4HHE, dke...@hiwaay.net Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Mar 23, 2009, at 3:10 PM, Mel Flynn wrote: On Monday 23 March 2009 19:59:36 John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. security/nmap If the box pings, you can simply scan your LAN like: $ nmap -sP 192.168.2.0/24 Starting Nmap 4.76 ( http://nmap.org ) at 2009-03-23 11:05 AKDT hosts snipped Nmap done: 256 IP addresses (18 hosts up) scanned in 1.11 seconds There's tons of options available (including OS fingerprinting), most of which will require root to run as it needs on-the-fly changes to IP packets. That did it. Beautiful. Thanks. -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Mar 23, 2009, at 3:19 PM, David Kelly wrote: On Mon, Mar 23, 2009 at 02:59:36PM -0400, John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. How about something as simple as arp -a? This lists the arp cache of machines recently heard by your machine. If you know the IP address of the machine in question and its not in your arp table, ping it. Then the MAC address will appear unless there is a router between here and there. No need to be root. H'mmm. This is also very interesting. nmap did not find this appliance, as it turns out. But arp -a did found something on 192.168.1.107 (see below) server1 (192.168.1.106) at 0:13:d4:45:45:31 on en1 [ethernet] server2 (192.168.1.107) at (incomplete) on en1 [ethernet] server3 (192.168.1.108) at 0:23:12:f8:5e:fd on en1 [ethernet] I'm guessing this appliance (a Vonage phone adapter) is doing something non-standard. -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Mon, 23 Mar 2009 14:59:36 -0400, John Almberg wrote: JA I've tried googling for this, but I guess I don't know the name of a JA utility such as this... JA JA What I'm looking for is a utility that can scan a LAN for attached JA clients... i.e., computers that are attached to the LAN. ports/net/arping mat be useful for this -- Anton Yuzhaninov ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
On Mon, Mar 23, 2009 at 03:41:55PM -0400, John Almberg wrote: On Mar 23, 2009, at 3:19 PM, David Kelly wrote: How about something as simple as arp -a? This lists the arp cache of machines recently heard by your machine. If you know the IP address of the machine in question and its not in your arp table, ping it. Then the MAC address will appear unless there is a router between here and there. H'mmm. This is also very interesting. nmap did not find this appliance, as it turns out. But arp -a did found something on 192.168.1.107 (see below) server1 (192.168.1.106) at 0:13:d4:45:45:31 on en1 [ethernet] server2 (192.168.1.107) at (incomplete) on en1 [ethernet] server3 (192.168.1.108) at 0:23:12:f8:5e:fd on en1 [ethernet] I'm guessing this appliance (a Vonage phone adapter) is doing something non-standard. No, its just ignoring pings. An incomplete entry in the ARP table says your machine tried to look up that address, creating an entry, but as of the moment the table was read the reply had not yet come back. Whatever router you are using is sure to have the Vonnage appliance in its ARP table. Smart network switches prevent your FreeBSD host from eavesdropping on the ARP packet exchange between Vonnage and router. Otherwise it would be in the arp table if the Vonnage has spoken recently to the router. -- David Kelly N4HHE, dke...@hiwaay.net Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: utility that scans lan for client?
John Almberg wrote: I've tried googling for this, but I guess I don't know the name of a utility such as this... What I'm looking for is a utility that can scan a LAN for attached clients... i.e., computers that are attached to the LAN. I have one box (an appliance that I have no access to), that is on the LAN but I don't know what IP address it's using. I'd like to complete my network map, and that is the one empty box on my chart. Yes, I am obsessive :-) ...and it is ok to be such. I suspect that you don't have a switch that can port 'mirror' or 'span'. If you do, let us know. Otherwise, if you *really* want to find out what is on your switched Ethernet network, and nmap/arp etc. isn't enough, then I'd recommend an application called 'ettercap'. It runs on the CLI, and a colleague also has a nice GUI for it (under Linux) as well. This will allow you to infiltrate the network at Layer-2 by arp poisoning all connected devices, and intercepting all traffic. Essentially, you perform a MitM, and you become the host (or in a small environment the default gw) that the device is trying to talk to. This way, you can find out not only what the host is, but what it is saying. Please understand that this approach has significant side effects. You can do extensive harm to your local network by using this approach, so read up on it, and be careful. Know what you are doing, and know the ramifications of simply disconnecting yourself from the network prior to stopping the procedure. Not only that, but if you don't own control of the switched environment, this is a very good way to get yourself blocked completely from it. This tactic, and port mirror/span/monitor are the easiest ways to know what is really going on with regards to the wire (if you don't have ACL's and other mitigation/protection strategies already in place). Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
