How do I find out how many servers there are on a network? Other than scanning, oh and is there a specific port I should look for other than 8080(Standard http proxy)?
Printable View
How do I find out how many servers there are on a network? Other than scanning, oh and is there a specific port I should look for other than 8080(Standard http proxy)?
if you're running windows, maybe the "net" command could help?
try typing "net view" into the command line...
Unless you steal a network map from the WAN group, scanning is the best way to discover boxes. ;)
The way I would do it is with NMAP. It will scan an entire network and guess at the OS of every machine that it hits. Grab yourself a Linux box or get NMAP for Windows and plug away. Note that you will need libpcap installed *before* you can use NMAP for windows. You can get everything you need from here:
http://www.insecure.org/nmap/nmap_download.html
Specifiying ports assumes that you are looking for a particular service, not just if the server is alive. 8080 is a popular proxy port. Are you looking for parimeter machines? Remote Webserver Management Consoles?
Hope this helps out.
Depends really, MOST networks these days are setup with a DMZ. A Demilitarized Zone (DMZ) is used by a company that wants to host its own Internet services without sacrificing unauthorized access to its private network. The DMZ sits between the Internet and an internal network's line of defense, usually some combination of firewalls and bastion hosts.
Typically, the DMZ contains devices accessible to Internet traffic, such as Web (HTTP ) servers, FTP servers, SMTP (e-mail) servers and DNS servers.
So basically, IF a network has DMZ set up, all you get is the DMZ network. not the whole network. i have set up networks myself and i do recomend putting in a DMZ coz it always works. THE only way u can bypass a DMZ is by accuiring the routing tables.
Hey thehorse13 : NMap can't count the number of server in a specific website. I has used it !
that could be because a specific website is only one ip, therefore one server.
a website is not a network...
tranthanhtung : By scanning using NMAP or whatever you'll be able to find TCP/UDP open port in a range of IP addys.
The bigger the range is, the longer tha scan is!!! & UDP can take ages.
NMAP will tell u the service associated to the port, but if you want to know by yourself have a look in this prvious thread
http://www.antionline.com/showthread...ighlight=ports
one of the nice way to network map a site would be to use a tool like etherape and view the actual protocal transversing across the network, since you know that only specific port and protocol would run from the server. even this is still a long shot since many honeynets could spoof this as well.
w0rm3y