-
August 29th, 2008, 11:33 AM
#21
Member
i do have some experience with NMAP and it is an awesome tool, i know that to detect all machines on a LAN one would have to scan the whole subnet. but i don't know how to scan the subnet for just machines, and not ports on those machines.
can one use NMAP to just scan for machines, and not ports, and if so how?
thanks for your help,
- user0182
-
August 29th, 2008, 11:56 AM
#22
I like null scans for a quick peek at a network.
nmap -sN -P0 192.168.1.0/24
Make sure the ip address matches your LAN's. The results will look like this:
---------------------------------------------------------
C:\Users\brokencrow>nmap -sN -P0 192.168.1.0/24
Starting Nmap 4.68 ( http://nmap.org ) at 2008-08-20 20:12 Eastern Daylight Time
All 1715 scanned ports on 192.168.1.1 are open|filtered
MAC Address: 00:1B:2F:4D:C0:7E (Netgear)
Skipping NULL Scan against 192.168.1.2 because Windows does not support scanning
your own machine (localhost) this way.
0 ports scanned on 192.168.1.2
All 1715 scanned ports on 192.168.1.3 are closed
MAC Address: 00:03:94:0A:84:F2 (Connect One)
All 1715 scanned ports on 192.168.1.7 are closed
MAC Address: 00:1A:4D:7C:6B7 (Giga-byte Technology Co.)
All 1715 scanned ports on 192.168.1.18 are open|filtered
MAC Address: 00:13:20:8F:E3:5E (Intel Corporate)
All 1715 scanned ports on 192.168.1.61 are open|filtered
MAC Address: 00:1F:29:37:48:5B (Hewlett Packard)
All 1715 scanned ports on 192.168.1.62 are closed
MAC Address: 00:A0:A4:13:21:62 (Micros Systems)
All 1715 scanned ports on 192.168.1.63 are closed
MAC Address: 00:A0:A4:13:26:A3 (Micros Systems)
Nmap done: 256 IP addresses (8 hosts up) scanned in 50.947 seconds
----------------------------------------------------------------
Make sure to check out PsInfo, part of the PsTools pkg, for a very handy network tool, too.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
August 29th, 2008, 01:08 PM
#23
using Windows one can view the machines on a LAN in a GUI (Start->Network->Network and Sharing Center->View computers and devices) so i would have assumed that there would also be a command (unless the GUI only shows the same details as the "Net View" command).
Just a quick remark here: the Network Map uses LLTD (Link Layer Topology Discovery), which doesn't come with Windows XP (and you mentioned that you have some XP computers in your network). In order for the Network Map to also show XP computers, you'll need to install an LLTD Responder on those computers.
-
August 29th, 2008, 06:12 PM
#24
Originally Posted by Cider
Net view is half the answer, we are getting somewhere Now is there a switch you can add to net view to display Ip addresses and not just computer names.
Care to elaborate? I've done some searching and, on my XP Pro, Net View /? yields:
NET VIEW
[\\computername [/CACHE] | /DOMAIN[:domainname]]
NET VIEW /NETWORK:NW [\\computername]
so I'm not sure what switch to add to Net View.
I realise there have been several posts with other recommendations.
-
September 1st, 2008, 09:32 AM
#25
Member
hey Ignatius,
i'll try to elaborate, but i not sure about all of this as i'm not in a position to play around with it at the moment.
although, i think the basics are, that the command "net view" typed at the MS DOS Prompt should provide you with a list of the names of all computers on your LAN with shared resources. then the command "net view [computer_name]" should give you a list of shared resources on the specified computer.
i suspect that the limitations of this command are that it only list computer names not IP addresses and that it only shows shared resources on other MS Windows machines. but, as i said i am not currently able to test this, maybe you could test this for me.
regards,
- user0182
-
September 1st, 2008, 02:23 PM
#26
I realise that net view generates a list of computer names. I've tried to create a batch file which strips out the extraneous rubbish (I've done that by net view |find "\\") and sending that to a text file (which I'd then step through and ping using a for loop) but it's not possible ping a computer name which starts with \\. I don't think it's possible to search and replace using batch so I can't get rid of the \\ automatically.
I'm not aware of a switch for net view to return IP addresses, rather than computer names, so I'm intrigued by Cider's comment.
-
September 2nd, 2008, 07:23 AM
#27
Hey there
Well actually I do not know myself - I was hoping you guys would know
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
September 2nd, 2008, 10:16 AM
#28
Originally Posted by Cider
Well actually I do not know myself - I was hoping you guys would know
There isn't such a switch.
-
September 2nd, 2008, 03:20 PM
#29
I don't think it's possible to search and replace using batch so I can't get rid of the \\ automatically.
http://www.dostips.com/DtCodeBatchFi...FindAndReplace
-
September 2nd, 2008, 06:45 PM
#30
Originally Posted by Negative
Hey Negative, that's brilliant! I've seen comments several times (elsewhere) that it's not possible to search and replace using batch but clearly it is.
The technique that I'm trying now is:
1. net view |find "\\" > list.txt
then
2. BatchSubstitute.bat \\ "" > list2.txt
my next step will be to use list2.txt in a for loop to step through and ping the "pure" computer names then I guess the arp table can be interrogated (again, via batch) to return the LAN computers IP addresses.
Similar Threads
-
By akachuckie in forum The Security Tutorials Forum
Replies: 8
Last Post: February 24th, 2005, 01:47 AM
-
By altotheex13 in forum Miscellaneous Security Discussions
Replies: 30
Last Post: January 28th, 2004, 04:24 PM
-
By Agent_Steal in forum Tech Humor
Replies: 2
Last Post: November 6th, 2003, 07:18 PM
-
By Anatra in forum AntiOnline's General Chit Chat
Replies: 4
Last Post: March 31st, 2003, 12:48 PM
-
By micael in forum IDS & Scanner Discussions
Replies: 3
Last Post: February 23rd, 2002, 10:05 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|