Results 1 to 3 of 3
  1. #1
    Junior Member
    Join Date
    Mar 2013

    network scanning..the right way...

    What I cant seem to figure out is well. Say im at home and I fire up wireshark and start monitoring on wlan0, what I see is it only monitoring what im doing on this computer,none of the others, can this be changed without rerouting the traffic in iptables? second, say im using nmap and want to do a scan of my network and I know that my internal ip is so I assume scan ? third, say im at my brothers and I get an internal ip of do I assume scan fourth say, im at my house and my brother is having some network issues and I need to trouble shoot from my LAN to his, would I then scan his routers ip address? I just can't seem to figure out how this works: in wifi I get a dynamic ip for lease that would have there network prefix,subnet number in it and I'd get a host number at the end.STOP! how could this possibly work, with a max of 6 digits in there(Networkprefix,subnet#) how could that work globally? it don't add up to me, even if just the routers are actually communicating with the wire. All that aside I think it's a fair question, please shine some light on this subject for me (eys I do know about IPv6) but just cant get a grasp on this current situation.

    advice would be greatly appreciated

  2. #2
    Junior Member
    Join Date
    Jan 2006
    You're lacking a bit of understanding of how NAT functions in some of your questions which is causing you some confusion I think. I'll try and go through one question at a time and forgive me if I miss anything.

    1) Remember that switches direct traffic from your computer right to the router and back again, unlike hubs where you would see all the traffic on the network. Essentially with a network switch you're seeing ONLY the traffic flowing back and forth between your computer and the devices you're sending/receiving from. Switches are smart that way, they'll direct traffic right to you.

    2) NAT works by utilizing two different networks - one the larger Internet WAN and a local network (your 192 or 172 network) with a router that directs traffic between them. If you were to use nmap with a /24 you would be only scanning everything from 0-255 in the last digit of the IP address. SO for example if your IP is and you type nmap you're doing a scan of computers between and - which would be why you would get no results. Try nmap and you should see a result from your own PC

    3) As I said with NAT essentially you have two IP addresses - one on your own local network (the 192) and one given to your router that operates globally on the internet. Go to Google and check out whatsmyip.org to see what I'm talking about.

  3. #3
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    SW MO
    It is possible to use ARP spoofing/poisoning to capture traffic on a switched network. Look up 'man in the middle' attacks. It is a pretty interesting concept. There are some free utilities that you can play around with as well. Ettercap on Linux, and Cain&Abel on Windows are two that come to mind.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"


Similar Threads

  1. Enterprise Network Scanning
    By d34dl0k1 in forum Network Security Discussions
    Replies: 4
    Last Post: September 18th, 2008, 09:39 PM
  2. Network Scanning Policy - Template
    By thehorse13 in forum Network Security Discussions
    Replies: 5
    Last Post: June 1st, 2003, 02:03 AM
  3. Network Scanning, how many servers?
    By redhawk14506 in forum IDS & Scanner Discussions
    Replies: 7
    Last Post: June 1st, 2003, 01:42 AM
  4. problems with a virus that does network scanning (LINUX)
    By turin in forum Newbie Security Questions
    Replies: 3
    Last Post: July 2nd, 2002, 02:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

We have made updates to our Privacy Policy to reflect the implementation of the General Data Protection Regulation.