Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Broadcast

  1. November 3rd, 2004, 09:01 PM #1
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Broadcast

    In a normal subnet of 192.168.1.* with a subnet mask of 255.255.255.0, the broadcast address should be 192.168.1.255. I'm trying to ping my network using my this address without succes. Why?

    Where can I find a program that will brodcast a ping or a TCP Port? If you answer me Nmap, please tell the command line or a page where I can find the information! Thank.
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
  2. November 3rd, 2004, 09:03 PM #2
    MrLinus
    MrLinus is offline
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    What are the devices on the network? Generally using ping 192.168.1.255 -t (windows) or ping 192.168.1.255 -b (linux) should work unless ping is surpressed by router/switch/firewall.

    And I'm not sure what you mean by broadcasting a ping or a TCP port. No TCP port can be broadcast so to speak. If you mean broadcasting a ping to a TCP port, IIRC, ICMP is a protocol on it's own and doesn't go to a specific port.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage
    Reply With Quote Reply With Quote
  3. November 3rd, 2004, 09:10 PM #3
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Ping 192.168.1.255 -t doesn't work either. I get Request timed out. I'm sure that my Switch doesn't block me because I have a program that do a Broadcast and that work. I'm trying to make this program work across VPN/Subnet and I'm unable so that why I'm looking for a utilites to do the same to locate the problem. The first step is to be find that program and make it work since my own subnet.
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
  4. November 3rd, 2004, 09:17 PM #4
    MrLinus
    MrLinus is offline
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Have you run arp -a after the ping broadcast just to see if anything is actually being picked up after the fact? What kind of VPN is it? If it's a router-to-router setup, is it possible that one is blocking it? (my gut says something is blocking). Have you done a sniff of the network to see what/where packets are going and other activity that might be going on?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage
    Reply With Quote Reply With Quote
  6. November 3rd, 2004, 09:22 PM #5
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    I'm pretty sure the VPN is blocking the broadcast. But I'm also sure that the broadcast is NOT block in my local subnet. Right now, I only want to be able to broadcast a ping or an UDP port inside my local subnet. After I'm able to do that, I'll attack myself to get the broadcast work across the VPN.
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
  7. November 4th, 2004, 01:33 PM #6
    SirDice
    SirDice is offline
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    192.168.1.255 is a subnet broadcast. 255.255.255.255 is a broadcast address.

    What OSs are there on that subnet? If it consists of windows only machines you'll never get a response. A Windows machine will not respond to a broadcast ping (by default). A linux machine may respond depending on the configuration (read: distro). Both have the option to turn it on or off.

    Please note: You should make sure it's turned off. If it's turned on your network is vulnerable to a smurf attack.

    As for nmap, try nmap -sP -vv -n 192.168.1.255

    Originally posted here by MsMittens
    No TCP port can be broadcast so to speak.
    Try and send a SYN packet to 192.168.1.255/port 80 i.e. and see what happens..not sure what should though..

    nmap -sS -vv -n -p80 -P0 192.168.1.255 should do the trick.
    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Reply With Quote Reply With Quote
  8. November 4th, 2004, 04:32 PM #7
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Can I broadcast over a UDP port? Will I get answer from service listening over that port?

    I try doing a nmap -sU -p***** -v -P0 255.255.255.255
    Starting nmap 3.75 ( http://www.insecure.org/nmap ) at 2004-11-04 10:31 Eastern
    Standard Time
    Initiating UDP Scan against 255.255.255.255 [1 port] at 10:31
    The UDP Scan took 2.06s to scan 1 total ports.
    Host 255.255.255.255 appears to be up ... good.
    Interesting ports on 255.255.255.255:
    PORT STATE SERVICE
    *****/udp open|filtered unknown

    Nmap run completed -- 1 IP address (1 host up) scanned in 2.235 seconds
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
  9. November 4th, 2004, 04:43 PM #8
    MrLinus
    MrLinus is offline
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    nmap -sS -vv -n -p80 -P0 192.168.1.255
    I would have thought that it would have been more like nmap -sS -vv -n -p80 -P0 192.168.1.0/24 sent out over the network rather than the broadcast to get all hosts to respond to a probe of port 80.

    Perhaps someone should get TH13's opinion?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage
    Reply With Quote Reply With Quote
  11. November 4th, 2004, 04:45 PM #9
    SirDice
    SirDice is offline
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    If there's something listening, it's highly probably that it'll respond.
    It might be a good idea to keep a sniffer running when doing these scans.
    It'll give you more detailed information on what's happening.

    nmap -sS -vv -n -p80 -P0 192.168.1.0/24
    That would scan all addresses in the 192.168.1.0-192.168.1.255 range.
    It would be the same as using 192.168.1.*

    Oliver's Law:
    Experience is something you don't get until just after you need it.
    Reply With Quote Reply With Quote
  12. November 4th, 2004, 05:41 PM #10
    SDK
    SDK is offline
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    I try those command and both work

    nmap -sU -p42508 -P0 -S 192.168.1.18 -vv 192.168.1.1-10

    nmap -sU -p42508 -P0 -S 192.168.1.18 -vv 192.168.2.50-65

    Does I need the answer to this question : Can I broadcast over a UDP port? If yes, how?

    What I find stranage also is doing a nmap -sU -p42508 -P0 -S 192.168.1.18 -vv 255.255.255.255 only return me one host. This, I don't understand at all.
    -Simon \"SDK\"
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules