-
March 16th, 2004, 09:37 AM
#1
calling all security pros
ok...I am appealing to all the gods of what is good and unholy in network security. Actually I just figured the collective conscious knows a lot of things that I have never heard of. I am looking for a tool (preferably free) that will scan a network and provide the hostname, MAC, and IP. This is a multiple platform environment, so I will need something that will provide this info for infrastructure, unix based, macintosh based, and windows based equipment. Any ideas? It doesn't have to be a single tool either. Can be multiple tools and hopefully the tools are fast. The tools can also be *nix based or Windows based. I am currently playing with Nmap and sifting through its Man.
Thanks in advance
-
March 16th, 2004, 11:28 AM
#2
Chat Operator
have you checked the leases at the DHCP server? should give you mac, hostname and IP when the comp requests a lease.
If your running a wins server, you could do similar
<Ferrit> Take 1 live chicken, cut the head off, dance around doing the hokey pokey and chanting: GO AWAY BAD VIRUS, GO AWAY BAD VIRUS
-----------------------
Windows 7 Pro x64
Asus P5QL Deluxe
Intel Q6600
nVidia 8800 GTS 320
6 gigs of Ram
2x60 gig OCZ Vertex SSD (raid 0)
WD Black 750 gig
Antec Tri power 750 Watt PSU
Lots of fans
-
March 16th, 2004, 02:07 PM
#3
that would be a lot of DHCP servers to check...any other suggestions?
-
March 16th, 2004, 04:01 PM
#4
Driver Terrier
you have more than one dhcp server on a single broadcast domain?
Never, ever approach a computer saying or even thinking "I will just do this quickly."
-
March 16th, 2004, 05:29 PM
#5
Chat Operator
Originally Posted by Sandman72
that would be a lot of DHCP servers to check...any other suggestions?
sandman, unless you individualy query the mac address through software running on the clients system.. say by installing something, you can only remotely query for MAC's inside of a broadcast domain (like noo stated) however, unlike any other broadcast packets, discovers are often sent through relay agents on routers in order to get IP's. In my view, your going to be hoping from each small section of a network, to another to get the MAC's. DHCP's are atleast a central collection point where you have all the pieces of information handy.
If your looking for one tool that well get everything on YOUR network, then what stops it from getting everything else on connected networks? If that occurs, you could run it on the internet and get everyone's mac address........
<Ferrit> Take 1 live chicken, cut the head off, dance around doing the hokey pokey and chanting: GO AWAY BAD VIRUS, GO AWAY BAD VIRUS
-----------------------
Windows 7 Pro x64
Asus P5QL Deluxe
Intel Q6600
nVidia 8800 GTS 320
6 gigs of Ram
2x60 gig OCZ Vertex SSD (raid 0)
WD Black 750 gig
Antec Tri power 750 Watt PSU
Lots of fans
-
March 16th, 2004, 10:51 PM
#6
Registered User
To scan YOUR network, or any IP range you like, try LANGuard Network Scanner by GFI . It will show Mac, IP, OS, Device, etc. It's fast, and you can download a free copy last time I checked.
Carpel
-
March 17th, 2004, 07:40 AM
#7
Registered User
Abel&Cain is a great tool for that (and not only ). http://www.oxid.it
Also known as poor man's l0phtcrack. Oh, did I mention that it's free?
Protected by Glock. Don't mess with me!
-
March 17th, 2004, 07:48 AM
#8
Tech-To-Tech Mod
Originally Posted by CeeBee
Abel&Cain is a great tool for that (and not only ). http://www.oxid.it
Also known as poor man's l0phtcrack. Oh, did I mention that it's free?
but when I tried it norton detected a trojan. I'd stay away.
Nonsense prevails, modesty fails
Grace and virtue turn into stupidity - E. Costello
-
March 17th, 2004, 08:10 AM
#9
Registered User
Originally Posted by kato2274
but when I tried it norton detected a trojan. I'd stay away.
Some old antivirus tools might detect older versions of it as a trojan (since it has a server component), but it's not. Most antivirus vendors have REMOVED it from the detection pattern. Do some googling before condamning this tool...
Protected by Glock. Don't mess with me!
-
March 17th, 2004, 08:21 AM
#10
Tech-To-Tech Mod
Originally Posted by CeeBee
Some old antivirus tools might detect older versions of it as a trojan (since it has a server component), but it's not. Most antivirus vendors have REMOVED it from the detection pattern. Do some googling before condamning this tool...
this must be a RECENT development then, because I tried it not too long ago at work and norton corporate 7.5 with definitions updated daily picked it up as a virus. I'll try it again though and see.
oh and PS I believe it's condemning . . . which I wasn't doing just stating some personal experience which I also believe others here have had too. . . adept I believe
Last edited by kato2274; March 17th, 2004 at 08:24 AM.
Nonsense prevails, modesty fails
Grace and virtue turn into stupidity - E. Costello
-
March 17th, 2004, 12:35 PM
#11
For the record:
I am not looking for this for any less than legitimate reason. I would be running the tools on networks that I am approved to work on. (been around lurking long enough to know not to ask about hacking or piracy)
In case i forgot to mention in my original post, I am also looking for something that will allow me to give it a list of ip ranges to scan. I done really want to manually type in a thousand ranges. The windows boxes are easy to get. I can do that and export it to a nice excel sheet. Its the "others" that are giving me headaches.
-
March 17th, 2004, 12:51 PM
#12
Registered User
Cain will do that and it's not a hacking tool. It can scan a given range (or your full subnet) and export IP/MAC/OUI Fingerprint/hostname to a file. Give it a try and you'll love it.
Protected by Glock. Don't mess with me!
-
March 17th, 2004, 02:31 PM
#13
Nessus
Although I do not use nessus for this purpose and it is a bit overkill I know it can grab this information. If you're semi-comfortable with Linux try it out. http://nessus.org.
Other thoughts - this won't help on non-windows machines but how about something in you domain log in script? If you're mostly windows you may be able to do something like:
net config workstation >>(giant_text_file)
Of course then you'll need to grep the file to spearate the good from the bad.
I've just started working with PERL and I bet I could pull the above off a little more cleanly and across the different platforms. If you know someone good with perl you may want to talk to them...
-
March 18th, 2004, 01:33 PM
#14
Registered User
I don't think I saw this one mentioned: http://www.networkview.com
It will grab the information you're looking for and automagically layout the network. It can do some monitoring as well. It fits on a floppy so its easily transportable...
-
March 26th, 2004, 01:22 PM
#15
Check out Angry IP scanner from Angry Ziber . Quick and easy, gets IP, Hostname, User via netbios, and MAC address. Not the best but free and simple. Set the options, put in the range, and scan.
Similar Threads
-
By pochrist1 in forum Other Software Applications
Replies: 0
Last Post: November 23rd, 2002, 05:05 PM
-
By korpse in forum Certification
Replies: 6
Last Post: March 25th, 2002, 03:18 PM
-
By Ainner in forum Windows NT/2000
Replies: 4
Last Post: May 11th, 2001, 12:06 PM
-
By Ainner in forum Windows NT/2000
Replies: 4
Last Post: May 8th, 2001, 12:10 PM
-
By SebastianLane in forum Tech-To-Tech
Replies: 2
Last Post: August 14th, 1999, 06:43 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks