Red October network discovery.

The basis of this article is based on the dialog from the movie known as "The hunt for the Red October". In the movie, one of the key lines was I think "One ping and one ping only". Pinging was a method by submarines equipped with sonar to detect what is around them. Normally you would use more than one ping. In computing we also have a program called ping that does the same thing to detect what is around on the network. There is a very powerful program called nmap that usually automates such activity. That usually takes some kind of administrative power to implement. We will be using a simple linux batch file (could be easily converted to other platforms) to detect what is around us. This tool is perfect for the home network. It will probably not detect what is known as "Man in the middle devices", but at least you can see the visible systems on your network.

The code.

ping.sh: (do not forget "chmod +x ping.sh)
[code]
for i in {1..254}
do
ping 192.168.1.$i -c1 -w1 -v | grep "icmp_seq=1"
done
[/code]

If you have a different network, you will have to change "192.168.1" accordingly, here again we are using the good old "grep" command to extract data from the return stream. it is our sonar scope. Let's run it.

$ ./ping.sh
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.852 ms
64 bytes from 192.168.1.31: icmp_seq=1 ttl=64 time=0.260 ms
64 bytes from 192.168.1.99: icmp_seq=1 ttl=255 time=2.75 ms
64 bytes from 192.168.1.109: icmp_seq=1 ttl=64 time=0.261 ms
64 bytes from 192.168.1.115: icmp_seq=1 ttl=64 time=0.064 ms
$ _

Ok, there are five devices on the network. We need to know more. There is what is call DNS or "Domain naming service". We can use the router to tell us what the ipaddresses maybe are known as.

The code.

nslookup.sh: (Do not forget to make it executable with chmod +x nslookup.sh")
[code]
for i in {1..254}
do
nslookup 192.168.1.$i | grep name
done
[/code]

Let's run it.
$ ./nslookup.sh
1.1.168.192.in-addr.arpa name = my_network.
10.1.168.192.in-addr.arpa name = router2.
20.1.168.192.in-addr.arpa name = router3.
31.1.168.192.in-addr.arpa name = oesrvr1.
115.1.168.192.in-addr.arpa name = oesrvr104
$_

Notice the ipadresses are backwards, but we still can identify units on the network from the list. Two devices show up known as router2 and router3. I know that they are not connected to the network at this time. They just have reserved names in the router. The unit at 99 is actually the print server and should have a reserved name in the router, I can take care of that later. 109 is a temp machine I have set up to test some software. Now if there were any unknown numbers, they would need to be investigated immediately. Again you would need to change "192.168.1." to work with your network.

There you are, two simple tools to check on your network.

Comments

Post a Comment

Popular posts from this blog

Guiless?

Image
You actually can do a minimal windowing from the command line in Linux with dvtm. Dvtm is excellent for low end machines where graphics are not a priority. In the picture shown we have a working clock, SC a spreadsheet that you can easily export data to your favorite desktop spreadsheet such as Libreoffice, Links2 a web browser pointed to www.google.com, and finally nano a pretty decent basic text editor. I prefer vim, but nano has more of a user interface. Cheatsheet: `dvtm` is one simple, easy-to-use terminal multiplexer. Commonly used Options:     -v         prints version information to standard output, then exits.         -m <mod>   set default modifier at runtime.         [cmd...]   Execute cmd after dvtm is started. KeyBoard Shortcuts:     Mod    Each keybinding begins with Mod which defaults to ^g but can  be               changed in config.h or with the -m command line option.                       Mod-c  Create a new shell window.            Mod-x  Cl
Read more

Web.com and Network Solutions, the Walmart of the internet.

Web.com bought Network Solutions last month, and also has bought Register.com . Web.com picked up Network Solutions for $405M plus some stock. I have been using an e-commerce package form Network Solution for two years. I wouldn’t have noticed the buy out as the Network Solutions site has not changed. A couple of weeks ago I noticed that Network Solutions was offering some new products such as Gorilla Online Marketing . Soon after that we received a sales call about Gorilla Online Marketing from Network Solutions. When I returned the call the phone was answered by Register.com, I was confused at first but quickly found out about the buy outs. They seem like a good fit, they all target the same types of small to medium size businesses. Network Solution has always had great customer support in my opinion. Their sales people are a little irritating sometimes but they beat the heck out of GoDaddy.com and Comodo.com and you can’t beat the prices. If you can beat the prices ask them for a
Read more

MSOffice vs Libreoffice

Image
From https://wiki.documentfoundation.org/Feature_Comparison:_LibreOffice_-_Microsoft_Office Contents 1 Introduction 2 General office suite: LibreOffice vs. Microsoft Office 3 Word processors: LibreOffice Writer vs. Microsoft Word 4 Spreadsheet applications: LibreOffice Calc vs. Microsoft Excel 5 Presentation software: LibreOffice Impress vs. Microsoft Powerpoint 6 Database program: LibreOffice Base vs. Microsoft Access 7 Extensions: LibreOffice extensions adding outstanding features to LibreOffice 8 See also Introduction This page compares the features of LibreOffice 5.0.0 ( download ) and Microsoft Office 2013 . It separates major and minor feature differences and also includes notes on LibreOffice extensions. The comparison highlights differences and therefore does not display any features which are present in both office suites. The feature comparison table is continuously being updated and is work in progress It is a compilation by users and no
Read more