| 1 |
Mark Knecht <markknecht <at> gmail.com> writes: |
| 2 |
|
| 3 |
|
| 4 |
> Is there a simple way for me to discover the IP address of any random |
| 5 |
> Windows machine that dropped by and hooked up to my network? |
| 6 |
|
| 7 |
|
| 8 |
emerge fping |
| 9 |
man fping |
| 10 |
|
| 11 |
I use this for a /24 net scan: |
| 12 |
|
| 13 |
fping -g 10.10.2.0/24 |
| 14 |
|
| 15 |
> Extra points if there's a way to discover if a machine has attached by |
| 16 |
> wireless..... |
| 17 |
|
| 18 |
|
| 19 |
Never thought about this, you'd have to script something. |
| 20 |
Get the first 3 hex numbers of all of the know wireless chip |
| 21 |
vendors and then search the registered MAC addresses for these |
| 22 |
strings. |
| 23 |
|
| 24 |
There are databases that exist that tell you which vendor |
| 25 |
the (wireless) ethernet chipsets belong to. That is the first 3/6 |
| 26 |
hex numbers in a MAC address uniquely identify the manufacture. |
| 27 |
|
| 28 |
You'd have to brute force if the ethernet connect is wired, wireless |
| 29 |
or unknown based on a table of the MAC entries (or something like that). |
| 30 |
|
| 31 |
But remember, if the operating system is set to not answer pings |
| 32 |
(fping) then, you'll have to look at something more sophisticated, |
| 33 |
like snort or wireshark outputs. |
| 34 |
|
| 35 |
|
| 36 |
If somebody has a dual boot system (windows and linux) then you |
| 37 |
need to result some to hacker recon(profiling) techniques to |
| 38 |
discern the running OS...... |
| 39 |
|
| 40 |
ymmv, |
| 41 |
James |
Archives