1 |
Mark Knecht <markknecht <at> gmail.com> writes: |
2 |
|
3 |
|
4 |
> Is there a simple way for me to discover the IP address of any random |
5 |
> Windows machine that dropped by and hooked up to my network? |
6 |
|
7 |
|
8 |
emerge fping |
9 |
man fping |
10 |
|
11 |
I use this for a /24 net scan: |
12 |
|
13 |
fping -g 10.10.2.0/24 |
14 |
|
15 |
> Extra points if there's a way to discover if a machine has attached by |
16 |
> wireless..... |
17 |
|
18 |
|
19 |
Never thought about this, you'd have to script something. |
20 |
Get the first 3 hex numbers of all of the know wireless chip |
21 |
vendors and then search the registered MAC addresses for these |
22 |
strings. |
23 |
|
24 |
There are databases that exist that tell you which vendor |
25 |
the (wireless) ethernet chipsets belong to. That is the first 3/6 |
26 |
hex numbers in a MAC address uniquely identify the manufacture. |
27 |
|
28 |
You'd have to brute force if the ethernet connect is wired, wireless |
29 |
or unknown based on a table of the MAC entries (or something like that). |
30 |
|
31 |
But remember, if the operating system is set to not answer pings |
32 |
(fping) then, you'll have to look at something more sophisticated, |
33 |
like snort or wireshark outputs. |
34 |
|
35 |
|
36 |
If somebody has a dual boot system (windows and linux) then you |
37 |
need to result some to hacker recon(profiling) techniques to |
38 |
discern the running OS...... |
39 |
|
40 |
ymmv, |
41 |
James |