User Tools

Site Tools


find_ip

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
find_ip [2008/02/17 13:53]
latinsud
find_ip [2008/02/17 13:56]
latinsud add another example
Line 14: Line 14:
   13:​46:​05.676650 00:​03:​6f:​e1:​5b:​21 > 00:​1a:​73:​3f:​7a:​9d,​ ethertype IPv4 (0x0800), length 142: 80.58.32.97.53 > 192.168.0.1 94.33387: ​ 5597 4/0/0 ...   13:​46:​05.676650 00:​03:​6f:​e1:​5b:​21 > 00:​1a:​73:​3f:​7a:​9d,​ ethertype IPv4 (0x0800), length 142: 80.58.32.97.53 > 192.168.0.1 94.33387: ​ 5597 4/0/0 ...
 In this example, ''​192.168.0.194''​ is a host in the network, and ''​00:​03:​6f:​e1:​5b:​21''​ is the mac address of the gateway. We don't know the ip address of the gateway yet, that would probably require waiting for an arp packet, or try guess it, or active scan. In this example, ''​192.168.0.194''​ is a host in the network, and ''​00:​03:​6f:​e1:​5b:​21''​ is the mac address of the gateway. We don't know the ip address of the gateway yet, that would probably require waiting for an arp packet, or try guess it, or active scan.
 +
  
 ===== DHCP discovery ===== ===== DHCP discovery =====
Line 19: Line 20:
   * If DHCP is enabled on the network, use a dhcp client or a fast discovery tool like [[http://​tv.latinsud.com/​dhd/​|DHD]].   * If DHCP is enabled on the network, use a dhcp client or a fast discovery tool like [[http://​tv.latinsud.com/​dhd/​|DHD]].
  
 +  * Eg:
 +<​code>​
 +# dhd
 +Sniffing on any
 +Injecting on eth1 (00:​0b:​16:​a1:​b2:​c3)
 +
 + #0:
 +        SERVER-MAC: 00:​03:​6f:​e1:​5b:​21
 +               IP: 192.168.0.1
 +        CLIENT-MAC: 00:​0b:​16:​a1:​b2:​c3
 +               IP: 192.168.0.195
 +               MASK: 255.255.255.0
 +        GW: 192.168.0.1
 +        DNS: 192.168.0.1
 +
 + >>​ "​0 ​ "​0 ​ "​0 ​ "0
 +</​code>​
  
 ===== Active scan ===== ===== Active scan =====
Line 26: Line 44:
   * Eg:   * Eg:
  
 +<​code>​
   # netdiscover -i eth1   # netdiscover -i eth1
   Currently scanning: 192.168.1.0/​16 ​  ​| ​  Our Mac is: 00:​0b:​16:​a1:​b2:​c3   Currently scanning: 192.168.1.0/​16 ​  ​| ​  Our Mac is: 00:​0b:​16:​a1:​b2:​c3
Line 35: Line 54:
   192.168.0.1 ​    ​00:​03:​6f:​e1:​5b:​21 ​   01    042   ​Telsey SPA   192.168.0.1 ​    ​00:​03:​6f:​e1:​5b:​21 ​   01    042   ​Telsey SPA
   192.168.0.194 ​  ​00:​1a:​73:​3f:​7a:​9d ​   01    060   ​Unknown vendor   192.168.0.194 ​  ​00:​1a:​73:​3f:​7a:​9d ​   01    060   ​Unknown vendor
 +</​code>​
  
find_ip.txt ยท Last modified: 2008/02/17 13:58 by latinsud