Sunday, November 08, 2009

Ubuntu Tricks: Discover Network Connections

There will be many reasons you may want to get a map of connection points in a network. In my case I'd setup several VM's to use DHCP and wasn't sure which to connect to and work on from off-site. Enter nmap, a security auditing tool that does exactly what we want as just a tiny part of its functions.

First you'll need to have it installed:
$ sudo apt-get install nmap

Next, issue a scan and use a filter to get the relevant info, for example:
$ sudo nmap -sP grep up
Host appears to be up.
Host appears to be up.
Host main ( appears to be up.
Host main3 ( appears to be up.
Host appears to be up.
Nmap done: 256 IP addresses (5 hosts up) scanned in 2.548 seconds

In the above example: is a router is another router* is a WinXP machine is this machine

[*] Machines on the other end of .168 aren't shown as they are on a different subnet and we only scanned the in this example. Explaining how to scan beyond the initial subnet would be beyond the scope of this tip. Use your favorite search engine for this. Always be extra careful to put a scope when you do a scan as this could be flagged as a precursor to a network attack by many of today's firewalls.

You can actually get a list of details (including MAC addresses, etc) using the '-vv' option. This would be perfect in locking down a network:
$ sudo nmap -vv -sP

If you're like me and would prefer a nice working GUI then look no further than zenmap. Similarly, download and install via:
$ sudo apt-get install zenmap

Have fun and safe discoveries!

No comments:

Post a Comment