find_ip
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
find_ip [2008/02/17 13:42] – latinsud | find_ip [2008/02/17 13:55] – latinsud | ||
---|---|---|---|
Line 2: | Line 2: | ||
Let's assume you must work in a network but they forgot to tell you the ip address range. | Let's assume you must work in a network but they forgot to tell you the ip address range. | ||
+ | |||
===== Passive sniffing ===== | ===== Passive sniffing ===== | ||
* Simply use tcpdump, wireshark or any sniffer that displays the IP addresses of existing packets. | * Simply use tcpdump, wireshark or any sniffer that displays the IP addresses of existing packets. | ||
+ | |||
+ | * Eg: | ||
+ | |||
+ | # tcpdump -nnei eth1 | ||
+ | 13: | ||
+ | 13: | ||
+ | In this example, '' | ||
===== DHCP discovery ===== | ===== DHCP discovery ===== | ||
* If DHCP is enabled on the network, use a dhcp client or a fast discovery tool like [[http:// | * If DHCP is enabled on the network, use a dhcp client or a fast discovery tool like [[http:// | ||
+ | |||
+ | |||
===== Active scan ===== | ===== Active scan ===== | ||
* Use a fast ARP scanner like [[http:// | * Use a fast ARP scanner like [[http:// | ||
+ | |||
+ | * Eg: | ||
+ | |||
+ | < | ||
+ | # netdiscover -i eth1 | ||
+ | Currently scanning: 192.168.1.0/ | ||
+ | |||
+ | 2 Captured ARP Req/Rep packets, from 2 hosts. | ||
+ | _____________________________________________________________________________ | ||
+ | | ||
+ | ----------------------------------------------------------------------------- | ||
+ | 192.168.0.1 | ||
+ | 192.168.0.194 | ||
+ | </ | ||
find_ip.txt · Last modified: 2008/02/17 13:58 by latinsud