Machines on LAN - Networking

This is a discussion on Machines on LAN - Networking ; Is there an easy way to determine all the machines (or other devices) on a LAN?...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 24

Thread: Machines on LAN

  1. Machines on LAN

    Is there an easy way to determine all the machines
    (or other devices) on a LAN?



  2. Re: Machines on LAN

    On 2007-10-31, Timothy Murphy wrote:
    > Is there an easy way to determine all the machines
    > (or other devices) on a LAN?


    Define "determine", "machines (or other devices)", and "LAN".

    Let's start backwards: officially, the LAN is anything on ethernet that
    doesn't go through a router. But some sites have more than one router,
    and some people want to know about all the machines at their site.

    Do you want to know about machines with a MAC or IP, or *all* devices?
    It might not be so easy to determine whether (or where) there are hubs
    or switches, nor to determine whether there's a machine connected but
    it's not powered on (or its interface is down).

    What do you want to know about these machines? IP, MAC, hostname, OS,
    other?

    Modulo the answers to the above questions, one easy way to report some
    machine information is by using nmap on your subnet (if you have
    permission to do so). You can nmap anything with an IP address, so you
    can cross a router if needed; it's real-time, so if a machine is off at
    the time you nmap, you won't find it.

    --keith


    --
    kkeller-usenet@wombat.san-francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
    see X- headers for PGP signature information


  3. Re: Machines on LAN

    Timothy Murphy writes:

    >Is there an easy way to determine all the machines
    >(or other devices) on a LAN?


    No, not for sure.
    arp -a
    will list the ip and mac for all the machines yours has talked to recently.

    If the machine does not respond to any requests on any port or go out, then
    it can sit there silently listening with non-the-wiser.





  4. Re: Machines on LAN

    Unruh wrote:

    >>Is there an easy way to determine all the machines
    >>(or other devices) on a LAN?

    >
    > No, not for sure.
    > arp -a
    > will list the ip and mac for all the machines yours has talked to
    > recently.


    OK, thanks.
    Actually, this is what "arp -a" gives on my desktop:
    -------------------------------------
    [root@alfred ~]# arp -a
    blanche (192.168.2.7) at 00:0E:A6:AF:0B:11 [ether] on eth1
    ? (192.168.2.11) at 00:02:2D:27:218 [ether] on eth1
    ? (192.168.1.254) at 00:00:C5:C3:96:50 [ether] on eth0
    -------------------------------------
    The first of these is another desktop,
    and the second is a laptop,
    while the third is my ADSL modem.

    But I also have a Linksys WRT54GL access point on 192.168.2.12;
    I wonder why this is not listed?
    Especially as it is the link (via ethernet) to 192.168.2.7
    and (via WiFi) to 192.168.11.

    The WRT54GL actually runs Linux, and "arp -a" on that device
    gives
    -------------------------------------
    ~ # arp -a
    ? (192.168.2.1) at 00:40:F4:6E:07:A1 [ether] on br0
    -------------------------------------
    which is the desktop.

    So it seems to me that "arp -a" gives a very partial account
    of the devices on my LANs.

    I found nmap (suggested by someone else) more or less useless
    for this purpose, as "man nmap" says far too much in an unreadable way ...





  5. Re: Machines on LAN

    Timothy Murphy wrote:
    > Is there an easy way to determine all the machines
    > (or other devices) on a LAN?
    >
    >


    This AMD 64 machine is running Mepis 6.5 and in the toolbar is Synaptic.

    It grabs programs from Ubuntu, Debian, and Mepis repositories.

    Better, I can select a Search box, type in nmap, and hit enter, and it
    will come back with the synaptic results for all things that have nmap
    in their description, name...

    I got 40 things back, like amap, knmap, nmap. There are GUIs for most.

    checked the boxes, and it was done in a jiffy.

    Now, they are in my toolbar mainmenu.

    Though over a hundred machines here, run on about 30 different OSes,
    Mepis really fills the bill for most needs for most of my needs and
    those of the parents, teachers, students, and businesses I encounter.

    Others are for expermentation, familiarization, training. Some are:
    PC-BSD, Vixta, DamnSmallLinux, FreeBSD, FrieBSIE, Frenzy, Puppy, Fedora
    7, PCLinuxOS, FreeBSD6.2, Sabayon, Knoppix, miniKnoppix, SLAMPP,
    VectorLinux, Quaintain, YellowDog.

    Just about anything on http://livecdlist.com or http://distrowatch.com
    is ripe for testing on my Acers, Dells, Compaqs, HPs, and generic
    sytems, with X86, X86-64, Alpha, PPro, PPC, Motorola, AMD, Intel, IBM ,
    platforms /support chip boards from over 49 makers.

    Donated hardware is fun to run, and the performance is surprising!

  6. Re: Machines on LAN

    Timothy Murphy wrote:
    > But I also have a Linksys WRT54GL access point on 192.168.2.12;
    > I wonder why this is not listed?


    Ping it first, then try again?

    > I found nmap (suggested by someone else) more or less useless
    > for this purpose, as "man nmap" says far too much in an unreadable way ...


    Unreadable, really? Is English your second language? Welcome, noob
    You meant readable, but indecipherable. Try this:
    map -sP 192.168.2.0/24


    --
    As we enjoy great advantages from inventions of others, we should be
    glad of an opportunity to serve others by any invention of ours;
    and this we should do freely and generously.
    --Benjamin Franklin

  7. Re: Machines on LAN

    johnny bobby bee wrote:
    > You meant readable, but indecipherable. Try this:
    > map -sP 192.168.2.0/24


    Sorry, meant: nmap -sP 192.168.2.0/24


    --
    As we enjoy great advantages from inventions of others, we should be
    glad of an opportunity to serve others by any invention of ours;
    and this we should do freely and generously.
    --Benjamin Franklin

  8. Re: Machines on LAN

    johnny bobby bee wrote:

    > johnny bobby bee wrote:
    >> You meant readable, but indecipherable. Try this:


    > Sorry, meant: nmap -sP 192.168.2.0/24


    Thanks, that gets all the information:
    ----------------------------
    [root@alfred tim]# nmap -sP 192.168.2.0/24

    Starting Nmap 4.20 ( http://insecure.org ) at 2007-11-01 13:57 GMT
    Host alfred (192.168.2.1) appears to be up.
    Host carrie (192.168.2.4) appears to be up.
    MAC Address: 00:15:00:16:2A:EA (Intel Corporate)
    Host blanche (192.168.2.7) appears to be up.
    MAC Address: 00:0E:A6:AF:0B:11 (Asustek Computer)
    Host 192.168.2.11 appears to be up.
    MAC Address: 00:02:2D:27:218 (Agere Systems)
    Host wrt (192.168.2.12) appears to be up.
    MAC Address: 00:16:B6A:56:B2 (Cisco-Linksys)
    Nmap finished: 256 IP addresses (5 hosts up) scanned in 8.002 seconds
    ----------------------------



  9. Re: Machines on LAN

    On Wed, 31 Oct 2007 20:47:13 +0000, Timothy Murphy wrote:

    > Is there an easy way to determine all the machines
    > (or other devices) on a LAN?


    Try nmap

    Dan

  10. Re: Machines on LAN

    Dan N wrote:

    >> Is there an easy way to determine all the machines
    >> (or other devices) on a LAN?

    >
    > Try nmap


    The trouble with nmap is that there are a billion options,
    and it is not at all clear which to choose.
    But someone pointed out to me

    nmap -sP 192.168.2.0/24

    which did the trick.


  11. Re: Machines on LAN

    On 2007-11-02, Timothy Murphy wrote:
    >
    > The trouble with nmap is that there are a billion options,
    > and it is not at all clear which to choose.


    There are a bunch of examples in the manpage.

    --keith


    --
    kkeller-usenet@wombat.san-francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
    see X- headers for PGP signature information


  12. Re: Machines on LAN

    Keith Keller wrote:

    >> The trouble with nmap is that there are a billion options,
    >> and it is not at all clear which to choose.

    >
    > There are a bunch of examples in the manpage.


    Agreed.
    I did in fact look (briefly) at these,
    but all seemed far too complicated for my modest needs.
    The man page for nmap is an example, in my eyes,
    of too much information being almost as bad as no information.


  13. Re: Machines on LAN

    On 2007-11-02, Timothy Murphy wrote:
    > Agreed.
    > I did in fact look (briefly) at these,
    > but all seemed far too complicated for my modest needs.
    > The man page for nmap is an example, in my eyes,
    > of too much information being almost as bad as no information.


    There's also http://www.nmap-tutorial.com/ .

    --keith

    --
    kkeller-usenet@wombat.san-francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
    see X- headers for PGP signature information


  14. Re: Machines on LAN

    Keith Keller wrote:

    >> The man page for nmap is an example, in my eyes,
    >> of too much information being almost as bad as no information.

    >
    > There's also http://www.nmap-tutorial.com/ .


    Thanks, I'm looking at that.
    It is exactly what I needed;
    there really should be a pointer to it in "man nmap".


  15. Re: Machines on LAN

    On 2007-11-02, Timothy Murphy wrote:
    > Keith Keller wrote:
    >>
    >> There's also http://www.nmap-tutorial.com/ .

    >
    > there really should be a pointer to it in "man nmap".


    You should make that suggestion to the nmap maintainer, since a) he
    doesn't read this group, and b) he doesn't maintain the tutorial site.
    He may not even want to point people there, but it's his decision to
    make, not any of ours.

    --keith

    --
    kkeller-usenet@wombat.san-francisco.ca.us
    (try just my userid to email me)
    AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
    see X- headers for PGP signature information


  16. Re: Machines on LAN

    Timothy Murphy wrote:
    > Keith Keller wrote:
    >
    >>> The man page for nmap is an example, in my eyes,
    >>> of too much information being almost as bad as no information.

    >> There's also http://www.nmap-tutorial.com/ .

    >
    > Thanks, I'm looking at that.
    > It is exactly what I needed;
    > there really should be a pointer to it in "man nmap".
    >


    Maybe but i find the nmap manual page to be of very high quality and it
    includes.
    a lot of information. I rather do man nmap '/sS' 'nn' (last two are less
    pager commands)
    to get to the section that discusses the half-open SYN scan than to
    follow some random howto.

    also if you execute nmap without args it'll print a pretty comprehensive
    list of options.

  17. Re: Machines on LAN

    goarilla <"kevin DOT paulus AT skynet DOT be"> wrote:

    >>>> The man page for nmap is an example, in my eyes,
    >>>> of too much information being almost as bad as no information.
    >>> There's also http://www.nmap-tutorial.com/ .

    >>
    >> Thanks, I'm looking at that.
    >> It is exactly what I needed;
    >> there really should be a pointer to it in "man nmap".

    >
    > Maybe but i find the nmap manual page to be of very high quality and it
    > includes a lot of information.


    Interesting how people differ.
    "man nmap" _does_ give you a lot of information -
    far too much, in my view.
    I really don't want to read an encyclopedia
    in order to find what command to give.

    At least this man page does give some examples -
    but they are all ludicrously complicated, in my view.

    > I rather do man nmap '/sS' 'nn' (last two are less
    > pager commands)
    > to get to the section that discusses the half-open SYN scan than to
    > follow some random howto.


    I don't know what the "half-open SYN scan" is,
    and don't really want to know.
    I just wanted to know what command to give
    to find the devices on my lan.

    > also if you execute nmap without args it'll print a pretty comprehensive
    > list of options.


    Rather too comprehensive, for my purposes.

    I think the time has come when too much information
    is almost as bad as too little.



  18. Re: Machines on LAN

    On Oct 31, 2:47 pm, Timothy Murphy
    wrote:
    > Is there an easy way to determine all the machines
    > (or other devices) on a LAN?


    Arpwatch is a pretty handy utility for this.

    http://en.wikipedia.org/wiki/Arpwatch


  19. Re: Machines on LAN

    Steven Borrelli wrote:

    >> Is there an easy way to determine all the machines
    >> (or other devices) on a LAN?

    >
    > Arpwatch is a pretty handy utility for this.
    >
    > http://en.wikipedia.org/wiki/Arpwatch


    Thanks very much for the suggestion.

    I downloaded and installed arpwatch,
    and it works quite well,
    though it is rather strange,
    in that it does not display its output,
    but sends it to syslog (/var/log/messages in my case).

    Also it runs as a daemon,
    and keeps running once the command, eg "arpwatch -i eth1",
    is given.

    I suppose it is intended for administrative purposes
    on a large network.



  20. Re: Machines on LAN

    Timothy Murphy wrote:
    > goarilla <"kevin DOT paulus AT skynet DOT be"> wrote:
    >
    >>>>> The man page for nmap is an example, in my eyes,
    >>>>> of too much information being almost as bad as no information.
    >>>> There's also http://www.nmap-tutorial.com/ .
    >>> Thanks, I'm looking at that.
    >>> It is exactly what I needed;
    >>> there really should be a pointer to it in "man nmap".

    >> Maybe but i find the nmap manual page to be of very high quality and it
    >> includes a lot of information.

    >
    > Interesting how people differ.
    > "man nmap" _does_ give you a lot of information -
    > far too much, in my view.
    > I really don't want to read an encyclopedia
    > in order to find what command to give.
    >
    > At least this man page does give some examples -
    > but they are all ludicrously complicated, in my view.
    >
    >> I rather do man nmap '/sS' 'nn' (last two are less
    >> pager commands)
    >> to get to the section that discusses the half-open SYN scan than to
    >> follow some random howto.

    >
    > I don't know what the "half-open SYN scan" is,
    > and don't really want to know.
    > I just wanted to know what command to give
    > to find the devices on my lan.
    >


    ping the broadcast address of your subnet
    usually 192.168.0.255, 192.168.1.255 or 192.168.8.255
    ping -c 2 -b
    en then filter the arb tables to not include the incomplete info
    /sbin/arp -a | grep -v 'incomplete'

    >> also if you execute nmap without args it'll print a pretty comprehensive
    >> list of options.

    >
    > Rather too comprehensive, for my purposes.
    >
    > I think the time has come when too much information
    > is almost as bad as too little.
    >
    >


+ Reply to Thread
Page 1 of 2 1 2 LastLast