[quagga-users 11305] Re: very newbish question regarding netwok discovery
kurt.buff at gmail.com
Sun Jan 10 21:37:51 GMT 2010
On Sun, Jan 10, 2010 at 12:36, Christopher Barry
<christopher.barry at rackwareinc.com> wrote:
> On Sun, 2010-01-10 at 12:07 -0800, Kurt Buff wrote:
>> On Sun, Jan 10, 2010 at 11:42, Christopher Barry
>> <christopher.barry at rackwareinc.com> wrote:
> Thanks for replying so fast :)
> Stepping through your responses:
>> 3) Start sending all ones broadcasts on each NIC and see what replies
> you get
> I am unfamiliar with what you are talking about here - can you elaborate
> on this technique? Is this a flood ping? My algorithm above does use
> ping now, but again, my goal is to do link layer subnet discovery
Not a flood ping - that's unnecessary. Just send a few pings to
255.255.255.255 and see if anything comes back. I don't expect much
from this, really, but it might be worth trying.
>> 4) start blasting MAC addresses to each connection in the hopes of
>> flooding the tables on the connected devices and start looking at the
>> traffic that comes through on each NIC
> in the form of bogus gratuitous arps? I'm not sure I understand this
> suggestion either.
Yes, that would work. In the Windows world, Cain and Abel, in the *nix
world there are other tools. This is a somewhat destructive technique,
however, so I can't really say that it's appropriate.
> The ideal situation is: I bring up the image, bring up the interfaces,
> but leave them unconfigured with IP addresses, and some whiz-bang
> protocol queries each interface at the link-level, and figures out which
> subnets are directly connected to each.
On my freebsd box, in ports, I see the following:
$ cat arp-scan/pkg-descr
arp-scan is a command-line tool that uses the ARP
protocol to discover and fingerprint IP hosts on
the local network. It is available for Linux and
BSD under the GPL licence.
$ cat arp-sk/pkg-descr
arp-sk is a tool designed to manipulate ARP tables of all kinds
This can be easily performed through the sending of the
$ cat arpdig/pkg-descr
Arpdig is a tool to probe a whole IP address segment or a list of
IP addresses on the LAN via ARP whohas requests, collecting ARP is-at
responses and showing the results.
Dmitry Morozovsky <marck at FreeBSD.org>
One of these might prove more useful.
More information about the Quagga-users