[ 3 / biz / cgl / ck / diy / fa / ic / jp / lit / sci / vr / vt ] [ index / top / reports ] [ become a patron ] [ status ]
2023-11: Warosu is now out of extended maintenance.

/diy/ - Do It Yourself

View post   
File: 70 KB, 600x449, netbook.jpg [View same] [iqdb] [saucenao] [google]
510857 No.510857 [Reply] [Original]

Hi my fellow /diy/kes,

First off, I'd like to say that I haven't been on 4chan since probably March. My life was going down the toilet, and all my interests went by the wayside.

In the meantime, I went from being unemployed, to working for an IT consultancy where I was placed at a client site as the network administrator.

(/tech/ and /g/ are dead to me by the way)

The prior director of IT at this client got canned. There is NO documentation. It's fubar in there. We're doing an over-haul, and we don't even know what all the servers are, or what, if anything, they do. Plus, there's lots of static IPs set, and some conflicts from time to time.

My plan was to use nmap to list the IP of every host that's up, and just its hostname. I'll compare that to the DHCP scope to locate anything anomolous. I'll do port scans on anything really interesting.

(I'm pretty sure the previous director left backdoors when he got canned)

The down side is that the client employs a class b network, so there are over 65,000 possible hosts to be checked.

Plus, there are two ranges i'm going to skip because they're remote sites with crappy T1 connections.

I read that I should set the "chunk" to 256 hosts. I'm also thinking I can boot one of the crap workstations into linux and scan half from my personal laptop, and the other half from the crappy workstation.

What I want to avoid is having to leave my personal laptop there overnight. I have a motion activated camera in my office, but i don't trust the non-consultant IT staff - they're convinced we're going to take their jobs.

dey took err jerbs!

>> No.510861

I know absolutely jack shit about IT except how to delete my Internet history after I've increased the views on most of the videos on pornhub, however, that being said, this sounds really interesting and I'm guessing you're an intelligent fellow if you're pulling off this sort of stuff. Good luck brother, you sound like your gonna need it.

>> No.510864

>>510861
Thanks for the kind words and luck, Anon! I *am* gonna need it!

(I like xhamster and nnotherless)

>> No.510865

Here's a little script that you may find useful.

One of my jobs (small city) uses ONLY STATIC IPs. This allowed me to change the IP of any PC to another remotely. I wrote this purely because it seemed easier to me than going to ~25 peoples desks and asking "Can I sit down for a sec? I need to change some settings..." and then them bitching about how I messed something up.

Since you're using class B, you're gonna have to change the subnet mask if you wanna do IP to IP changes. If you want set a host to DHCP just change the lines to

netsh interface ip set address "Local Area Connection" dhcp

At any rate, this might let you resolve your IP conflicts faster

http://pastebin.com/qVv79KvE

>> No.510866

>>510865
Hey thanks Anon! I bet that will be helpful.

One of the workstations at that remote site is set to a specific IP so that her scanner can send images to it via FTP because - get this - some one told her FTP was secure and encrypted!

A few times, I couldn't get her NIC to ping 127.0.0.1, so I'm not really convinced that the IP conflict warnings were legit, and changing her IP to anything other than the original static one it was set to resulted in total lack of connectivity.

I asked the PC guy to replace her NIC, but it.'s kinda on the back burner, and I'm rambling.

Thanks again Anon and /diy/ in general.

>> No.510867

>>510857
If you aren't starting with anything but finding out hosts on the network crank the chunk up. For a low number of ports it can speed that shit right up. Use the machine with the most cores and set it up to like 2048. It should go pretty quickly, though I've never had to map such a potentially large, shitty sounding network.

>> No.511249

>>510867
>shitty sounding network.

And that's exactly what it is!

First I did:

># nmap -sn 172.16.202.1-20

as a test, and that went well. It gave me the first 20 in that range, the IP, up or down, and the MAC/manufacturer. No hostname, but I can work around that.

Then I did one more test before splitting the task between two machines, and writing to a log.

>#nmap -sn 172.16.0-254.1-255

That gives me this error:

>Starting Nmap 6.00 ( http://nmap.org ) at 2013-08-19 15:33 EDT
>nexthost: failed to determine route to 172.16.3.255
>QUITTING!

So now I'm stumped. All the Googling I've done says that this error is caused by a WiFi adapter in monitor mode, but I'm using an Ethernet adapter in managed mode.

FML

Is there a way to tell nmap to ignore that catagory? If my machine can't route to it, I can come back to it later. We don't even use that ".3." range.

>> No.511275

>>511249
Its >>510865 here.

Try setting up a VM with Spiceworks. Or even on your desktop. You can ignore individual IPs, ranges, break up searches into chunks. It then dumps all the snmp data into a database.

Just google "Spiceworks"

>> No.511278

Google "zmap". That might give you the data you're looking for on the quick.

>> No.511292

Hey OP, aspiring tech guy... how did you learn what you know?

>> No.511343

>>510857
Are you/the client by any chance located in PA?

>> No.511837

>>511275
>>511278

I'll look into these. I'm kinda booked up today, but I def want to let /diy/ know how/if it works out (and now the rest of IT wants it down too! lol)

>>511343
Nope, but you're close. I and the client are located in Ohio.

>>511292
I started messing with computers the first chance I got because no one in my family knew jack about them. I took a few computer classes in highschool, and then went to a vocational school that had computer classes, went to college at KSU and majored in aviation, got a divorce, lost all my money, and then got a computer science degree from ITT-Tech ( not the best school, but not the worst)

The best advice I can give is to just mess around with the stuff and practice as much as you can. Don't do anything that can get you arrested or sued, but DO NOT let that discourage you.

At a very early age, my dad told me not to click on things that I didn't know what they do. I ignored him immediately. Had I listened, I wouldn't know a fraction of what I do know about computers.

Thanks /diy/, I'll keep you posted.

>>511292
OH! I almost forgot. GOOGLE! Google as much as you can! :-)

>> No.511858

(polite saged)

So ona whim, I tried running it on the crappy work laptop I was issued. It's low on RAM and CPU, so I booted BackTrack5 into CLI mode and what do ya know? It's working!

Whateves. Maybe even though my other laptop was running nmap as root, maybe the GUI loading up has something to do with it? Hell if I know.

Thanks /diy/

>> No.512814

Oh my God you guys... it was a switch the machine was plugged into! It doesn't name-resolve either. Derp. I *did* pull it out of the broken pile, after all.

Anyway, just to follow up with you guys, every host has been identified now, and with /diy/'s encouragement, I'm on my way to create a master viseo network diagram for the client.

I use the -sn switch for most scans, but whenever there was blocking in place by another pesky cisco switch, i ran the scan without any switches. It took way longer (about 6 seconds per node) but it was only one 254 node segment at a time, and the extra details proved invaluable in identifying the nodes on those particular segments.

Thanks again, /diy/