I have a unix machine on a network and I'm looking to get the device hostname for devices on that network. How do I go about doing this? I've tried nmap, arpscan, host, and nslookup but they all seem to want to do a DNS reverse lookup. I don't have a DNS server on the network.
When I say hostname I'm referring to the device name set by the user. So for example host on my machine returns joshcloud.
I'll give you the same answer I gave here: How to get hostname from IP(Linux)?. Basically you're going to need to either add DNS entries or connect to each host individually and ask for names.
nbtscan for Windows devices. avahi for things that suppor zeroconf.
Otherwise check out the other answer.
Related
Comcast installed a Juniper Universal Access Router ACX1100, I plugged our switch to the port that the technician told us that is in/out port. But nothing happened, after reading and asking I was told that I need a managed switch to be configured with the gateway IP and that IP is a /29. That's where I got lost. According to him there are 6 usable IP's.
example:
Gateway: 192.168.120.161/29
Usable Range: 192.168.120.162 - 192.168.120.167
One of my multiple questions is what hardware do I need to be able to connect my PC's?, I configured a managed switch, but when I connect my laptop to it I get Unidentified Network and No Internet Connection.
I have been reading and I think I need a VPN with DHCP server integrated.
If some one can help me I'll appreciate it.
/29 is the subnet mask, it can also be expressed as 255.255.255.248. Basically it defines which part of the IP is the network ID and which part of IP is the host ID.
I think in order to accurate assess your situation, we need to know exactly what kind of configuration you set on the managed switch you purchased, also which managed switch did you purchase?
Also currently on your laptop's NIC, what IP is assigned on there?
Either on your old unmanaged switch or on the managed switch, you can try assigning one of the addresses from the /29 block that the technician told you about statically. And the default-gateway with the addresses you posted in your question.
When I connect a device to my router, or if I use a tool like Advanced IP Scanner to look for devices on my network, the found devices are typically listed with and IP and a hostname. My computer running Windows 7 shows up with the name that can be found by typing hostname into cmd.
Some devices, like an embedded device I'm working on, are listed as "unknown" or the IP is simply repeated in the Name column. I can manually edit the etc/hosts file to assign a name for the specific IP of my device and it will show up in the IP Scan results.
My question is, how are these names found by the router/Advanced IP Scanner? What exactly do I need to implement on my device so that it automatically registers a hostname? I already have NetBIOS working, but this does not seem to be related to the hostname.
My embedded device is running the lwIP embedded TCP/IP stack.
I think you are looking for something like Avahi/Zeroconf but from an ESP-like device(probably).
See this answer:
Does lwIP support Zeroconf?
Ours is a small network consisting of 15 users. We have LAN messenger installed in every machine. Someone is misusing it by using anonymous IP address in their system. We traced the anonymous IP as 192.168.0.155. Now we want to check each system if they have manually changed their IP to the above address. Does Windows stores IP address change event anywhere? All are static IP within a LAN.
With some luck, I've got an easy solution for you to retrieve some information about the target. You could try to use the nbtstat-command.
Just open a command prompt and type in the following:
nbtstat -A 192.168.0.155
This will output a bunch of information about the target host, including the machinename and MAC address.
Here is an example, how the output could look like:
(source: onlinecomputertips.com)
Good luck
I have a website that I'm running locally at localhost:8000. I'd like to access my site from other devices on my network. I've tried to visit the site via my computer's internal IP address via: 127.0.0.1:8000but this doesn't work. Is this possible?
Three most probable things:
Check if there is a network route between the client and the server machine (commands like PING and TRACERT will help);
Check if the server machine has a firewall. If it does, there must be a rule allowing (opening) connections through that port (8000) in TCP;
Most likely, the problem is one of the two above. If not, there's one last thing:
Make sure the web server (the one that serves localhost:8000) is bound to listen to all IP addresses (not only 127.0.0.1).
To know that, search for servername bind all ip addresses on google. E.g., for apache HTTPD, it'd be apache bind all ip addresses.
here is what I do in similar cases:
search rejetto hfs on google, it is single executable less than 1Mb size and download it into your server machine.
after starting it, follow menu->IP addresses. these are all your possible addresess on the server side.
these are your IP addresses to enter, and your port is 8000 as you mentioned.
most possible IP addresses you will find are in the format of following:
192.168.?.?
10.0.0.?
169.254.?.?
besided you will probably need to add a firewall rule for your server app.
In particular I'm looking for an IP address that I can put in my hosts file that will black-hole a given DNS name. Right now I'm using 127.0.0.1 but that would start acting odd if I installed any services.
How can I prevent a 3rd party program from contacting a given server?
RFC-3330 seems to be the goldmine
The best option seems to be:
192.0.2.0/24 - This block is assigned as "TEST-NET" for use in
documentation and example code. It is often used in conjunction with
domain names example.com or example.net in vendor and protocol
documentation. Addresses within this block should not appear on the
public Internet.
Actually the loopback IP 127.0.0.1 is ideal for ad blocking. If you run Apache anyway, you setup a virtual server that returns 404 for requests on 127.0.0.1. That way your browser is not constantly waiting for the connect to an unknown host to timeout. All those ad requests return instantly, freeing up resources in your browser to get the actual page content.
I've used 0.0.0.0 in my hosts file to block ad web sites. Not sure if there are any side affects?!?!
I see that you've correctly found that 192.0.2.0/24 is reserved for testing, and won't appear on the Internet.
However if your local area network relies on a default route to get to the rest of the Internet then you'll still be sending this traffic out of your network towards your ISP.
Best case is that your ISP will send back ICMP_NET_UNREACHABLE errors and your applications will notice those and act accordingly. Worst case is that the traffic is completely blackholed, at which point your applications will sit around until the connections timeout.
The correct strategy for avoiding this depends on your OS and local network configuration. On a Linux system I'd just add a route for that /24 with "reject" as a target.
Addresses 127.0.0.0 to 127.255.255.255 can be used for loopback connections.
So have your httpd listening on 127.0.0.1 and use any of the others for the blacklist.
If you use any of the private IP address ranges (10.whatever, 192.168.whatever) that you aren't connected to that should work.
One advantage of using 127.0.0.1 is that an attempt to contact the server will return immediately with failure (as long as you're not running a local server, of course). If you use any other address that does not refer to a specific machine, such as 192.0.2.x, then attempts to connect to a server at that address will take some time to time out (at least a minute or more).
I use denyhosts for ssh. http://denyhosts.sourceforge.net/ It attempts to block known malicious sources. Is this what you're talking about?
0.0.0.0 ( as another poster put ) shouldn't be used - it has a distinct meaning that isn't "nothing" and it isn't reserved for what in most cases is a dead-end. As for BCS's comment to dulaneyb about DCHP and private ranges - a private range is a private range. If you're kicking to your private range, then you're routing to an empty slot. If you're kicking to one of the other private ranges, then an upstream device should drop it.