Re: DHCP access
At 02:08 PM 2/22/2004, Olaf Hoyer wrote: On Sun, 22 Feb 2004, Marty Landman wrote: > So the arp cache doesn't have nodes on it which it hasn't had activity from > for a time? Yes. I struck out with upgrading nmap to 3.50 as well, and wanting to learn a little about shell scripting wrote this [doubtless poor example but I am a newbie to unix shells] which does work on my lan - taking about 15 seconds wall time to complete. $ ./findIps preparing pings start pinging 1 is on the network 3 is on the network 7 is on the network 160 is on the network 240 is on the network End of story $ more findIps #!/bin/bash pingEm() { echo "preparing pings" for((i=1;i<255;i++)) do echo "ping -c1 192.168.0.$i > $$/$i &" >> pingEmAll.$$ done echo "start pinging" chmod +x pingEmAll.$$ && `./pingEmAll.$$` } findEm() { for((i=1;i<255;i++)) do awk '/64 bytes from /' $$/$i > ans awk '{ print length($0) }' ans > len if [ `more len` ] then echo "$i is on the network" fi done } mkdir $$ && pingEm findEm rm -r $$ & rm pingEmAll.$$ ans len echo End of story $ Marty Landman Face 2 Interface Inc. 845-679-9387 FormATable DB: http://face2interface.com/Products/FormATable.shtml Make a Website: http://face2interface.com/Home/Demo.shtml Free Formmailer: http://face2interface.com/Products/Formal.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
Marty Landman wrote: At 05:04 PM 2/21/2004, Chuck Swiger wrote: [ ... ] % nmap -sP 22 192.168.0.0/24 I don't understand the man page though so assume it's me, not nmap. Whoops, I switched from recommending using "-p 22" (to just scan the ssh port via TCP), to doing ICMP pinging, but I didn't make my suggestion correctly. :-) Olaf provided a better explanation... -- -Chuck ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
On Sun, 22 Feb 2004, Marty Landman wrote: > >Seems to be a bug with nmap V3.00 I use 3.50, and it works. Solution could > >be an upgrade or exclusion of your own box from the scanning range. > > Could you explain how I can do either - or preferably both? My experience > with ports btw is strictly limited to > > make build && make install Well, you need to update your ports skeleton (anything under /usr/ports) to an actual state. Whether you use cvsup, to poll from a cvsup server near you the latest updates, or you download a tarball from a ftp site near you. This tarball is about a bit more than 20 MB, so beware with a slow line, cvsup is normally preferred. Then you install portupgrade from the ports, and after that you do simply a: pkg_version -v to get a list of ports that need updating, then you simply do a: portupgrade to have it updated... For using cvsup, there is a great section in the handbook, and in the archives there should be some looong threads about ist, so don't be frightened, its easier than it sounds... > > So the arp cache doesn't have nodes on it which it hasn't had activity from > for a time? This makes sense since I tend to work off my windows > workstation which is also my gateway. Yes. HTH Olaf -- Olaf Hoyer[EMAIL PROTECTED] Fuerchterliche Erlebniss geben zu raten, ob der, welcher sie erlebt, nicht etwas Fuerchterliches ist. (Nietzsche, Jenseits von Gut und Boese) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
At 12:01 PM 2/22/2004, Olaf Hoyer wrote: Well, what is formerly called a "Class C" network is now in the new CIDR-notation a "/24", meaning that there are 256 IP's in that network. Thanks for explaining Olaf. Little by little the fog is clearing before my eyes, and things which are just words to me today will likely make real sense in a month or whatever it takes. Seems to be a bug with nmap V3.00 I use 3.50, and it works. Solution could be an upgrade or exclusion of your own box from the scanning range. Could you explain how I can do either - or preferably both? My experience with ports btw is strictly limited to make build && make install Ok, some basics beforehand: anytime some hosts wants to contact another host, it yells with some broadcast on the local collision segment (arp-request) that the Station, which has IP-address a.b.c.d. sprays the answer (the MAC-Address on the other station) back throughout the segment. This answer is cached by the OS for a short time, that for future use no unnecessary lookups have to be made. Ok. This means, that, if you hook up a station to a LAN, which did not participiated in any of the LAN traffic, the arp cache on that station is of course empty. So the arp cache doesn't have nodes on it which it hasn't had activity from for a time? This makes sense since I tend to work off my windows workstation which is also my gateway. One way to fill it, is by simply pinging all other hosts on that segment. Heh, heh. That's really how this started, except I found it to be too time consuming to do so. Maybe I'm getting far afield though. I think what I'm looking to do now is schedule an exec through cron which will check for whatever ip's/hostnames are on my network. Sounds like upgrading nmap to 3.50 will do it. Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
On Sun, 22 Feb 2004, Marty Landman wrote: > At 09:42 AM 2/22/2004, Olaf Hoyer wrote: > > >The syntax to ping a whole /24 segment would be: > > Hi Olaf. Could you please explain what is meant by '/24 segment'? I'm new > to networking as you can see! Hi! Well, what is formerly called a "Class C" network is now in the new CIDR-notation a "/24", meaning that there are 256 IP's in that network. A class A is a /8, a class B a /16. Yes, there are some subtle differencies about how a router addresses this, but for size they are the same. > > # nmap -sP 192.168.0.0/24 > > Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) > sendto in send_ip_raw: sendto(4, packet, 28, 0, 192.168.0.8, 16) => Can't > assign requested address > Sleeping 60 seconds then retrying Seems to be a bug with nmap V3.00 I use 3.50, and it works. Solution could be an upgrade or exclusion of your own box from the scanning range. > >after this you will also have some output from the arp -a command, > >because the arp cache has to be filled somehow. > > swamisalami# arp -a > ? (192.168.0.0) at ff:ff:ff:ff:ff:ff on ep0 permanent [ethernet] > delliver (192.168.0.1) at 00:08:74:c0:5e:69 on ep0 [ethernet] > woody (192.168.0.3) at 00:a0:cc:40:3e:9b on ep0 [ethernet] > swamisalami (192.168.0.7) at 00:20:af:4d:24:b7 on ep0 permanent [ethernet] > ? (192.168.0.8) at (incomplete) on ep0 [ethernet] > penguin (192.168.0.160) at 00:a0:24:75:04:49 on ep0 [ethernet] > eileen (192.168.0.240) at 00:a0:cc:40:55:cf on ep0 [ethernet] > ? (192.168.0.255) at ff:ff:ff:ff:ff:ff on ep0 permanent [ethernet] > swamisalami# > > Ok, not sure why the output was broken up into two portions but it has now > captured all the nodes on my box. Furthermore a subsequent arp -a gives a > more usable output e.g. snip > > Did you mean then that I should run the nmap followed by the arp -a to get > a look at all nodes on my class c network? In this case it seems the only > thing needed for me to put this into a shell script is a way to not have to > manually interrupt the nmap which seemed to want to keep trying, after > sleeping for progressively longer periods of time. Unless there is a glitch > to be worked around somehow on 192.168.0.8 (never in use on my network > afaik) and that what happened here was not typical behavior. Ok, some basics beforehand: anytime some hosts wants to contact another host, it yells with some broadcast on the local collision segment (arp-request) that the Station, which has IP-address a.b.c.d. sprays the answer (the MAC-Address on the other station) back throughout the segment. This answer is cached by the OS for a short time, that for future use no unnecessary lookups have to be made. This means, that, if you hook up a station to a LAN, which did not participiated in any of the LAN traffic, the arp cache on that station is of course empty. One way to fill it, is by simply pinging all other hosts on that segment. like: #!/bin/sh ping 192.168.0.1 ping 192.168.0.2 . . . ping 192.168.0.254 nmap -sP does exactly the same above, but with less typing effort ;-) For each station that is up and running, you get a MAC address back, and therefore the arp cache is populated. > It would be a nice utility for me to have and perhaps run off cron - i.e. > to test each connection on my network and report back so I know on a steady > basis that everything's up and running (or at least reachable). Yes, would be practicable. You should consider updating nmap, though... HTH Olaf -- Olaf Hoyer[EMAIL PROTECTED] Fuerchterliche Erlebniss geben zu raten, ob der, welcher sie erlebt, nicht etwas Fuerchterliches ist. (Nietzsche, Jenseits von Gut und Boese) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
At 09:42 AM 2/22/2004, Olaf Hoyer wrote: The syntax to ping a whole /24 segment would be: Hi Olaf. Could you please explain what is meant by '/24 segment'? I'm new to networking as you can see! nmap -sP 192.168.0.0/24 # nmap -sP 192.168.0.0/24 Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Host (192.168.0.0) seems to be a subnet broadcast address (returned 2 extra pings). Host delliver (192.168.0.1) appears to be up. Host woody (192.168.0.3) appears to be up. Host swamisalami (192.168.0.7) appears to be up. sendto in send_ip_raw: sendto(4, packet, 28, 0, 192.168.0.8, 16) => Can't assign requested address Sleeping 15 seconds then retrying sendto in send_ip_raw: sendto(4, packet, 28, 0, 192.168.0.8, 16) => Can't assign requested address Sleeping 60 seconds then retrying sendto in send_ip_raw: sendto(4, packet, 28, 0, 192.168.0.8, 16) => Can't assign requested address Sleeping 240 seconds then retrying ^Ccaught SIGINT signal, cleaning up swamisalami# this will work. It appears not. I should perhaps add that I'm running this from my fbsd box which is not the gateway. Nmap has reported itself (swamisalami), the gateway box (delliver) and the debian box (woody). It's not reported the rh9 box (penguin) and my wife's w98 workstation (eileen). after this you will also have some output from the arp -a command, because the arp cache has to be filled somehow. swamisalami# arp -a ? (192.168.0.0) at ff:ff:ff:ff:ff:ff on ep0 permanent [ethernet] delliver (192.168.0.1) at 00:08:74:c0:5e:69 on ep0 [ethernet] woody (192.168.0.3) at 00:a0:cc:40:3e:9b on ep0 [ethernet] swamisalami (192.168.0.7) at 00:20:af:4d:24:b7 on ep0 permanent [ethernet] ? (192.168.0.8) at (incomplete) on ep0 [ethernet] penguin (192.168.0.160) at 00:a0:24:75:04:49 on ep0 [ethernet] eileen (192.168.0.240) at 00:a0:cc:40:55:cf on ep0 [ethernet] ? (192.168.0.255) at ff:ff:ff:ff:ff:ff on ep0 permanent [ethernet] swamisalami# Ok, not sure why the output was broken up into two portions but it has now captured all the nodes on my box. Furthermore a subsequent arp -a gives a more usable output e.g. swamisalami# arp -a ? (192.168.0.0) at ff:ff:ff:ff:ff:ff on ep0 permanent [ethernet] delliver (192.168.0.1) at 00:08:74:c0:5e:69 on ep0 [ethernet] woody (192.168.0.3) at 00:a0:cc:40:3e:9b on ep0 [ethernet] swamisalami (192.168.0.7) at 00:20:af:4d:24:b7 on ep0 permanent [ethernet] penguin (192.168.0.160) at 00:a0:24:75:04:49 on ep0 [ethernet] eileen (192.168.0.240) at 00:a0:cc:40:55:cf on ep0 [ethernet] ? (192.168.0.255) at ff:ff:ff:ff:ff:ff on ep0 permanent [ethernet] swamisalami# Did you mean then that I should run the nmap followed by the arp -a to get a look at all nodes on my class c network? In this case it seems the only thing needed for me to put this into a shell script is a way to not have to manually interrupt the nmap which seemed to want to keep trying, after sleeping for progressively longer periods of time. Unless there is a glitch to be worked around somehow on 192.168.0.8 (never in use on my network afaik) and that what happened here was not typical behavior. It would be a nice utility for me to have and perhaps run off cron - i.e. to test each connection on my network and report back so I know on a steady basis that everything's up and running (or at least reachable). Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
On Sun, 22 Feb 2004, Marty Landman wrote: > At 05:04 PM 2/21/2004, Chuck Swiger wrote: > >Marty Landman wrote: > > > >>looks like arp is unreliable for a canonical list of plugged in ip's. > >>Curious about what would work. > > > >"nmap -sP 22 192.168.0.0/24" should do it > > %nmap -sP 22 192.168.0.0/24 > > Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) > Target host specification is illegal. > QUITTING! Hi! The syntax to ping a whole /24 segment would be: nmap -sP 192.168.0.0/24 this will work. after this you will also have some output from the arp -a command, because the arp cache has to be filled somehow. HTH Olaf -- Olaf Hoyer[EMAIL PROTECTED] Fuerchterliche Erlebniss geben zu raten, ob der, welcher sie erlebt, nicht etwas Fuerchterliches ist. (Nietzsche, Jenseits von Gut und Boese) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
At 05:04 PM 2/21/2004, Chuck Swiger wrote: Marty Landman wrote: looks like arp is unreliable for a canonical list of plugged in ip's. Curious about what would work. "nmap -sP 22 192.168.0.0/24" should do it %nmap -sP 22 192.168.0.0/24 Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Target host specification is illegal. QUITTING! % I don't understand the man page though so assume it's me, not nmap. ping 192.168.0.255 %ping 192.168.0.255 PING 192.168.0.255 (192.168.0.255): 56 data bytes 64 bytes from 192.168.0.3: icmp_seq=0 ttl=255 time=0.964 ms 64 bytes from 192.168.0.160: icmp_seq=0 ttl=64 time=1.359 ms (DUP!) ^C Hmm, since there are five nodes on my class c network this didn't do the trick either. I wrote a quick perl script that I think works but so slowly that it's impractical: %perl -e 'for(0..255) {$ip = "192.168.0.$_";$ping = `ping -c1 $ip`;print "$ip\n" if $ping =~ /64 bytes from/}' 192.168.0.0 192.168.0.1 192.168.0.3 . . . Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
Marty Landman wrote: At 12:21 AM 2/21/2004, Saint Aardvark the Carpeted wrote: [ ... ] As you can see only the gateway and one other box (5 total on my lan) were cached. After pinging penguin it got into the cache but this looks like arp is unreliable for a canonical list of plugged in ip's. Curious about what would work. Nmap(8) isn't installed on my system now, is this the way to go? Nothing in my base install to do it? "nmap -sP 22 192.168.0.0/24" should do it (although nmap may pause on .0), but you can also try: ping 192.168.0.255 ...although not everything responds to a broadcast addr ping, but it's still useful. -- -Chuck ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
At 12:21 AM 2/21/2004, Saint Aardvark the Carpeted wrote: Jim Pazarena disturbed my sleep to write: > May sound rookie, but presently I go to each box and determine it's > IP directly and then I "know" the IP (at least for this session). What I end up doing is browing the hosts file on my gateway machine. run "arp -an" This didn't give very satisfactory results for my fbsd box e.g. %arp -an ? (192.168.0.1) at 00:08:74:c0:5e:69 on ep0 [ethernet] ? (192.168.0.240) at 00:a0:cc:40:55:cf on ep0 [ethernet] %ping penguin PING penguin (192.168.0.160): 56 data bytes 64 bytes from 192.168.0.160: icmp_seq=0 ttl=64 time=1.536 ms 64 bytes from 192.168.0.160: icmp_seq=1 ttl=64 time=0.691 ms 64 bytes from 192.168.0.160: icmp_seq=2 ttl=64 time=0.673 ms ^C --- penguin ping statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.673/0.967/1.536/0.403 ms %arp -an ? (192.168.0.1) at 00:08:74:c0:5e:69 on ep0 [ethernet] ? (192.168.0.160) at 00:a0:24:75:04:49 on ep0 [ethernet] ? (192.168.0.240) at 00:a0:cc:40:55:cf on ep0 [ethernet] % As you can see only the gateway and one other box (5 total on my lan) were cached. After pinging penguin it got into the cache but this looks like arp is unreliable for a canonical list of plugged in ip's. Curious about what would work. Nmap(8) isn't installed on my system now, is this the way to go? Nothing in my base install to do it? Marty Landman Face 2 Interface Inc 845-679-9387 This Month's New Quiz --- Past Superbowl Winners Make a Website: http://face2interface.com/Home/Demo.shtml ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
Hi, On Fri, Feb 20, 2004 at 04:05:54PM -0800, Jim Pazarena wrote: > I have a wireless home network with an 802.11B router which assigns > IPs via DHCP. > > what method is appropriate to access one fbsd box from another when > I don't actually know the IP which has been assigned to any given > box. > > May sound rookie, but presently I go to each box and determine it's > IP directly and then I "know" the IP (at least for this session). > > There has gotta be a better way. > > suggestions please. Does you router/dhcp support static assignment? Basically you program fbsd 1 MAC address to always be assigned IP 1 and so forth. Otherwise you might consider using static address on your fbsd system? Ie if router is doing dhcp from 192.168.0.100-192.168.0.150 you should be able to static configure fbsd 1 as 192.168.0.1 for example. Just dont use the address of the router/gateway. Another option is dynamic dns updates - if your router/dhcp also provides dns you can either configure dhcp server or client to update dns with new address. Finally another idea is to use something like dyndns.org with each fbsd box. ddclient from ports will hook into DHCP and submit whatever address you get to dyndns.org. Works great for the public address, not sure if it will do private addresses but worth a shot. Then you'd give each box a name and register it on dyndns (or one of the many other equivalent sites) To talk to the other box you then just need to use the name which is updated. Hope there's something there for you, Tony ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
Jim Pazarena wrote: I have a wireless home network with an 802.11B router which assigns IPs via DHCP. what method is appropriate to access one fbsd box from another when I don't actually know the IP which has been assigned to any given box. May sound rookie, but presently I go to each box and determine it's IP directly and then I "know" the IP (at least for this session). There has gotta be a better way. suggestions please. -- Jim Pazarenamailto:[EMAIL PROTECTED] http://www.qcislands.net/paz #whereis nmap nmap: /usr/ports/security/nmap #man nmap NMAP(1) NMAP(1) NAME nmap - Network exploration tool and security scanner SYNOPSIS nmap [Scan Type(s)] [Options] DESCRIPTION Nmap is designed to allow system administrators and curious individuals to scan large networks to determine which hosts are up and what ser- vices they are offering. HTH, Kevin Kinsey DaleCo, S.P. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP access
Jim Pazarena disturbed my sleep to write: > May sound rookie, but presently I go to each box and determine it's > IP directly and then I "know" the IP (at least for this session). > There has gotta be a better way. One thing that *might* work is displaying the arp cache. This is the list of MAC addresses (and their associated IP addresses) that a given host knows about; run "arp -an" and look for something new/different/that has the same MAC address. We do this at work periodically when hooking up new machines to a DHCP server. There's no question that it would work better if you ran on the DHCP server itself, but it might work in your situation as well. HTH, Hugh -- Saint Aardvark the Carpeted [EMAIL PROTECTED] Because the plural of Anecdote is Myth. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
DHCP access
I have a wireless home network with an 802.11B router which assigns IPs via DHCP. what method is appropriate to access one fbsd box from another when I don't actually know the IP which has been assigned to any given box. May sound rookie, but presently I go to each box and determine it's IP directly and then I "know" the IP (at least for this session). There has gotta be a better way. suggestions please. -- Jim Pazarenamailto:[EMAIL PROTECTED] http://www.qcislands.net/paz ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"