Re: network inventory
Thanks all --- Frank Pikelner <[EMAIL PROTECTED]> wrote: > MACs will provide manufacturers (look for OUI tables > using Google), though > they will not provide model information. Keep in > mind network devices exist > at later 2 that are not manageable and may not have > a MAC address. > > If you can identify from say a switch and you see > multiple MAC addresses on > a particular port it may indicate that there is > another switch including a > non manageable hub on that port. > > I suggest reading up on SNMP as another post > suggested, MIB2, and how to > determine the private (if any OID trees exist). > > Cheers, > > Frank Pikelner > > > On 5/26/05 1:38 PM, "Chris" > <[EMAIL PROTECTED]> wrote: > > >> Is there anything out there that would allow to > >> identify a network device as a (router, switch, > >> firewall etc)? > > > > > > If you can obtain the device's MAC address, you > should be able to determine > > it's manufacturer and possibly model. > > > > ___ > > Perl-Win32-Users mailing list > > Perl-Win32-Users@listserv.ActiveState.com > > To unsubscribe: > http://listserv.ActiveState.com/mailman/mysubs > > > __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
Re: network inventory
MACs will provide manufacturers (look for OUI tables using Google), though they will not provide model information. Keep in mind network devices exist at later 2 that are not manageable and may not have a MAC address. If you can identify from say a switch and you see multiple MAC addresses on a particular port it may indicate that there is another switch including a non manageable hub on that port. I suggest reading up on SNMP as another post suggested, MIB2, and how to determine the private (if any OID trees exist). Cheers, Frank Pikelner On 5/26/05 1:38 PM, "Chris" <[EMAIL PROTECTED]> wrote: >> Is there anything out there that would allow to >> identify a network device as a (router, switch, >> firewall etc)? > > > If you can obtain the device's MAC address, you should be able to determine > it's manufacturer and possibly model. > > ___ > Perl-Win32-Users mailing list > Perl-Win32-Users@listserv.ActiveState.com > To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs ___ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
RE: network inventory
> Is there anything out there that would allow to > identify a network device as a (router, switch, > firewall etc)? If you can obtain the device's MAC address, you should be able to determine it's manufacturer and possibly model. ___ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
RE: network inventory
> Is there anything out there that would allow to > identify a network device as a (router, switch, > firewall etc)? > You can use snmp for this, but it is up to each manufacturer how (and where) they define it in the MIB. If it allows snmp put, you could change it, though (again, up to the manufacturer how they implement snmp, or if they even use it at all). Or, if you really want to be ambitious, you can get the MAC addresses and map them back to the manufacturer (I believe the first 3 octets are the manufacturer and the manufacturer gets to define the last 3 octets.) ___ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
Re: network inventory
Use nmap. At 08:59 AM 5/26/05 -0700, Tfbsr Bertrand wrote: >Is there anything out there that would allow to >identify a network device as a (router, switch, >firewall etc)? -- REMEMBER THE WORLD TRADE CENTER ---=< WTC 911 >=-- "...ne cede males" 0100 ___ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
network inventory
Is there anything out there that would allow to identify a network device as a (router, switch, firewall etc)? Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Perl-Win32-Users mailing list Perl-Win32-Users@listserv.ActiveState.com To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
RE: network inventory, how do YOU do it?
The problem that I got it was to make an inventory of what it was installed in the servers of our world wide network. I got several options to retrieve the name and OS that were running the servers in order to know where the software was installed. Like we do not know if the IP address were in use or not I have to find that out first. So I ping the server to ensure that if was a response and then try to scan the ports. The ping that I use makes 4 attempts (why 4, well some times the servers are configure to not respond to pings from outside but they just cover the icmp ping je,je!) A. by ICMP B. by UDP C. by TCP D. by TCP/HTTP port 80 or any other of the ports used by HTTPS like 389, 390 1000, 1389 (just in case that they have installed a web server) this one works if they don't change the default ports (there are some guys who does that for security) If any of this responds and the port was open (another subroutine) then, I just proceed with the port scan, otherwise it doesn't make sense to scan a server with closed ports (at least the ones that I'm interested). Well, the part that you may be interested is that I could ask the Server name and the OS by different ways if the other was closed. So this is what I used: 1. SNMP If you use the SNMP you can establish a session with Net::SNMP and se the correct string to ask for the OS name then you can retrieve most of the information that you want. The problem with this is that the community has to be set to "public" on the server that you want retrieve the information; if the community has been change then you will need to belong to that community in order to retrieve that information. Don't know the amount of equipment that you got installed but be ready to use a lot of Regular Expressions. I got responses from Ciscoes, Terminal Servers Printers, Scanners, Operative Systems (all kinds of UNIX and windows),etc. If you check as well not all the Ciscos reply to you with the same string, it depends on the OS version the order of the string in order to obtain the correct version of it. 2. Use SMTP Realize a connection on the port 25 to retrieve the information of the e-mail so you can get the information of what server is and the sendmail (or whatever program they are using for e-mail) version. After this you realize a DNS search on you network to determine the IP address of the given server name. This is useful if the other end is a server but not useful when you get a response from a printer !! On this one as in the point one, be ready for the Regular Expressions because (again) depending on you equipment you can get such a variety of responses like Sendmail, lotus. Microsoft, IBM (if you find AS/400 equipment). Be ready as well to retrieve data of e-mail scanners that are occupy the port 25 such as interscan, webshield, etc. 3. If the IP responded to the HTTP scan then I use the LWP to retrieve the information that I wanted (Hostname, IP address, or if it was a proxy) and some data that may not be interested to you like what kind of web server they got like Netscape, Microsoft, Apache, Lotus, etc.) This is what I did, you ask for no code (I respect that !) and I hope this helps you. Saludos Javier -Original Message- From: Hon Shi [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 13, 2004 5:50 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: network inventory, how do YOU do it? How does one go out and "inventory" his network. In other words, given a hot IP (it pings) how can you discover just exactly what is there? Don't write anything for me but just generally describe the method. It's generally a W2K world, but we have net phones, unix boxes, printers and Thanks (I've seen a trial package that 'scans' the network collecting all kinds of info. It reports its progress to the screen, things like '... ICMP..., SNMP', and so forth. It found the net phone, it's http port and mfgr information. How did they do it? Scripts that ping and some wmi is about as far as I've gone.) PS - my company isn't going to buy anything (except that Lincoln for the boss :-) __ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus ___ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs ___ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
RE: network inventory, how do YOU do it?
To get a physical inventory: "Given a hot IP", SNMP works well (low bandwidth, widely implemented, lots of useful info). Unfortunately, 'Discovery' can be a problem if you haven't enabled your network hosts to respond (Windows pc's are off by default). Also, 'Net::NBName' can deliver Windows PC info To survey ports/services: TMTOWTDI. Decide what the right answer looks like and a Perl solution will usually present itself. If done in Perl, it's free! And easy (relatively). HTH -Original Message- From: Hon Shi [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 13, 2004 4:50 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: network inventory, how do YOU do it? How does one go out and "inventory" his network. In other words, given a hot IP (it pings) how can you discover just exactly what is there? Don't write anything for me but just generally describe the method. It's generally a W2K world, but we have net phones, unix boxes, printers and Thanks (I've seen a trial package that 'scans' the network collecting all kinds of info. It reports its progress to the screen, things like '... ICMP..., SNMP', and so forth. It found the net phone, it's http port and mfgr information. How did they do it? Scripts that ping and some wmi is about as far as I've gone.) PS - my company isn't going to buy anything (except that Lincoln for the boss :-) __ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus ___ Perl-Win32-Admin mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs ___ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs
network inventory, how do YOU do it?
How does one go out and "inventory" his network. In other words, given a hot IP (it pings) how can you discover just exactly what is there? Don't write anything for me but just generally describe the method. It's generally a W2K world, but we have net phones, unix boxes, printers and Thanks (I've seen a trial package that 'scans' the network collecting all kinds of info. It reports its progress to the screen, things like '... ICMP..., SNMP', and so forth. It found the net phone, it's http port and mfgr information. How did they do it? Scripts that ping and some wmi is about as far as I've gone.) PS - my company isn't going to buy anything (except that Lincoln for the boss :-) __ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus ___ Perl-Win32-Users mailing list [EMAIL PROTECTED] To unsubscribe: http://listserv.ActiveState.com/mailman/mysubs