Re: SNMP scanner?

[O'Neal, Miles]

I'm not going to argue either side here, just note that your email 
client's filters can easily delete any specific subject line, perhaps 
with a user or set of users as to and from entries as well. I would 
remove the filter[s] after a week to avoid missing future, completely 
different conversations.


On 08/05/2016 01:22 PM, P. Larry Nelson wrote:

With all due respect, and not interested at all in flaming or starting
one of those wars, I, and I think most folks on this list, find that the
occasional dip into topics slightly off of SL issues can be very 
educational.

And for me, that's what it's all about.  The sharing of knowledge, tools,
hints, tricks, whatever...  Because I know just enough about most things
to be a little dangerous, and it's wonderful to find out more so I can be
even more dangerous!

- Larry

stroe wrote on 8/5/16 9:38 AM:

Could you please stop this, which is not an SL issue?

On 2016-08-05 17:19, Lamar Owen wrote:

On 07/30/2016 06:35 PM, ToddAndMargo wrote:

I am looking to do network discovery. Basically, everything
on the interface, regardless of what network it belongs to
or if even has an ip assigned.  Like AutoScan Network, only
not abandoned.


I have a dedicated install of NetworkSecurityToolkit (NST) on a box
connected to two ports on one of our core switches.  One port is the
admin port that NST serves its web GUI on; the second port is a
capture-only port and connects to a SPAN port on the core switch
(Cisco terminology, as it's a Cisco 7609).  I set up the SPAN to
redirect traffic for the ports and/or VLANs I'm interested in looking
at, and then capture all the traffic (I capture all traffic then
filter it out).  Not as clean as some other solutions, but it does get
everything.






--
Miles O'Neal
CAD Systems Engineer
Cirrus Logic | cirrus.com | 1.512.851.4659

Re: SNMP scanner?

[P. Larry Nelson]

With all due respect, and not interested at all in flaming or starting
one of those wars, I, and I think most folks on this list, find that the
occasional dip into topics slightly off of SL issues can be very educational.
And for me, that's what it's all about.  The sharing of knowledge, tools,
hints, tricks, whatever...  Because I know just enough about most things
to be a little dangerous, and it's wonderful to find out more so I can be
even more dangerous!

- Larry

stroe wrote on 8/5/16 9:38 AM:

Could you please stop this, which is not an SL issue?

On 2016-08-05 17:19, Lamar Owen wrote:

On 07/30/2016 06:35 PM, ToddAndMargo wrote:

I am looking to do network discovery.  Basically, everything
on the interface, regardless of what network it belongs to
or if even has an ip assigned.  Like AutoScan Network, only
not abandoned.


I have a dedicated install of NetworkSecurityToolkit (NST) on a box
connected to two ports on one of our core switches.  One port is the
admin port that NST serves its web GUI on; the second port is a
capture-only port and connects to a SPAN port on the core switch
(Cisco terminology, as it's a Cisco 7609).  I set up the SPAN to
redirect traffic for the ports and/or VLANs I'm interested in looking
at, and then capture all the traffic (I capture all traffic then
filter it out).  Not as clean as some other solutions, but it does get
everything.



--
P. Larry Nelson (217-244-9855) | IT Administrator
457 Loomis Lab | High Energy Physics Group
1110 W. Green St., Urbana, IL  | Physics Dept., Univ. of Ill.
MailTo: lnel...@illinois.edu   | http://hep.physics.illinois.edu/home/lnelson/
--
 "Information without accountability is just noise."  - P.L. Nelson

Re: SNMP scanner?

[Bruce Ferrell]

On 8/5/16 7:19 AM, Lamar Owen wrote:

On 07/30/2016 06:35 PM, ToddAndMargo wrote:

I am looking to do network discovery. Basically, everything
on the interface, regardless of what network it belongs to
or if even has an ip assigned.  Like AutoScan Network, only
not abandoned.

I have a dedicated install of NetworkSecurityToolkit (NST) on a box 
connected to two ports on one of our core switches.  One port is the 
admin port that NST serves its web GUI on; the second port is a 
capture-only port and connects to a SPAN port on the core switch 
(Cisco terminology, as it's a Cisco 7609).  I set up the SPAN to 
redirect traffic for the ports and/or VLANs I'm interested in looking 
at, and then capture all the traffic (I capture all traffic then 
filter it out).  Not as clean as some other solutions, but it does get 
everything.


I got to thinking about this some more and Lamar, you just triggered a 
thought...  There IS a technique used by large organizations.  Cisco 
invented this "thing" called netflow.  On my linux systems I have a 
kernel module called ipt_NETFLOW 
(https://sourceforge.net/projects/ipt-netflow/).  It sends netflow 
(tcp/ip connection) records to a netflow collector.  Windows can export 
netflow too (http://www.flowtraq.com/corporate/product/flow-exporter/).


I use ntop as the collector on Linux and it seems to have versions for 
OS X and windows these days too, but there are many netflow collectors.  
Many are free (solarwinds is common).


This is the big-boy way of doing this.

For full disclosure, I pay my bills supporting one of the proprietary 
netflow collection/analysis tools... No, I won't name the tool.

Re: SNMP scanner?

[stroe]

Could you please stop this, which is not an SL issue?

On 2016-08-05 17:19, Lamar Owen wrote:

On 07/30/2016 06:35 PM, ToddAndMargo wrote:

I am looking to do network discovery.  Basically, everything
on the interface, regardless of what network it belongs to
or if even has an ip assigned.  Like AutoScan Network, only
not abandoned.


I have a dedicated install of NetworkSecurityToolkit (NST) on a box
connected to two ports on one of our core switches.  One port is the
admin port that NST serves its web GUI on; the second port is a
capture-only port and connects to a SPAN port on the core switch
(Cisco terminology, as it's a Cisco 7609).  I set up the SPAN to
redirect traffic for the ports and/or VLANs I'm interested in looking
at, and then capture all the traffic (I capture all traffic then
filter it out).  Not as clean as some other solutions, but it does get
everything.

Re: SNMP scanner?

[Lamar Owen]

On 07/30/2016 06:35 PM, ToddAndMargo wrote:

I am looking to do network discovery.  Basically, everything
on the interface, regardless of what network it belongs to
or if even has an ip assigned.  Like AutoScan Network, only
not abandoned.

I have a dedicated install of NetworkSecurityToolkit (NST) on a box 
connected to two ports on one of our core switches.  One port is the 
admin port that NST serves its web GUI on; the second port is a 
capture-only port and connects to a SPAN port on the core switch (Cisco 
terminology, as it's a Cisco 7609).  I set up the SPAN to redirect 
traffic for the ports and/or VLANs I'm interested in looking at, and 
then capture all the traffic (I capture all traffic then filter it 
out).  Not as clean as some other solutions, but it does get everything.

Re: SNMP scanner?

[Eero Volotinen]

Mga is mageian linux package. Unpack it and edit the spec file and try to
recompile

Eero

3.8.2016 11.04 ip. "ToddAndMargo"  kirjoitti:

> On 08/03/2016 01:01 PM, ToddAndMargo wrote:
>
>> On 08/03/2016 07:41 AM, Mark Stodola wrote:
>>
>>> On 08/03/2016 01:09 AM, ToddAndMargo wrote:
>>>
 On 08/02/2016 10:30 PM, Bruce Ferrell wrote:

> Todd,
>
> I've been doing networking since before TCP/IP was common... We had to
> know ethenet frame types to get IPX/SPX, SNA and DECnet to work.
>
> With that background, I'm fascinated to find out how it does what you
> claim it does.
>



  I found autoscan-network.com and downloaded the linux binary, but the
> source doesn't seem to
> download.  Any chance you ever downloaded that?
>
>
>>> A quick hunt online found the 1.50 source here:
>>>
>>> http://distro.ibiblio.org/mageia/distrib/cauldron/SRPMS/core/release/autoscan-1.50-15.mga6.src.rpm
>>>
>>> Armed with that, you should be able to keep it living for a while, maybe
>>> some tweaks for changes in GTK, etc.
>>>
>>
>>
>> Thank you!
>>
>> I had found autoscan-1.50-7.mga1.src.rpm, but it would not rebuild.
>>
>> $ rpmbuild --rebuild autoscan-1.50-15.mga6.src.rpm
> ...
> error: line 6: Tag takes single token only: Release:%mkrel 15
>
> I got some tweaking to do.  :'(
>
>
> --
> ~~
> Computers are like air conditioners.
> They malfunction when you open windows
> ~~
>

Re: SNMP scanner?

[Stephen John Smoogen]

On 3 August 2016 at 00:56, ToddAndMargo  wrote:
> On 08/01/2016 06:24 AM, Stephen John Smoogen wrote:
>>
>> On 31 July 2016 at 23:31, ToddAndMargo  wrote:
>>>
>>> On 07/30/2016 11:36 PM, Jon Brinkmann wrote:

 Does 'nmap -sX ' fit the bill, e.g.
 'nmap -sX 192.168.1.1-255'?
>>>
>>>
>>> Only one the one network (192.168.1.0/25 in your  example).
>>>
>>> I want EVERYTHING on the network
>>>
>> Todd,
>>
>> 1) You asked for help and you are acting like a child demanding more
>> candy when you didn't get the flavor you wanted.
>
>
> Hi Stephen,
>
> I am trying to find a replacement for an important tool I use
> on a frequent basis.   I have been very clear about what
> I am after.
>
> If you do not understand what I am after, please just ask me instead
> of insulting me.


You are correct. My line was insulting and ill behaved. I apologize to
you and everyone else.

-- 
Stephen J Smoogen.

Re: SNMP scanner?

[ToddAndMargo]

  
  
On 08/02/2016 10:30 PM, Bruce Ferrell
  wrote:


  Todd,

I've been doing networking since before TCP/IP was common... We had to know ethenet frame types to get IPX/SPX, SNA and DECnet to work. 

With that background, I'm fascinated to find out how it does what you claim it does. 





   I found autoscan-network.com and downloaded the linux binary, but the source doesn't seem to
download.  Any chance you ever downloaded that?

Bruce


Hi Bruce,

IPX.  Wow.  Now that is a trip down memory lane!

Here are my notes.  Yes, it is a moving target.

   
https://sourceforge.net/projects/autoscan/files/AutoScan/autoscan-network%201.50/AutoScan-Network-Linux-1.50.bin.tar.gz/download
    http://sourceforge.net/projects/autoscan/
   
http://prdownloads.sourceforge.net/autoscan/AutoScan-0.98.0b-Fedora-Core4.src.rpm?download

And you can just de-tar and run from there.  I usually don't
bother running the install.

If that does not work, I can put my copies up on drop box for you.

Autoscan is awesome to find multiple routers on the same network.
I have had several customer who change ISPs and just add routers
in parallel with each other. 

I have also had other customers use an router/AP/hub as an
AP to extend wireless to the other end of their huge houses.  
They turn off the router function and it works fine until
the next power hits and resets it.  Then suddenly, they have two
networks on the same interface.

-T



-- 
~~
Computers are like air conditioners.
They malfunction when you open windows
~~
  

Re: SNMP scanner?

[Bruce Ferrell]

Never mind. 

autoscan is a gui wrapper for nmap and ping... And not really as good as the 
existing ones (zenmap, xnmap nmapfe) found in the repositories as nmap-frontend.

What autoscan does is to have a set of IP ranges and performs nmap scans of 
them.  No magic'  just brute force wrapped in cotton candy.

Dumb me.  I though there was something to learn here.

As the man said, write a script to wrap nmap and it will do what autoscan does 
for you forever and ever and you never need worry that autoscan is going away.



On 08/02/2016 09:56 PM, ToddAndMargo wrote:
> On 08/01/2016 06:24 AM, Stephen John Smoogen wrote:
>> On 31 July 2016 at 23:31, ToddAndMargo  wrote:
>>> On 07/30/2016 11:36 PM, Jon Brinkmann wrote:
 Does 'nmap -sX ' fit the bill, e.g.
 'nmap -sX 192.168.1.1-255'?
>>>
>>> Only one the one network (192.168.1.0/25 in your  example).
>>>
>>> I want EVERYTHING on the network
>>>
>> Todd,
>>
>> 1) You asked for help and you are acting like a child demanding more
>> candy when you didn't get the flavor you wanted.
>
> Hi Stephen,
>
> I am trying to find a replacement for an important tool I use
> on a frequent basis.   I have been very clear about what
> I am after.
>
> If you do not understand what I am after, please just ask me instead
> of insulting me.
>
>> 2) nmap is a very complicated swiss army knife tool. There are
>> hundreds of things it can do but you need to take some time to figure
>> them out and get what you want. Expecting that you will get the answer
>> handed to you is being unreasonable.
>> http://lmgtfy.com/?q=nmap+tutorial
>
> I use nmap ALL THE TIME.  If you know the "network" involved, it
> is an awesome tool.  But, if you are looking for stray or misconfigured
> devices with a different network on the same interface, they will be
> dark to nmap.  In this scenario, the only tool I have found that
> can do this is Autoscan.
>
>> 3) what you are wanting is actually a multi step process. First you
>> need to see what mac addresses are on the network which usually only a
>> smart switch can tell you.
>
> Autoscan does.  But for how much longer ...
>
>> You can sort of get the data with a
>> mac-ping but it isn't guarenteed to work. After you get all the mac
>> addresses on the network then you can work out what ip addresses or
>> hardware those mac addresses think they are. Again easier with a smart
>> switch.
>
> Hopefully, I do not have to go that route.  This can be done from software,
> as Autoscan demonstrates.
>
> I may have to keep a copy of SL7.2 and FC23 around for years just to
> run Autoscan.  Oh well, what is a one more flash drive to add to the pile
> I already have.
>
> Tip: keep a dd copy of your flash drive.  Windows machines tend to eat them.
>
> "mac-ping".  That sounds interesting.
>
> I should put Autoscan on Wireshark and find out exactly what it does.
>
> Thank you for helping me with this, except for the insults
>
> -T
>

Re: SNMP scanner?

[Bruce Ferrell]

Todd,

I've been doing networking since before TCP/IP was common... We had to know 
ethenet frame types to get IPX/SPX, SNA and DECnet to work. 

With that background, I'm fascinated to find out how it does what you claim it 
does.  I found autoscan-network.com and downloaded the linux binary, but the 
source doesn't seem to
download.  Any chance you ever downloaded that?

Bruce

On 08/02/2016 09:56 PM, ToddAndMargo wrote:
> On 08/01/2016 06:24 AM, Stephen John Smoogen wrote:
>> On 31 July 2016 at 23:31, ToddAndMargo  wrote:
>>> On 07/30/2016 11:36 PM, Jon Brinkmann wrote:
 Does 'nmap -sX ' fit the bill, e.g.
 'nmap -sX 192.168.1.1-255'?
>>>
>>> Only one the one network (192.168.1.0/25 in your  example).
>>>
>>> I want EVERYTHING on the network
>>>
>> Todd,
>>
>> 1) You asked for help and you are acting like a child demanding more
>> candy when you didn't get the flavor you wanted.
>
> Hi Stephen,
>
> I am trying to find a replacement for an important tool I use
> on a frequent basis.   I have been very clear about what
> I am after.
>
> If you do not understand what I am after, please just ask me instead
> of insulting me.
>
>> 2) nmap is a very complicated swiss army knife tool. There are
>> hundreds of things it can do but you need to take some time to figure
>> them out and get what you want. Expecting that you will get the answer
>> handed to you is being unreasonable.
>> http://lmgtfy.com/?q=nmap+tutorial
>
> I use nmap ALL THE TIME.  If you know the "network" involved, it
> is an awesome tool.  But, if you are looking for stray or misconfigured
> devices with a different network on the same interface, they will be
> dark to nmap.  In this scenario, the only tool I have found that
> can do this is Autoscan.
>
>> 3) what you are wanting is actually a multi step process. First you
>> need to see what mac addresses are on the network which usually only a
>> smart switch can tell you.
>
> Autoscan does.  But for how much longer ...
>
>> You can sort of get the data with a
>> mac-ping but it isn't guarenteed to work. After you get all the mac
>> addresses on the network then you can work out what ip addresses or
>> hardware those mac addresses think they are. Again easier with a smart
>> switch.
>
> Hopefully, I do not have to go that route.  This can be done from software,
> as Autoscan demonstrates.
>
> I may have to keep a copy of SL7.2 and FC23 around for years just to
> run Autoscan.  Oh well, what is a one more flash drive to add to the pile
> I already have.
>
> Tip: keep a dd copy of your flash drive.  Windows machines tend to eat them.
>
> "mac-ping".  That sounds interesting.
>
> I should put Autoscan on Wireshark and find out exactly what it does.
>
> Thank you for helping me with this, except for the insults
>
> -T
>

Re: SNMP scanner?

[ToddAndMargo]

On 08/01/2016 06:24 AM, Stephen John Smoogen wrote:

On 31 July 2016 at 23:31, ToddAndMargo  wrote:

On 07/30/2016 11:36 PM, Jon Brinkmann wrote:

Does 'nmap -sX ' fit the bill, e.g.
'nmap -sX 192.168.1.1-255'?


Only one the one network (192.168.1.0/25 in your  example).

I want EVERYTHING on the network


Todd,

1) You asked for help and you are acting like a child demanding more
candy when you didn't get the flavor you wanted.


Hi Stephen,

I am trying to find a replacement for an important tool I use
on a frequent basis.   I have been very clear about what
I am after.

If you do not understand what I am after, please just ask me instead
of insulting me.


2) nmap is a very complicated swiss army knife tool. There are
hundreds of things it can do but you need to take some time to figure
them out and get what you want. Expecting that you will get the answer
handed to you is being unreasonable.
http://lmgtfy.com/?q=nmap+tutorial


I use nmap ALL THE TIME.  If you know the "network" involved, it
is an awesome tool.  But, if you are looking for stray or misconfigured
devices with a different network on the same interface, they will be
dark to nmap.  In this scenario, the only tool I have found that
can do this is Autoscan.


3) what you are wanting is actually a multi step process. First you
need to see what mac addresses are on the network which usually only a
smart switch can tell you.


Autoscan does.  But for how much longer ...


You can sort of get the data with a
mac-ping but it isn't guarenteed to work. After you get all the mac
addresses on the network then you can work out what ip addresses or
hardware those mac addresses think they are. Again easier with a smart
switch.


Hopefully, I do not have to go that route.  This can be done from software,
as Autoscan demonstrates.

I may have to keep a copy of SL7.2 and FC23 around for years just to
run Autoscan.  Oh well, what is a one more flash drive to add to the pile
I already have.

Tip: keep a dd copy of your flash drive.  Windows machines tend to eat them.

"mac-ping".  That sounds interesting.

I should put Autoscan on Wireshark and find out exactly what it does.

Thank you for helping me with this, except for the insults

-T

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[Stephen John Smoogen]

On 31 July 2016 at 23:31, ToddAndMargo  wrote:
> On 07/30/2016 11:36 PM, Jon Brinkmann wrote:
>>
>> Does 'nmap -sX ' fit the bill, e.g.
>> 'nmap -sX 192.168.1.1-255'?
>
>
> Only one the one network (192.168.1.0/25 in your  example).
>
> I want EVERYTHING on the network
>

Todd,

1) You asked for help and you are acting like a child demanding more
candy when you didn't get the flavor you wanted.
2) nmap is a very complicated swiss army knife tool. There are
hundreds of things it can do but you need to take some time to figure
them out and get what you want. Expecting that you will get the answer
handed to you is being unreasonable.
http://lmgtfy.com/?q=nmap+tutorial
3) what you are wanting is actually a multi step process. First you
need to see what mac addresses are on the network which usually only a
smart switch can tell you. You can sort of get the data with a
mac-ping but it isn't guarenteed to work. After you get all the mac
addresses on the network then you can work out what ip addresses or
hardware those mac addresses think they are. Again easier with a smart
switch.


-- 
Stephen J Smoogen.

Re: SNMP scanner?

[ToddAndMargo]

On 08/01/2016 01:15 AM, Iosif Fettich wrote:

On 07/30/2016 11:36 PM, Jon Brinkmann wrote:

 Does 'nmap -sX ' fit the bill, e.g.
 'nmap -sX 192.168.1.1-255'?


Only one the one network (192.168.1.0/25 in your  example).

I want EVERYTHING on the network


IPv6 inclusive...?


I really do not care much about IPv6.  My customers are all small
businesses and their internal are all IPv4.  Their Internet
connections are all IPv4 too come to think about it.

I haven't seen ANYONE use IPv6.   It is probably a good idea
for me to learn though.

I basically want something that will cause the interface to
cough up (yuk, the visuals on that one!) everything with
a MAC address on the Interface.

AutoScan Network does the above in about 30 seconds.
But the stinker is abandoned and no longer works in Fedora
Core 24, meaning it is short to live in EL Linux too.

I do not know exactly how AutoScan does it, but I do
believe it toss out an all devices snmp ping, then probes
whoever responds.  But I only speculate.



That will be hard, I'm afraid.

Iosif Fettich



--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[ToddAndMargo]

  
  
On 07/31/2016 11:46 PM, Eero Volotinen
  wrote:

You can list any number networks on commanline for
  example: 192.168.1.0/24
  192.168.2.0/24
  


True.

What I need would be vastly impractical, even if it did work:

0-255 . 0-255 . 0-255 . 0-255

And that still wouldn't catch those devices without an
IP address.

AutoScan Network does the above in about 30 seconds.
But the stinker is abandoned and no longer works in Fedora
Core 24, meaning it is short to live in EL Linux too.
-- 
~~
Computers are like air conditioners.
They malfunction when you open windows
~~
  

Re: SNMP scanner?

[Iosif Fettich]

On 07/30/2016 11:36 PM, Jon Brinkmann wrote:

 Does 'nmap -sX ' fit the bill, e.g.
 'nmap -sX 192.168.1.1-255'?


Only one the one network (192.168.1.0/25 in your  example).

I want EVERYTHING on the network


IPv6 inclusive...?

That will be hard, I'm afraid.

Iosif Fettich

Re: SNMP scanner?

[Andrew C Aitchison]

On Sun, 31 Jul 2016, ToddAndMargo wrote:


2016-08-01 8:23 GMT+03:00 ToddAndMargo :
  On 07/31/2016 10:15 PM, Jon Brinkmann wrote:
'nmap -sX 192.168.1.1-255 10.1-255.1-255.1-255 ...'?


  That is still scanning IP's over a range.  :'(



On 07/31/2016 10:42 PM, Eero Volotinen wrote:

Eh. Try scanning network: 192.168.1.0/25

Eero

That is still IP address dependent.  If there was two or three networks
on the same interface, it  would only scan the network.


A broadcast ping
ping -b 255.255.255.255
might get you some useful information, but 
I think you are looking for a "sniffer" rather than a "scanner".

Since you don't know what addresses you are interested in,
you can't sacan them. You need to listen/sniff for traffic
perhaps encouraging it first, which is what the btroadcast does.

The interface will need to be in "promiscuous" mode,
the right tool will do that for you provided you are root.

Re: SNMP scanner?

[Eero Volotinen]

You can list any number networks on commanline for example: 192.168.1.0/24
192.168.2.0/24

Of course you need connectivity to network via local network interface or
via default gateway.

--
Eero

2016-08-01 9:43 GMT+03:00 ToddAndMargo :

> 2016-08-01 8:23 GMT+03:00 ToddAndMargo :
>
>> On 07/31/2016 10:15 PM, Jon Brinkmann wrote:
>>
>>> 'nmap -sX 192.168.1.1-255 10.1-255.1-255.1-255 ...'?
>>>
>>>
>> That is still scanning IP's over a range.  :'(
>>
>
>
> On 07/31/2016 10:42 PM, Eero Volotinen wrote:
>
>
> Eh. Try scanning network: 192.168.1.0/25
>
> Eero
>
> That is still IP address dependent.  If there was two or three networks
> on the same interface, it  would only scan the network.
>
> --
> ~~
> Computers are like air conditioners.
> They malfunction when you open windows
> ~~
>
>

Re: SNMP scanner?

[ToddAndMargo]

  
  

  
2016-08-01 8:23 GMT+03:00 ToddAndMargo
  :
  On
07/31/2016 10:15 PM, Jon Brinkmann wrote:

  'nmap -sX 192.168.1.1-255 10.1-255.1-255.1-255 ...'?
  


That is still scanning IP's over a range.  :'(
  


  
  
  On 07/31/2016 10:42 PM, Eero Volotinen wrote:


  


Eh. Try scanning network: 192.168.1.0/25 



Eero
  
  
  

That is still IP address dependent.  If there was two or three
networks
on the same interface, it  would only scan the network.
-- 
~~
Computers are like air conditioners.
They malfunction when you open windows
~~
  

Re: SNMP scanner?

[Eero Volotinen]

Eh. Try scanning network: 192.168.1.0/25

Eero

2016-08-01 8:23 GMT+03:00 ToddAndMargo :

> On 07/31/2016 10:15 PM, Jon Brinkmann wrote:
>
>> 'nmap -sX 192.168.1.1-255 10.1-255.1-255.1-255 ...'?
>>
>>
> That is still scanning IP's over a range.  :'(
>

Re: SNMP scanner?

[ToddAndMargo]

On 07/31/2016 10:15 PM, Jon Brinkmann wrote:

'nmap -sX 192.168.1.1-255 10.1-255.1-255.1-255 ...'?



That is still scanning IP's over a range.  :'(

Re: SNMP scanner?

[ToddAndMargo]

On 07/30/2016 11:36 PM, Jon Brinkmann wrote:

Does 'nmap -sX ' fit the bill, e.g.
'nmap -sX 192.168.1.1-255'?


Only one the one network (192.168.1.0/25 in your  example).

I want EVERYTHING on the network

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[Jon Brinkmann]

Does 'nmap -sX ' fit the bill, e.g.
'nmap -sX 192.168.1.1-255'?

On Sat, Jul 30, 2016 at 06:29:24PM -0700, Bruce Ferrell wrote:
> fing is certainly an interesting tool and useful.  It found a minor misconfig 
> on my network.
>
> it *seems* nmap will do what fing does though with:
>
> nmap -sn 
>
> Am I the only one concerned about what appears to be a closed source utility 
> that duplicates well audited utilities on their network that comes from 
> outside the US (whois
> fingbox.com tells me that)?
>
> The fact that is cross platform is sort of nice, but my spidey sense is still 
> tingling. Probably nothing, but...
>
>
>
> On 07/30/2016 06:37 AM, P. Larry Nelson wrote:
> > I use fing.  Wonderful tool!
> >
> > https://www.fingbox.com/download
> >
> > https://www.fingbox.com/help?c=command-line_tool=network_discovery
> >
> > - Larry
> >
> >
> > ToddAndMargo wrote on 7/29/16 8:06 PM:
> >> On 07/29/2016 05:21 PM, Eero Volotinen wrote:
> >>>
> >>> Openvas, nmap and so on
> >>>
> >>>
> >>> 30.7.2016 2.15 ap. "ToddAndMargo"  >>> > kirjoitti:
> >>>
> >>> Can anyone recommend an SNMP scanner?
> >>>
> >>
> >>
> >> Hi Eero,
> >>
> >> I am trying to figure out how to do a "network discovery" with
> >> snmp and nmap.  I haven't figured it out yet.  Have you done
> >> this before?
> >>
> >> Openvas  looks very promising.  Wish it wasn't set up
> >> as a virtual machine.  Makes it a bit interesting to install
> >> on a flash drive.  I do know how to convert ova's to
> >> qemu-kvm, but still ...
> >>
> >> Thank you for helping me with this!
> >> -T
> >>
> >> --
> >> ~~
> >> Computers are like air conditioners.
> >> They malfunction when you open windows
> >> ~~
> >>
> >
> >

Re: SNMP scanner?

[Bruce Ferrell]

fing is certainly an interesting tool and useful.  It found a minor misconfig 
on my network.

it *seems* nmap will do what fing does though with:

nmap -sn 

Am I the only one concerned about what appears to be a closed source utility 
that duplicates well audited utilities on their network that comes from outside 
the US (whois
fingbox.com tells me that)?

The fact that is cross platform is sort of nice, but my spidey sense is still 
tingling. Probably nothing, but...



On 07/30/2016 06:37 AM, P. Larry Nelson wrote:
> I use fing.  Wonderful tool!
>
> https://www.fingbox.com/download
>
> https://www.fingbox.com/help?c=command-line_tool=network_discovery
>
> - Larry
>
>
> ToddAndMargo wrote on 7/29/16 8:06 PM:
>> On 07/29/2016 05:21 PM, Eero Volotinen wrote:
>>>
>>> Openvas, nmap and so on
>>>
>>>
>>> 30.7.2016 2.15 ap. "ToddAndMargo" >> > kirjoitti:
>>>
>>> Can anyone recommend an SNMP scanner?
>>>
>>
>>
>> Hi Eero,
>>
>> I am trying to figure out how to do a "network discovery" with
>> snmp and nmap.  I haven't figured it out yet.  Have you done
>> this before?
>>
>> Openvas  looks very promising.  Wish it wasn't set up
>> as a virtual machine.  Makes it a bit interesting to install
>> on a flash drive.  I do know how to convert ova's to
>> qemu-kvm, but still ...
>>
>> Thank you for helping me with this!
>> -T
>>
>> -- 
>> ~~
>> Computers are like air conditioners.
>> They malfunction when you open windows
>> ~~
>>
>
>

Re: SNMP scanner?

[ToddAndMargo]

On 07/30/2016 03:31 PM, P. Larry Nelson wrote:


Same interface - different networks?  I'm afraid that's a new one on me.
Can't answer that one.



Hi Larry,

The last time I had such an issue was at a customer site where his
network was just a mess. Certain machines would only talk to certain other
machines and nobody got along together. I plugged in my FC23 direct install
stick and ran Auto Scan. The issue showed up like a sore thumb. He had
changed Internet provider and had not removed the old router from
the network. Both were in parallel with his DSL modem. He had two DHCP 
servers

on different networks (192.168.254.0/24 and 192.168.1.0/24). All the devices
showed with Autoscan with their IP addresses. Autoscan is very, very useful
in such situations.

But AutoScan is abandoned and no longer works in Fedora 24 (did in 23)
and since what goes on it Fedora, unlike Vegas, eventually winds up
in RHEL, it is unknown how much longer that will be the case. And it
starts to become an issue when you bear in mind that the "double edged"
sword of RHEL is before a real deal killer with SL 7.2 unable
to consistently recognize hard drives on C236 chipsets using RSTe
(FC24 does though) making EL 7.2 USELESS on a new server. (That nasty
bug cost me about 1000 U$D to correct.)

I reported it over on:
https://bugzilla.redhat.com/show_bug.cgi?id=1353423

But, I ramble ...  (1000 U$D !AHH )


How can it be on a network and not have an IP address?
If that's doable, then again, a new one me.
Can't answer that either.



Printers that default to fixed IP's that haven't had IP's
assigned to them yet, etc..  Power hits can be fun!

Thank you for the help!
-T

Re: SNMP scanner?

[P. Larry Nelson]

ToddAndMargo wrote on 7/30/16 5:33 PM:

On 07/30/2016 03:06 PM, ToddAndMargo wrote:

How is fing at finding things on the same interface that
have different networks?


I found a note in my references that fing only works on
its own network.  Rats!

But that was version 2.

What did you do to get yours to install?


On my SL5.5 system, 'rpm -ivh overlook-fing-2.2.rpm'

It just did it - no complaints.

- Larry


--
P. Larry Nelson (217-244-9855) | IT Administrator
457 Loomis Lab | High Energy Physics Group
1110 W. Green St., Urbana, IL  | Physics Dept., Univ. of Ill.
MailTo: lnel...@illinois.edu   | http://hep.physics.illinois.edu/home/lnelson/
--
 "Information without accountability is just noise."  - P.L. Nelson

Re: SNMP scanner?

[ToddAndMargo]

On Sat, Jul 30, 2016 at 03:06:48PM -0700, ToddAndMargo wrote:

ToddAndMargo wrote on 7/29/16 8:06 PM:

On 07/29/2016 05:21 PM, Eero Volotinen wrote:

Openvas, nmap and so on


30.7.2016 2.15 ap. "ToddAndMargo" > kirjoitti:

Can anyone recommend an SNMP scanner?



Hi Eero,

I am trying to figure out how to do a "network discovery" with
snmp and nmap.  I haven't figured it out yet.  Have you done
this before?

Openvas  looks very promising.  Wish it wasn't set up
as a virtual machine.  Makes it a bit interesting to install
on a flash drive.  I do know how to convert ova's to
qemu-kvm, but still ...

Thank you for helping me with this!
-T

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~





On 07/30/2016 06:37 AM, P. Larry Nelson wrote:

I use fing.  Wonderful tool!

https://www.fingbox.com/download

https://www.fingbox.com/help?c=command-line_tool=network_discovery

- Larry

Hi Larry,

# yum localinstall overlook-fing-3.0.rpm
...
Transaction check error:
   file /usr/bin from install of fing-3.0-1.x86_64 conflicts with file from
package filesystem-3.2-20.el7.x86_64
Poop!

How is fing at finding things on the same interface that
have different networks?

And, how is it for finding things without and IP address?

Thank you for  helping me with this!
-T



On 07/30/2016 03:34 PM, Jon Brinkmann wrote:

I'm not clear on what you mean by "scanner".  Do you want to scan multiple
computers for the SNMP service?  Do you want to scan for available MIBs on
one or more computers?


I am looking to do network discovery.  Basically, everything
on the interface, regardless of what network it belongs to
or if even has an ip assigned.  Like AutoScan Network, only
not abandoned.

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[Jon Brinkmann]

I'm not clear on what you mean by "scanner".  Do you want to scan multiple
computers for the SNMP service?  Do you want to scan for available MIBs on
one or more computers?

On Sat, Jul 30, 2016 at 03:06:48PM -0700, ToddAndMargo wrote:
> >
> >ToddAndMargo wrote on 7/29/16 8:06 PM:
> >>On 07/29/2016 05:21 PM, Eero Volotinen wrote:
> >>>
> >>>Openvas, nmap and so on
> >>>
> >>>
> >>>30.7.2016 2.15 ap. "ToddAndMargo"  >>>> kirjoitti:
> >>>
> >>>Can anyone recommend an SNMP scanner?
> >>>
> >>
> >>
> >>Hi Eero,
> >>
> >>I am trying to figure out how to do a "network discovery" with
> >>snmp and nmap.  I haven't figured it out yet.  Have you done
> >>this before?
> >>
> >>Openvas  looks very promising.  Wish it wasn't set up
> >>as a virtual machine.  Makes it a bit interesting to install
> >>on a flash drive.  I do know how to convert ova's to
> >>qemu-kvm, but still ...
> >>
> >>Thank you for helping me with this!
> >>-T
> >>
> >>--
> >>~~
> >>Computers are like air conditioners.
> >>They malfunction when you open windows
> >>~~
> >>
> >
> >
>
>
> On 07/30/2016 06:37 AM, P. Larry Nelson wrote:
> >I use fing.  Wonderful tool!
> >
> >https://www.fingbox.com/download
> >
> >https://www.fingbox.com/help?c=command-line_tool=network_discovery
> >
> >- Larry
>
> Hi Larry,
>
> # yum localinstall overlook-fing-3.0.rpm
> ...
> Transaction check error:
>   file /usr/bin from install of fing-3.0-1.x86_64 conflicts with file from
> package filesystem-3.2-20.el7.x86_64
> Poop!
>
> How is fing at finding things on the same interface that
> have different networks?
>
> And, how is it for finding things without and IP address?
>
> Thank you for  helping me with this!
> -T
>
>
>
> --
> ~~
> Computers are like air conditioners.
> They malfunction when you open windows
> ~~

Re: SNMP scanner?

[ToddAndMargo]

On 07/30/2016 03:06 PM, ToddAndMargo wrote:

How is fing at finding things on the same interface that
have different networks? 


I found a note in my references that fing only works on
its own network.  Rats!

But that was version 2.

What did you do to get yours to install?

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[P. Larry Nelson]

ToddAndMargo wrote on 7/30/16 5:06 PM:




ToddAndMargo wrote on 7/29/16 8:06 PM:

On 07/29/2016 05:21 PM, Eero Volotinen wrote:


Openvas, nmap and so on


30.7.2016 2.15 ap. "ToddAndMargo" > kirjoitti:

Can anyone recommend an SNMP scanner?




Hi Eero,

I am trying to figure out how to do a "network discovery" with
snmp and nmap.  I haven't figured it out yet.  Have you done
this before?

Openvas  looks very promising.  Wish it wasn't set up
as a virtual machine.  Makes it a bit interesting to install
on a flash drive.  I do know how to convert ova's to
qemu-kvm, but still ...

Thank you for helping me with this!
-T

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~







On 07/30/2016 06:37 AM, P. Larry Nelson wrote:

I use fing.  Wonderful tool!

https://www.fingbox.com/download

https://www.fingbox.com/help?c=command-line_tool=network_discovery

- Larry


Hi Larry,

# yum localinstall overlook-fing-3.0.rpm
...
Transaction check error:
  file /usr/bin from install of fing-3.0-1.x86_64 conflicts with file from
package filesystem-3.2-20.el7.x86_64
Poop!


My fing is fing-2.2 running on an SL5.5 box which has nics connecting to
all my nets (public and NAT'ed).  Installed it years ago.

I see that fingbox.com has a .tgz file download for linux - maybe playing
with the source will work.


How is fing at finding things on the same interface that
have different networks?


Same interface - different networks?  I'm afraid that's a new one on me.
Can't answer that one.


And, how is it for finding things without and IP address?


How can it be on a network and not have an IP address?
If that's doable, then again, a new one me.
Can't answer that either.

I keep things as exceedingly simple as possible.


Thank you for  helping me with this!
-T


No prob.
- Larry








--
P. Larry Nelson (217-244-9855) | IT Administrator
457 Loomis Lab | High Energy Physics Group
1110 W. Green St., Urbana, IL  | Physics Dept., Univ. of Ill.
MailTo: lnel...@illinois.edu   | http://hep.physics.illinois.edu/home/lnelson/
--
 "Information without accountability is just noise."  - P.L. Nelson

Re: SNMP scanner?

[ToddAndMargo]

ToddAndMargo wrote on 7/29/16 8:06 PM:

On 07/29/2016 05:21 PM, Eero Volotinen wrote:


Openvas, nmap and so on


30.7.2016 2.15 ap. "ToddAndMargo" > kirjoitti:

Can anyone recommend an SNMP scanner?




Hi Eero,

I am trying to figure out how to do a "network discovery" with
snmp and nmap.  I haven't figured it out yet.  Have you done
this before?

Openvas  looks very promising.  Wish it wasn't set up
as a virtual machine.  Makes it a bit interesting to install
on a flash drive.  I do know how to convert ova's to
qemu-kvm, but still ...

Thank you for helping me with this!
-T

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~







On 07/30/2016 06:37 AM, P. Larry Nelson wrote:

I use fing.  Wonderful tool!

https://www.fingbox.com/download

https://www.fingbox.com/help?c=command-line_tool=network_discovery

- Larry


Hi Larry,

# yum localinstall overlook-fing-3.0.rpm
...
Transaction check error:
  file /usr/bin from install of fing-3.0-1.x86_64 conflicts with file 
from package filesystem-3.2-20.el7.x86_64

Poop!

How is fing at finding things on the same interface that
have different networks?

And, how is it for finding things without and IP address?

Thank you for  helping me with this!
-T



--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[P. Larry Nelson]

I use fing.  Wonderful tool!

https://www.fingbox.com/download

https://www.fingbox.com/help?c=command-line_tool=network_discovery

- Larry


ToddAndMargo wrote on 7/29/16 8:06 PM:

On 07/29/2016 05:21 PM, Eero Volotinen wrote:


Openvas, nmap and so on


30.7.2016 2.15 ap. "ToddAndMargo" > kirjoitti:

Can anyone recommend an SNMP scanner?




Hi Eero,

I am trying to figure out how to do a "network discovery" with
snmp and nmap.  I haven't figured it out yet.  Have you done
this before?

Openvas  looks very promising.  Wish it wasn't set up
as a virtual machine.  Makes it a bit interesting to install
on a flash drive.  I do know how to convert ova's to
qemu-kvm, but still ...

Thank you for helping me with this!
-T

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~




--
P. Larry Nelson (217-244-9855) | IT Administrator
457 Loomis Lab | High Energy Physics Group
1110 W. Green St., Urbana, IL  | Physics Dept., Univ. of Ill.
MailTo: lnel...@illinois.edu   | http://hep.physics.illinois.edu/home/lnelson/
--
 "Information without accountability is just noise."  - P.L. Nelson

Re: SNMP scanner?

[ToddAndMargo]

  
  
On 07/29/2016 06:16 PM, Bruce Ferrell
  wrote:


  you might want to have a look at netdisco:

http://search.cpan.org/~oliver/App-Netdisco-2.033006/lib/App/Netdisco.pm





It is written in Perl too.  Interesting!  I wonder if it can scan
without being told
a "network" (192.160.222.0/24)?

Thank you!

-T


-- 
~~
Computers are like air conditioners.
They malfunction when you open windows
~~
  

Re: SNMP scanner?

[ToddAndMargo]

On 07/29/2016 06:52 PM, ToddAndMargo wrote:


It is written in Perl too.  Interesting!  I wonder if it can scan 
without being told

a "network" (192.160.222.0/24)?

Thank you!

-T



Oops, wrong reply

--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[ToddAndMargo]

On 07/29/2016 06:17 PM, ONeal, Miles wrote:
I don't recall the details but I thought this was covered in the map 
man page. I'm on a phone or I'd check right now.


-Miles


I was going a google search.  Couldn't make heads from tails.

Re: SNMP scanner?

[ToddAndMargo]

  
  


  
On Jul 29, 2016, at 20:06, ToddAndMargo 
wrote:

  
  

  On 07/29/2016 05:21 PM, Eero
Volotinen wrote:
  
  
Openvas, nmap and so on

  30.7.2016 2.15 ap. "ToddAndMargo"

kirjoitti:

  Can anyone recommend an SNMP scanner?

  

  
  
  
  Hi Eero,
  
  I am trying to figure out how to do a "network discovery" with
  snmp and nmap.  I haven't figured it out yet.  Have you done
  this before?
  
  Openvas  looks very promising.  Wish it wasn't set up
  as a virtual machine.  Makes it a bit interesting to install
  on a flash drive.  I do know how to convert ova's to
  qemu-kvm, but still ...
  
  Thank you for helping me with this!
  -T  
  

  


On 07/29/2016 06:17 PM, ONeal, Miles
  wrote:


  I don't recall the details but I thought this was covered in
the map man page. I'm on a phone or I'd check right now.

-Miles 


It is written in Perl too.  Interesting!  I wonder if it can scan
without being told
a "network" (192.160.222.0/24)?

Thank you!

-T


-- 
~~
Computers are like air conditioners.
They malfunction when you open windows
~~
  

Re: SNMP scanner?

[ONeal, Miles]

I don't recall the details but I thought this was covered in the map man page. 
I'm on a phone or I'd check right now.

-Miles

On Jul 29, 2016, at 20:06, ToddAndMargo 
> wrote:

On 07/29/2016 05:21 PM, Eero Volotinen wrote:

Openvas, nmap and so on

30.7.2016 2.15 ap. "ToddAndMargo" 
> kirjoitti:
Can anyone recommend an SNMP scanner?


Hi Eero,

I am trying to figure out how to do a "network discovery" with
snmp and nmap.  I haven't figured it out yet.  Have you done
this before?

Openvas  looks very promising.  Wish it wasn't set up
as a virtual machine.  Makes it a bit interesting to install
on a flash drive.  I do know how to convert ova's to
qemu-kvm, but still ...

Thank you for helping me with this!
-T


--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~

Re: SNMP scanner?

[Bruce Ferrell]

you might want to have a look at netdisco:

http://search.cpan.org/~oliver/App-Netdisco-2.033006/lib/App/Netdisco.pm



On 07/29/2016 06:06 PM, ToddAndMargo wrote:
> On 07/29/2016 05:21 PM, Eero Volotinen wrote:
>>
>> Openvas, nmap and so on
>>
>>
>> 30.7.2016 2.15 ap. "ToddAndMargo" > > kirjoitti:
>>
>> Can anyone recommend an SNMP scanner?
>>
>
>
> Hi Eero,
>
> I am trying to figure out how to do a "network discovery" with
> snmp and nmap.  I haven't figured it out yet.  Have you done
> this before?
>
> Openvas  looks very promising.  Wish it wasn't set up
> as a virtual machine.  Makes it a bit interesting to install
> on a flash drive.  I do know how to convert ova's to
> qemu-kvm, but still ...
>
> Thank you for helping me with this!
> -T 
>
> -- 
> ~~
> Computers are like air conditioners.
> They malfunction when you open windows
> ~~

Re: SNMP scanner?

[ToddAndMargo]

  
  
On 07/29/2016 05:21 PM, Eero Volotinen
  wrote:


  Openvas, nmap and so on
  
30.7.2016 2.15 ap. "ToddAndMargo" 
  kirjoitti:
  Can anyone
recommend an SNMP scanner?
  

  



Hi Eero,

I am trying to figure out how to do a "network discovery" with
snmp and nmap.  I haven't figured it out yet.  Have you done
this before?

Openvas  looks very promising.  Wish it wasn't set up
as a virtual machine.  Makes it a bit interesting to install
on a flash drive.  I do know how to convert ova's to
qemu-kvm, but still ...

Thank you for helping me with this!
-T 


-- 
~~
Computers are like air conditioners.
They malfunction when you open windows
~~
  

Re: SNMP scanner?

[Eero Volotinen]

Openvas, nmap and so on

30.7.2016 2.15 ap. "ToddAndMargo"  kirjoitti:

> Can anyone recommend an SNMP scanner?
>