Discover IP/MAC address w/ Crossover?

TeeJayHoward

TeeJayHoward

Limpness Supreme
Joined
Feb 8, 2005
Messages
12,268
I've got an old machine with no monitor/kb/mouse port on it. It has a net management port. I'd like to discover what the IP address of that port is so that I can connect to, and start using the machine. I've got a Windows XP laptop with a crossover cable plugged in to that port right now, trying to figure it out. Right now, I'm just doing an nmap scan across the entire 10.0.0.0 network. Needless to say, it's going to take a while... Anyone got a better option?
 
Yeah, run wireshark on the one XP machine while you apply power and boot the headless device... Watch to see if the headless device sends out DHCP requests. The DHCP request will have the MAC address of the device requesting an address.

If you do have to resort to nmap... Use -T5 to set the timing really short and speed up your scan, also -sn for ping only.... But, how do you know the host is in the 10.0.0.0/8 network?
 
Get it's MAC address and then manually add an ARP entry to whatever IP you want. Access the device with that IP and change it to whatever you would like.
 
/usr/home said:
Get it's MAC address and then manually add an ARP entry to whatever IP you want. Access the device with that IP and change it to whatever you would like.
Click to expand...

would that actually work?

that's interesting.... the machine wouldn't reject the packets sent to something not it's IP?

hmm i guess it's all layer 2 from there on out... that's interesting, never thought of doing that
 
j-sta said:
wireshark might be more beneficial?
Click to expand...

+1 easiest way to put wireshark on the laptop. Assuming it has a static IP you should see it. If its configured for DHCP it will eventually default to some standard IP when no DHCP is available. At the end you should pretty easily see some network chatter going on.

I had to do this not too long ago when a customer claimed one of our headless servers was down. Went on site and it was definitly powered on. Customer couldnt reach it and it wasnt resolving for ping by hostname (red flag right there). Nobody knew the IP of the machine so I connected via a laptop and ran wireshark. Got the IP, accessed its web interface, and told the customer to fix their DNS. Oh customers.....
 
goodcooper said:
would that actually work?

that's interesting.... the machine wouldn't reject the packets sent to something not it's IP?

hmm i guess it's all layer 2 from there on out... that's interesting, never thought of doing that
Click to expand...

It should as long as they are on the same subnet/layer 2 network. Everything is really sent to MAC addresses in a layer 2 domain, not IP.
 
jpochedl said:
But, how do you know the host is in the 10.0.0.0/8 network?
Click to expand...
I don't... I was just really, really hoping. I let nmap run all night, and it still hasn't found anything, so it looks like it's wireshark time. Thanks, all.
 
Well, damn. The server's not pushing anything out the NET MGT interface at all.
 
Does the device have a serial interface? You may be able to manage and perform some low level config through that...

Have you cracked open the case? what type of system board is in the machine? Have you tried looking up the board online to see if there's any documentation?
 
You must log in or register to reply here.
Back
Top