Does TCP/IP finder software exist?

K

kevineugenius

[H]ard|Gawd
Joined
Dec 9, 2006
Messages
1,415
I know this could be solved by me not being a moron and actually writing stuff down, but it's too late for that. This problem has plagued me on multiple occasions and I'd love an easy fix that doesn't require me to do any work.

Is there a program that can scan my network and tell me the IP addresses of all the devices? Currently I can't log into my wireless AP because I can't figure out what it's address is... supposed to be ~.1.100 but that didn't seem to do the trick for me.
 
Spiceworks? Might be a little heavy... I've seen a tool way back when that was really lightweight but I honestly don't remember it.
 
kevineugenius said:
Ok so maybe I'm a noob... but a cautious noob. What will this do?
Click to expand...

Its a ping of the broadcast address. If you're behind a router, and the OP was, the devices inside your network will respond. On OS X you see something like this:

adam@macpro:~$ ping 255.255.255.255
PING 255.255.255.255 (255.255.255.255): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.112 ms
64 bytes from 172.28.1.2: icmp_seq=0 ttl=255 time=0.734 ms (DUP!)
64 bytes from 172.28.1.3: icmp_seq=0 ttl=255 time=0.969 ms (DUP!)
64 bytes from 172.28.1.1: icmp_seq=0 ttl=255 time=9.705 ms (DUP!)

172.28.1.1 being my router
172.28.1.2 being my switch
172.28.1.3 being my access point

Some devices won't respond, such as those running software firewalls. However, this gets the basic job done in about 2 seconds.
 
Yea thats quicker, but the SoftPerfect Network Scanner is much more useful. It pulls up the MAC address, OS version, host name, workgroup/domain name, logged-on user and even the shares on the specific machine. Not to mention its pretty damn cool.
 
Hmm.. Interesting. Didn't hit all the nodes, even machines not running firewalls got missed. Weird.
 
Pinging the broadcast address isn't a bad idea, but it is by no means a guarantee of success. Per RFC 1122, end systems are under no obligation to reply to a ping on the broadcast address.

Here is what I would do:

Sniff traffic on the wire for ARP requests from unknown end systems.

Also, use your knowledge of the network to your advantage. How are things laid out? How do you typically number your routers when subnetting? I.E. do you give them an address like 10.0.0.1, or 10.0.0.255? Are you using any sort of virtual gateway protocols like HSRP, VRRP, or GLBP? In which case, you might use a logical address of .2 or .3 for the interface, and .1 for the virtual gateway. Knowing how you guys number devices, and subnet your network, will answer far more questions than any of these tools will, imo.
 
Can it get any more informative then this?

Untitled-43.png


Although it does say my Mac's are running NT...:rolleyes:
 
couldn't you just log into your router? your WAP is getting an ip from it right?
 
Access points are usually transparent and they don't automatically ask the DHCP server for an IP.
 
You must log in or register to reply here.
Back
Top