Table of Contents
Network Discovery with "nmap" and other tools
Using nmap
- Query DNS for IP addresses and hostnames:
nmap -sP 192.168.1.*
- Ping the network to see who is up, report IP addresses, hostnames, MAC addresses and names
nmap -sP 192.168.1.*
- Plain old nmap with no options shows hosts that are up and what services they are running
nmap 192.168.1.*
whowatch
whowatch monitors logins in real time, so you can see all users accessing your system as they come and go
Cheops-ng
Cheops-ng is a GTK-based front end to nmap that draws nice diagrams of your network. You have to run it as root– using sudo doesn't work because it doesn't know how to handle the sudo password. Start it up like this:
# cheops-agent & # cheops-ng
Enter 127.0.0.1 in the dialog box. First it runs an “enqueueing scan” at startup to discover your network hosts, then runs a detailed scan on each host in turn. This can take awhile– this is the command that it runs on each host:
nmap -oX - -n -sT -T Normal -O -sR -I -F -P0 [IP address]
When it is finished it stops itself, leaving behind a nice map of your network. This won't be entirely accurate if you have dumb switches– it won't see them because they are not ping-able, so it will look like the machine you are running the scan from is a switch