Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Scan a network ?

Status
Not open for further replies.
Alboy

Alboy

Technical User
Nov 19, 2002
23
CA
Hi.
We have a network with 120 workstations. I would like to scan all of these workstations to find wich gateway and DNS they used. It suppose to be all the same (coming from DHCP)but i think some wise guys change their default gateway to bypass our Winroute (internet filter). Is there a tool i can use for this ?
Thank's !
[thumbsup]
 
Sort by date Sort by votes
Hi,
You might think about setting up a proxyserver. Then you could deny all traffic on your firewall that wants to access the internet and does not come from the proxy server. This way your users won't be able to do what you described...
bye,
busche
 
Upvote 0 Downvote
Write a small VB Script file that you can use as a logon script.

Get the info from the registry with the machine name and write back to a text file.
 
Upvote 0 Downvote

Hello,

i got nearly the same problem: for security reasons I want to be sure there is no other computer acting as gateway in my network.

A simple script won't be sufficient for my purpose, because the computers in the net have different operating systems.

Is there another possibilty, perhaps by analyzing the traffic for gateway typical packets, to find out?

 
Upvote 0 Downvote
A script will be fine.

Use the script to read the registry entry for the OS on the PC and then gotot the required subsection of the script and read the other registry entries - for XP and windows 2000 most of the entries you want to read from are the same, they will probably be different on NT4 or windows 95, 98 machine.

Use a main then subs

eg:-

Main()
Dim ReadRegistryOS, RegRead, RegWrite

add code for the reading of the OS

if (regentry OS = "whatever")
then windows2k
If (regentry OS = "whatever")
then windowsxp

windows2k()
add code for reading the registry entries
end sub()

windowsxp
add code for reading the registry entries
end sub()

Write info to file with machine name, ip address, MAC address, logon time, username.......all of this information can be gotten from the registry.
 
Upvote 0 Downvote
Finding out what gateway a workstation is using by scanning the network is very difficult at best.

It is possible to pull the routing table from a device such as a workstation if it is running SNMP. If it is not running SNMP, there is not an easy way to get this information, without accessing the devices itself.

You could monitor the network for RIP, RIP2, and other routing protocols. If you saw devices other than your known router sending these, you have a rogue router on the network.

In a switched environment, if someone wanted to run a rogue gateway and made sure that any routing broadcasts were turned off, they would be darn near impossible to find.

If you suspected someone of using a rogue gateway and could capture their traffic, you could look for packets going to an off subnet IP address, with a destination MAC address other than your router. This would require using a SPAN, Mirror, or Monitor port on the switch.

mpennac
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
646
Zebad
Zebad
robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
579
robocat
robocat
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
687
sbcsu
sbcsu
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
563
Vedant Gonnade
Vedant Gonnade
Vitor Fernandes-Neto
  • Locked
  • Question
Ldap authentication in classic asp, retrieving givenname, displayname etc
Replies
0
Views
690
Vitor Fernandes-Neto
Vitor Fernandes-Neto

Part and Inventory Search

Sponsor

Back
Top