Red October network discovery.
Red October network discovery.
Red October network discovery.
The basis of this Instructable is based on the dialog from the movie known as "The hunt for the Red October". In the movie, one of the key lines was I think "One ping and one ping only". Pinging was a method by submarines equipped with sonar to detect what is around them. Normally you would use more than one ping. In computing we also have a program called ping that does the same thing to detect what is around on the network. There is a very powerful program called nmap that usually automates such activity. That usually takes some kind of administrative power to implement. We will be using a simple linux batch file (could be easily converted to other platforms) to detect what is around us. This tool is perfect for the home network. It will probably not detect what is known as "Man in the middle devices", but at least you can see the visible systems on your network.

The code. (do not forget "chmod +x

for i in {1..254}
ping 192.168.1.$i -c1 -w1 -v | grep "icmp_seq=1"

If you have a different network, you will have to change "192.168.1" accordingly, here again we are using the good old "grep" command to extract data from the return stream. it is our sonar scope. Let's run it.
$ ./
64 bytes from icmp_seq=1 ttl=64 time=0.852 ms
64 bytes from icmp_seq=1 ttl=64 time=0.260 ms
64 bytes from icmp_seq=1 ttl=255 time=2.75 ms
64 bytes from icmp_seq=1 ttl=64 time=0.261 ms
64 bytes from icmp_seq=1 ttl=64 time=0.064 ms
$ _

Ok, there are five devices on the network. We need to know more. There is what is call DNS or "Domain naming service". We can use the router to tell us what the ipaddresses maybe are known as.

The code. (Do not forget to make it executable with chmod +x")

for i in {1..254}
nslookup 192.168.1.$i |grep name

Let's run it.

$ ./ name = my_network. name = router2. name = router3. name = oesrvr1. name = oesrvr104

Notice the ipadresses are backwards, but we still can identify units on the network from the list. Two devices show up known as router2 and router3. I know that they are not connected to the network at this time. They just have reserved names in the router. The unit at 99 is actually the print server and should have a reserved name in the router, I can take care of that later. 109 is a temp machine I have set up to test some software. Now if there were any unknown numbers, they would need to be investigated immediately. Again you would need to change "192.168.1." to work with your network.

Ever wondered what your computer is looking for. Some of these could be avenues for hackers to get into your machine. Actually this is looking for processes bound to specific ports.

Use the following command to see wbat particular port your computer is listening for:

Terminal - Look for the process bound to a certain port:
sudo netstat -tulpn | grep :8080
Look for the process bound to a certain port Or you could look at all the ports to 1000; $ cat
for i in {1..1000}
echo $i
sudo netstat -tulpn | grep :$i
done $./ > portscan.file
You might see something like this in the file. ... ... 628
tcp 0 0* LISTEN 2217/cupsd
tcp6 0 0 ::1:631 :::* LISTEN 2217/cupsd
633 ... ...
Cups is the unix print mechanism, Something you might want to keep and eye on once in a while or less.
Red October network discovery. bytes

Tag cloud

make build easy simple arduino making homemade solar laser printed portable cheap mini building custom cardboard wooden create super lego turn paracord chocolate your paper light intel