Server Administration
  Home arrow Server Administration arrow Page 3 - IP Network Scanning
SERVER ADMINISTRATION

IP Network Scanning
By: O'Reilly Media
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: stars stars stars stars stars / 0
    2008-05-22

    Table of Contents:
  • IP Network Scanning
  • ICMP Probing Tools
  • Identifying Subnet Network and Broadcast Addresses
  • Gleaning Internal IP Addresses
    		•

    		 
     

    SEARCH CODEWALKERS

    TOOLS YOU CAN USE

    advertisement

    IP Network Scanning - Identifying Subnet Network and Broadcast Addresses
    (Page 3 of 4 )

    Nmap identifies subnet network and broadcast addresses by counting the number of ICMP echo replies for each IP address during an ICMP ping sweep. Such addresses respond with multiple replies, providing insight into the target network and its segmentation. In Example 4-3 we use Nmap to enumerate subnet network and broadcast addresses in use for a given network (154.14.224.0/26).

    Example 4-3. Enumerating subnet network and broadcast addresses with Nmap

    $ nmap -sP 154.14.224.0/26

    Starting Nmap 4.10 ( http://www.insecure.org/nmap/ ) at 2007-04-01 20:39 UTC
    Host 154.14.224.16 seems to be a subnet broadcast address (returned 1 extra pings). Host pipex-gw.abc.co.uk (154.14.224.17) appears to be up.
    Host mail.abc.co.uk (154.14.224.18) appears to be up.
    Host 154.14.224.25 appears to be up.
    Host intranet.abc.co.uk (154.14.224.26) appears to be up.
    Host 154.14.224.27 appears to be up.
    Host 154.14.224.30 appears to be up.
    Host 154.14.224.31 seems to be a subnet broadcast address (returned 1 extra pings). Host 154.14.224.32 seems to be a subnet broadcast address (returned 1 extra pings). Host pipex-gw.smallco.net (154.14.224.33) appears to be up.
    Host mail.smallco.net (154.14.224.34) appears to be up.
    Host 154.14.224.35 seems to be a subnet broadcast address (returned 1 extra pings). Host 154.14.224.40 seems to be a subnet broadcast address (returned 1 extra pings). Host pipex-gw.example.org (154.14.224.41) appears to be up.
    Host gatekeeper.example.org (154.14.224.42) appears to be up.
    Host 154.14.224.43 appears to be up.
    Host 154.14.224.47 seems to be a subnet broadcast address (returned 1 extra pings).

    This scan has identified six subnets within the154.14.224.0/26network, as follows:

    • An unused or filtered block from154.14.224.0to154.14.224.15(14 usable addresses)
    • Theabc.co.ukblock from154.14.224.16to154.14.224.31(14 usable addresses) 
    • Thesmallco.netblock from154.14.224.32to154.14.224.35(2 usable addresses) 
    • An unused or filtered block from154.14.224.36to154.14.224.39(2 usable addresses) 
    • Theexample.orgblock from154.14.224.40to154.14.224.47(6 usable addresses) 
    • An unused or filtered block from154.14.224.48to154.14.224.63(14 usable addresses)

    Useful details about subnet network and broadcast addresses and CIDR slash notation can be found at http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing. An online IP calculator is also available at http://jodies.de/ipcalc.

    Next: Gleaning Internal IP Addresses >>
     

    More Server Administration Articles
    More By O'Reilly Media

    blog comments powered by Disqus

    SERVER ADMINISTRATION ARTICLES

    - Server Responses to Client Communication
    - Authentication in Client/Server Communication
    - Client/Server Communication
    - Understanding Awk in the UNIX Shell
    - Stream Editor in the UNIX Shell
    - Processes in the UNIX Shell
    - Migrating from Windows to Wine
    - Wine: Not Another Emulator
    - Preventive Measures to Block SSH Attacks
    - Monitoring Temperatures with Cacti
    - Cacti: RRDTool-based Graphing Solution
    - Network Magic 5.0 Review
    - Netfilter and Iptables Overview
    - Installing and Configuring Squid
    - Clickfree PC Backup Systems Compared
    Find More Server Administration Articles


    © 2003-2012 by Developer Shed. All rights reserved. DS Cluster 10 - Follow our Sitemap