Security Basics mailing list archives
RE: Network discovery
From: Guillaume Lavoix <glavoix () altadis com>
Date: Wed, 4 Feb 2004 11:14:10 +0100
Hi, You can also use HP Openview and select the automatic Discovery, normally, it is not something that is recommended To do, but I can assure you that it works, and that you will get A map with most of your "objects", the only thing is that if you have To many (network devices), your openview map will soon Become a mess. Also HP Openview is not free, so it might be too expensive, for You budget, nevertheless you can use it for a 1 month trial period. See you, Guillaume -----Mensaje original----- De: Byron Sonne [mailto:blsonne () rogers com] Enviado el: martes, 03 de febrero de 2004 0:59 Para: security-basics () securityfocus com Asunto: Re: Network discovery
I would like to ask all of you, if you have every used a network discovery tool? I have a network with more than 5000 PC's and more than 70 sites in the country. I would like to create an analysis about the network nodes, line between them, speed of the lines etc. Would it be possible with a tool to discover the whole internal network, with routers, gateways and all the important datas?
No. You could run a number of utilities/programs which will enumerate alot/most of the devices on your network and provide quite a bit of information. It will help you compose a map, but nothing that you can plop on a computer and run or plug into your network will give you a truly good map unless your network is configured perfectly, uses common hardware, has a fairly vanilla config, etc. Even then, I seriously doubt you'll get a complete picture. I think bad information is worse than no information at all as it can lead you to make false assumptions. Also, consider the case that if *you* can get all the information, perhaps a *cracker* (which is what most people mean when they abuse and misuse the term 'hacker') could too. But I digress... there are a number of gotchas you must be aware of. Some of these gotchas are: (1) devices that only listen; they don't transmit on the network. Not just sniffers. (2) Filtering or Translating proxies of whatever description. (3) NAT (Network Address Translation) (4) Firewalls (5) Custom hardware/software/protocols (6) Encryption (7) Temporary power or network outages (8) Design deficiencies in standard network protocols Some things that can help out alot are: (a) Good documentation (b) Well labelled cabling and devices (c) A sane overall architecture (d) Good, knowledgeable people (e) Good tools. Good starter link: http://www.insecure.org/tools.html (f) Things like Cisco CDP, etc. You and your skills are the most important thing of all, so read and learn as much as possible. Regards, Byron Sonne -- For Good, return Good. For Evil, return Justice. --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- RE: Network discovery, (continued)
- RE: Network discovery Nagy Gergely (Feb 03)
- Re: Network discovery Michael Painter (Feb 04)
- RE: Network discovery Hasnain Atique (Feb 06)
- RE: Network discovery Scot Braunzell (Feb 05)
- RE: Network discovery Nagy Gergely (Feb 03)
- Re: Network discovery Magnus PĂ„hlsson (Feb 05)
- RE: Network discovery Tran, John (Feb 02)
- Re: Network discovery Byron Sonne (Feb 03)
- RE: Network discovery Moody, Chris (Feb 02)
- RE: Network discovery wortos (Feb 03)
- RE: Network discovery Shaun Sturby, MCSE Optrics Engineering (Feb 04)
- RE: Network discovery Guillaume Lavoix (Feb 05)