Security Basics mailing list archives
Re: how to find a static IP
From: Mark <securitylists () uniontown com>
Date: Thu, 16 Jul 2009 10:57:25 -0400
One caveat to this I think, you'd need to be sniffing the target device side of the router for the scan reply, because the target likely has no route to the scanning laptop through the router, the target is going to likely try to arp it's default gateway once it gets a valid scan packet with the right target IP in it, that's what it will need to do to try to reply, that's how you'll know you stumbled onto the target's IP address.
If this logic is wrong I'd love to hear from someone so I know for future reference... I am basing this on my knowledge of how packets are constructed for this puzzle.
-Mark Coleman Mark wrote:
I think the answer might be this: Get a router, one armed is OK.One side of the router will be your scanning laptop. Make up IP addresses, for example make laptop 10.10.10.1 and router 10.10.10.2. Use 10.10.10.2 as your default gateway in the laptop.The second port (or second network on same port if one armed) of the router, make up another address. Say, 20.20.20.1. Add a static arp in the router for 20.20.20.2 to be the MAC address of the target you are trying to identify, then make the default gateway of the router 20.20.20.2 (so your scanning packets will hit your target regardless of what the dest IP is, and the router will construct every packet with the dest MAC of your target machine).I'd think that a long long scan of private networks would eventually reveal the IP of the host.If you know you didn't use a deep CIDR on the mask, you could also just scan (or just ping?) the broadcasts of each network instead of every IP in each network (192.168.1.255, 192.168.2.255, etc etc). Use the above config and then instead of nmap just try pinging 192.168.1.255, 192.168.2.255 etc etc and find what network it's in for starters.If this works let us know, as I am sure we're all curious. -Mark Coleman Robin Wood wrote:2009/7/15 Lord Lunatic <l0rd_lunatic () yahoo com>:Get the mac address (if not via sniff there have to be some stickers with it on it) and make a static arp entry on your client with an free ip adress of your subnet.arp -s 10.128.1.1 00:90:33:ff:dd:11 Then you should be able to reach itThat would get traffic to the box but would the box then drop the traffic higher up the stack as the IP address wouldn't match? If this does work then I'll be putting it in my bag of tricks because it is a really useful idea. RobinAndre -----Original Message-----From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Cisternas Marquez, GonzaloSent: Dienstag, 14. Juli 2009 20:36 To: redhavoc; security-basics () securityfocus com Subject: RE: how to find a static IP Nick:Use a cross cable with a Linux box and send "ping -b 255.255.255.255". "-b" for broadcast.Usually the "Net management port" of SUN servers is 10Mb autosense only. Try to connect with the Serial managemente port (a ligth blue Cisco cable will work). The user could be "admin".Using the sys-unconfig script will not erase the contentes of the RSC/ALOM/Ilom/ELOM/SXCP management port.I Hope this could help. G.C. -----Mensaje original-----De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de redhavocEnviado el: Martes, 14 de Julio de 2009 11:46 Para: security-basics () securityfocus com Asunto: how to find a static IP Hello people,I have inherited a new SUN server, and while running the sys-unconfig command I have sort of messed it up. I know it has an ethernet management port configured with a static IP, but I do not know this IP.My idea was to connect this server and a computer on to a switch, boot a linux and port scan every internet address. Since its a private lan I would not be bothering anyone else. Since there is no dhcp and I want no routing I started the ethernet usingifconfig eth0 1.1.1.1 netmask 0.0.0.0 upThe device started, but when I use nmap to scan IPs it does not know how to route packets.So the question is ... how do I scan every possible address in a private network. Also, is there a better way to find this static IP ?Regards Nick------------------------------------------------------------------------Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital CertificateIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: how to find a static IP, (continued)
- Re: how to find a static IP guiness.stout (Jul 14)
- Re: how to find a static IP Jared Curtis (Jul 14)
- Re: how to find a static IP ghe (Jul 14)
- Re: how to find a static IP infolookup (Jul 15)
- Re: how to find a static IP ghe (Jul 14)
- RE: how to find a static IP Cisternas Marquez, Gonzalo (Jul 14)
- Re: how to find a static IP Morgan Reed (Jul 15)
- RE: how to find a static IP Lord Lunatic (Jul 15)
- RE: how to find a static IP redhavoc (Jul 15)
- Re: how to find a static IP Robin Wood (Jul 15)
- Re: how to find a static IP Mark (Jul 15)
- Re: how to find a static IP Mark (Jul 16)
- Re: how to find a static IP Tim Clewlow (Jul 16)