Penetration Testing mailing list archives
Re: finding layer 2 network devices
From: Volker Tanger <vtlists () wyae de>
Date: Tue, 5 Jul 2005 00:13:00 +0200
Greetings! On Mon, 4 Jul 2005 12:19:56 +0200 hannibal blog <hannibalsec () gmail com> wrote:
I'm trying to detect the level 2 switchers on my network. Do somebody knows a tool that can help ?
A few ideas: 1.) Follow the cables. Low-tech, manual labour involved, probably takes longer than other methods, but very accurate. 2.) Set all your (manageable) switches to port security, max. 1 MAC address per port (except the known spanning tree and up-/downlink ports of course). All ports shutting down have a repeater (hub/switch) attached to it. 3.) fping -ega YOURNETWORK which will give you the roundtrip time for each system found. Each meter of cable is worth approx. 5ns (=0.005ms), each switch/hub roughly 0.04 ms. Remember to double times for the complete roundtrip ==> 0.08ms for each switch, 0.01ms for each meter cable. So a test network with results like these will tell you: x.y.z.1 (0.01 ms) - the local PC x.y.z.2 (0.11 ms) - one hub/switch (0.08) plus 3 meter in cables x.y.z.3 (0.40 ms) - one switch (0.08) plus 32m cables or two switches (0.16) plus 24m cables or three switches (0.24) plus 16m cables or four switches (0.32) plus 8m cables Which now is the real thing can be deducted from topological knowledge (office area is only one floor, size approx. 10x5m), thus cables total probably less than 20m) or correllation (if a number of IPs have 40ms then they probably share the same distance and switch). Bye Volker -- Volker Tanger http://www.wyae.de/volker.tanger/ -------------------------------------------------- vtlists () wyae de PGP Fingerprint 378A 7DA7 4F20 C2F3 5BCC 8340 7424 6122 BB83 B8CB
Current thread:
- finding layer 2 network devices hannibal blog (Jul 04)
- Re: finding layer 2 network devices Henry A (Jul 04)
- Re: finding layer 2 network devices Daniele Bellucci (Jul 05)
- Re: finding layer 2 network devices JG (Jul 05)
- <Possible follow-ups>
- Re: finding layer 2 network devices rob . dijkshoorn (Jul 04)
- Re: finding layer 2 network devices Volker Tanger (Jul 04)
- RE: finding layer 2 network devices Mofeez Kazi (Jul 06)
- Re: finding layer 2 network devices Henry A (Jul 04)