RE: discovering network layout at layer2

["Aditya [ Aditya Lalit Deshmukh ]" <aditya.deshmukh () online gateway technolabs net>]

> -----Original Message-----
> From: Devrat Mittal [mailto:u02113 () cs unipune ernet in]
> Sent: Sunday, February 08, 2004 5:49 PM
> To: ald2003 () users sourceforge net
> Subject: RE: discovering network layout at layer2
>
>
> On Sun, 8 Feb 2004, Aditya [ Aditya Lalit Deshmukh ] wrote:
> hi aditya,
> well what i mean is apart from sniffing on my external interface to see 
> what are the link layer protocol packets (Cisco DIscovery protocol) etc, 
> I also need to actively determine the exact configuration of the switches 
> - how many & what all hosts connected to my nearest switch & the same 

for this you need :

1. admin / root access on your machine to see all the traffic that is going through the wire 
2. if you are connected using a hub with a ethernet lan card then all you need is to put your network card in promisc 
mode
3. if you are using switches then you have do create a braodcast storm to degrade the switch to act as a hub
4. if you are connected using a modem / isdn card then you need a tcp scanner - there are many ones one the net - this 
will not work for sniffing traffic but you will get a pretty good idea about the hosts around you

-aditya


> about the second & third level switch until out router is reached.
>
> Thats what I am looking at.
> regards
> Devrat Mittal
>
> > hi there as far as i know this sort of things require a 
> permission from some one inchage!
> > thaT said, the best tool for this job would be etherreal - 
> correct me if i am wrong, guys
> > -aditya
> >
> > > -----Original Message-----
> > > From: Dev [mailto:u02113 () cs unipune ernet in]
> > > Sent: Friday, February 06, 2004 9:57 PM
> > > To: pen-test () securityfocus com
> > > Subject: discovering network layout at layer2
> > >
> > >
> > >
> > >
> > > Hello ppl,  I am new to this list. Plz redirect me to another 
> > > list if this is not the appropriate list to post to this query.   
> > > Having read the phrack article "Fun with the spanning tree 
> > > protocol", I was wondering as to how i could use some layer2 
> > > protocols to my advantage to discover the network layout of my 
> > > campus network (at layer 2).  Additionally, all equipment is 
> > > CISCO.  Identification of my nearest switch is easily done by 
> > > sniffing for STP BPDU packets & i did receive the STP hello BPDU 
> > > packets on the user port that our gateway was connected to. This 
> > > kind of packet gives me the following information:  1) How many 
> > > more STP -capable devices are there up to the root bridge (root 
> > > path cost)  2) The bridge & port ID & the root bridge & port ID.  
> > > Can somebody suggest how can i find out my network topology using 
> > > this STP protocol or some other layer2 protocol (CDP?? etc).  
> > > regards, Devrat Mittal u02113 () cs unipune ernet in Department of 
> > > computer Science University of Pune Pune.   
> > > ------------------------------------------------------------------
> > > ---------
> > > ------------------------------------------------------------------
> > > ----------
> >
> >
> > ________________________________________________________________________
> > Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
>
> -- 
> Devrat Mittal
> M.tech 2nd year
> Roll no. 2002301


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------