Get device network name potentially different due to router #28

New Issue

Open

opened 2024-06-14 23:41:16 +02:00 by Benjamin_Loison · 12 comments

Benjamin_Loison commented 2024-06-14 23:41:16 +02:00

Owner

Copy Link

sudo nmap -sP 192.168.1.0/24

Output:

Starting Nmap 7.80 ( https://nmap.org ) at 2024-06-14 23:33 CEST
Nmap scan report for CENSORED-1.home (192.168.1.XXX)
Host is up (0.0060s latency).
MAC Address: XX:XX:XX:XX:XX:XX (Unknown)
Nmap scan report for CENSORED.home (192.168.1.XXX)
...
Host is up.
Nmap done: 256 IP addresses (X hosts up) scanned in 10.73 seconds

Source: the Super User answer 850453

returns as wanted CENSORED-1 but how to only scan current device?

sudo nmap -sP 192.168.1.X

Output:

Starting Nmap 7.80 ( https://nmap.org ) at 2024-06-14 23:40 CEST
Nmap scan report for CENSORED-1.home (192.168.1.X)
Host is up (0.15s latency).
MAC Address: XX:XX:XX:XX:XX:XX (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds

How to avoid what looks like a network request, this information is cached somewhere in Linux, no?

Note that removing the sudo usage removes lines about MAC Addresses.

+31

```bash sudo nmap -sP 192.168.1.0/24 ``` <details> <summary>Output:</summary> ``` Starting Nmap 7.80 ( https://nmap.org ) at 2024-06-14 23:33 CEST Nmap scan report for CENSORED-1.home (192.168.1.XXX) Host is up (0.0060s latency). MAC Address: XX:XX:XX:XX:XX:XX (Unknown) Nmap scan report for CENSORED.home (192.168.1.XXX) ... Host is up. Nmap done: 256 IP addresses (X hosts up) scanned in 10.73 seconds ``` </details> Source: [the Super User answer 850453](https://superuser.com/a/850453) returns as wanted `CENSORED-1` but how to only scan current device? ```bash sudo nmap -sP 192.168.1.X ``` <details> <summary>Output:</summary> ``` Starting Nmap 7.80 ( https://nmap.org ) at 2024-06-14 23:40 CEST Nmap scan report for CENSORED-1.home (192.168.1.X) Host is up (0.15s latency). MAC Address: XX:XX:XX:XX:XX:XX (Unknown) Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds ``` </details> How to avoid what looks like a network request, this information is cached somewhere in Linux, no? Note that removing the `sudo` usage removes lines about `MAC Address`es. +31

Benjamin_Loison commented 2024-06-15 01:14:39 +02:00

Author

Owner

Copy Link

man nmap

Output:

...
       -sn (No port scan)
           This option tells Nmap not to do a port scan after host discovery,
           and only print out the available hosts that responded to the host
           discovery probes. This is often known as a “ping scan”, but you can
           also request that traceroute and NSE host scripts be run. This is
           by default one step more intrusive than the list scan, and can
           often be used for the same purposes. It allows light reconnaissance
           of a target network without attracting much attention. Knowing how
           many hosts are up is more valuable to attackers than the list
           provided by list scan of every single IP and host name.

           Systems administrators often find this option valuable as well. It
           can easily be used to count available machines on a network or
           monitor server availability. This is often called a ping sweep, and
           is more reliable than pinging the broadcast address because many
           hosts do not reply to broadcast queries.

           The default host discovery done with -sn consists of an ICMP echo
           request, TCP SYN to port 443, TCP ACK to port 80, and an ICMP
           timestamp request by default. When executed by an unprivileged
           user, only SYN packets are sent (using a connect call) to ports 80
           and 443 on the target. When a privileged user tries to scan targets
           on a local ethernet network, ARP requests are used unless --send-ip
           was specified. The -sn option can be combined with any of the
           discovery probe types (the -P* options, excluding -Pn) for greater
           flexibility. If any of those probe type and port number options are
           used, the default probes are overridden. When strict firewalls are
           in place between the source host running Nmap and the target
           network, using those advanced techniques is recommended. Otherwise
           hosts could be missed when the firewall drops probes or their
           responses.

           In previous releases of Nmap, -sn was known as -sP.
...

```bash man nmap ``` <details> <summary>Output:</summary> ``` ... -sn (No port scan) This option tells Nmap not to do a port scan after host discovery, and only print out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”, but you can also request that traceroute and NSE host scripts be run. This is by default one step more intrusive than the list scan, and can often be used for the same purposes. It allows light reconnaissance of a target network without attracting much attention. Knowing how many hosts are up is more valuable to attackers than the list provided by list scan of every single IP and host name. Systems administrators often find this option valuable as well. It can easily be used to count available machines on a network or monitor server availability. This is often called a ping sweep, and is more reliable than pinging the broadcast address because many hosts do not reply to broadcast queries. The default host discovery done with -sn consists of an ICMP echo request, TCP SYN to port 443, TCP ACK to port 80, and an ICMP timestamp request by default. When executed by an unprivileged user, only SYN packets are sent (using a connect call) to ports 80 and 443 on the target. When a privileged user tries to scan targets on a local ethernet network, ARP requests are used unless --send-ip was specified. The -sn option can be combined with any of the discovery probe types (the -P* options, excluding -Pn) for greater flexibility. If any of those probe type and port number options are used, the default probes are overridden. When strict firewalls are in place between the source host running Nmap and the target network, using those advanced techniques is recommended. Otherwise hosts could be missed when the firewall drops probes or their responses. In previous releases of Nmap, -sn was known as -sP. ... ``` </details>

Benjamin_Loison commented 2024-06-16 23:35:59 +02:00

Author

Owner

Copy Link

Related to Benjamin_Loison/nmap/issues/2.

Related to [Benjamin_Loison/nmap/issues/2](https://codeberg.org/Benjamin_Loison/nmap/issues/2).

Benjamin_Loison commented 2024-06-17 00:01:11 +02:00

Author

Owner

Copy Link

Being able to directly retrieve IP from MAC address would be nice.

sudo nmap -sP 192.168.1.0/24 | grep 'XX:XX:XX:XX:XX:XX' -B2 | grep -Eo '192.168.1.[0-9]{,3}'

is not direct.

Related to the Security Stack Exchange question 117710.

Being able to directly retrieve IP from MAC address would be nice. ```bash sudo nmap -sP 192.168.1.0/24 | grep 'XX:XX:XX:XX:XX:XX' -B2 | grep -Eo '192.168.1.[0-9]{,3}' ``` is not direct. Related to [the Security Stack Exchange question 117710](https://security.stackexchange.com/q/117710).

Benjamin_Loison commented 2024-06-17 00:16:49 +02:00

Author

Owner

Copy Link

In the context of network issues of Benjamin-Loison/PrismLauncher/issues/2 I get CENSORED-3.home and after a network issue I get CENSORED.home. But do I have changed my internal IPv4/IPv6?

The aim is to avoid fixing and using an IP with https://livebox.

In the context of network issues of [Benjamin-Loison/PrismLauncher/issues/2](https://github.com/Benjamin-Loison/PrismLauncher/issues/2) I get `CENSORED-3.home` and after a network issue I get `CENSORED.home`. But do I have changed my internal IPv4/IPv6? The aim is to avoid fixing and using an IP with https://livebox.

Benjamin_Loison commented 2024-06-22 20:05:51 +02:00

Author

Owner

Copy Link

Related to Benjamin-Loison/termux-app/issues/27.

Related to [Benjamin-Loison/termux-app/issues/27](https://github.com/Benjamin-Loison/termux-app/issues/27).

Benjamin_Loison commented 2024-08-08 11:21:32 +02:00

Author

Owner

Copy Link

nmap -sP 192.168.1.0/24

Output:

Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-08 11:20 CEST
...
Nmap scan report for Fairphone-4-5G (192.168.XXX.XXX)
Host is up (0.038s latency).
...
Nmap done: 256 IP addresses (X hosts up) scanned in 2.91 seconds

On wifi:

-----BEGIN PGP MESSAGE-----

hF4DTQa9Wom5MBgSAQdAPBqNyKB2kD5BJP7wYANLPggKYIRVug7TXsoL6LinAg0w
48JLICCfJ7G2+9XgnEdChKsuCyrxRZ1tRyPf96Gss/e9ZcS/HPjsz15vbQC9ypPk
0koBzaotaea4bWR9MG1IQ+5ENkM6ro6mMBOigWdBOdKBIGJIdTeAXHcY3dRx4zxf
wOwWEwE1xc4SehWsiWEkYGkgs3Mi1KaK3ivfug==
=sCEz
-----END PGP MESSAGE-----

```bash nmap -sP 192.168.1.0/24 ``` <details> <summary>Output:</summary> ``` Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-08-08 11:20 CEST ... Nmap scan report for Fairphone-4-5G (192.168.XXX.XXX) Host is up (0.038s latency). ... Nmap done: 256 IP addresses (X hosts up) scanned in 2.91 seconds ``` </details> <details> <summary>On wifi:</summary> ``` -----BEGIN PGP MESSAGE----- hF4DTQa9Wom5MBgSAQdAPBqNyKB2kD5BJP7wYANLPggKYIRVug7TXsoL6LinAg0w 48JLICCfJ7G2+9XgnEdChKsuCyrxRZ1tRyPf96Gss/e9ZcS/HPjsz15vbQC9ypPk 0koBzaotaea4bWR9MG1IQ+5ENkM6ro6mMBOigWdBOdKBIGJIdTeAXHcY3dRx4zxf wOwWEwE1xc4SehWsiWEkYGkgs3Mi1KaK3ivfug== =sCEz -----END PGP MESSAGE----- ``` </details>

Benjamin_Loison commented 2024-08-09 01:53:14 +02:00

Author

Owner

Copy Link

Related to Benjamin_Loison/virt-manager/issues/{49,43}.

Related to Benjamin_Loison/virt-manager/issues/{[49](https://codeberg.org/Benjamin_Loison/virt-manager/issues/49),[43](https://codeberg.org/Benjamin_Loison/virt-manager/issues/49)}.

Benjamin_Loison commented 2024-08-09 15:21:56 +02:00

Author

Owner

Copy Link

Related to Benjamin_Loison/Debian/issues/55.

Related to [Benjamin_Loison/Debian/issues/55](https://codeberg.org/Benjamin_Loison/Debian/issues/55).

Benjamin_Loison referenced this issue 2024-08-09 16:35:58 +02:00

Make my SSH `alias`es prefer LAN over Internet but with a single command #32

Benjamin_Loison commented 2024-08-20 14:41:03 +02:00

Author

Owner

Copy Link

Sometimes nmap does not return anything while the device connection to the network has not changed.

sudo nmap -p 22 192.168.1.0/24

Source: https://linuxhandbook.com/nmap-scan-ports/#scanning-a-specific-port

does not help for the just mentioned issue.

Sometimes nmap does not return anything while the device connection to the network has not changed. ```bash sudo nmap -p 22 192.168.1.0/24 ``` Source: https://linuxhandbook.com/nmap-scan-ports/#scanning-a-specific-port does not help for the just mentioned issue.

Benjamin_Loison commented 2024-09-05 02:54:29 +02:00

Author

Owner

Copy Link

Related to Benjamin_Loison/openssh/issues/4.

Related to [Benjamin_Loison/openssh/issues/4](https://salsa.debian.org/Benjamin_Loison/openssh/-/issues/4).

Benjamin_Loison commented 2024-09-17 16:50:30 +02:00

Author

Owner

Copy Link

Would be nice to be compatible with FileZilla too.

Would be nice to be compatible with FileZilla too.

Benjamin_Loison commented 2024-09-21 21:54:13 +02:00

Author

Owner

Copy Link

Would help reduce noticing Benjamin_Loison/nmap/issues/1.

Would help reduce noticing [Benjamin_Loison/nmap/issues/1](https://codeberg.org/Benjamin_Loison/nmap/issues/1).

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

No results found.

No results found.

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Benjamin_Loison/linux#28

No description provided.