Author Topic: Investigate a connected IP I see on the console ?  (Read 4112 times)

rawa

  • Zen Warrior
  • ***
  • Posts: 105
  • Karma: +1/-2
    • View Profile
Investigate a connected IP I see on the console ?
« on: April 29, 2014, 06:04:18 pm »
Investigate a connected IP I see on the console ?

Hello

Generally it happens that today with so many devices that can connect to a Server , PC, Netbook, Notebook , IP Cameras , IP Phones , AP, etc network.
Interesting to manage traffic load , and the use that give you practice is at least visualize that I assign IPs Zentyal (modulo infrastructure and gateway) and I see there are two important data such as IP Address and Mac , but when meeting in the tab that says " IP Assigned " on Zentyal console , and I see a suspect , I have a quick tool that can see more information of IP and Mac addrees see ( I chop and additional data on the device) ; anyone has an idea of ​​how Zentyal from console or terminal I get more data from a network device connected to my infraestructua Zentyal ?

Also in this practice of control, it would be interesting to see in a flap next even , those IPs that are connected permanently and you do not assign IP in DHCP at least to see if they are online , many of these one can see them to see another option is if you monitor the network traffic, but not a quick and easy as having the IPs assigned console.

Well, hear ideas and if there is no way to do this I add the suggestion to the team of Zentyal as a useful tool , perhaps not any more these things seem to be useful.

regards

Ruben Arno

ESPAÑOL

Investigar una IP que veo conectada en la consola ?

Hola

En general me pasa que hoy por hoy con tantos dispositivos que se pueden conectar a una red Servidores, PC , Netbook,Notebook, Camaras IP, Telefonos IP, AP, etc.
Una practica interesante para administrar la carga de trafico, como el uso que le dan es al menos visualizar las IPs que asigno el Zentyal ( modulo infraestructura y gateway) y ahi veo dos datos importantes como son IP y Mac Address, sin embargo cuando encuentro en la solapa que dice "IPs Asignadas" en la consola de Zentyal, y veo una sospechosa, no tengo una herramienta rapida que pueda ver mas datos de la IP y Mac Addrees que veo ( picar y obtener datos adicionales del dispositivo); alguno tiene una idea de como desde la consola Zentyal o terminal puedo obtener mas datos de un dispositivo de la red conectado a mi infraestructua de Zentyal ?

Tambien en esta practica de control, seria interesante poder ver en una solapa al lado aunque sea, aquellas IPs que estan conectadas en forma fija y que no le asigno IP en DHCP al menos para saber si estan online, muchas de estas uno las puede ver al ver en otra opcion que es monitorear la red si tiene trafico, pero no una consola facil y rapida como la que tienen las IPs asignadas.

Bueno, escucho ideas y si no existe forma de hacer esto sumo la sugerencia al equipo de Zentyal como una herramienta util, no se tal vez a alguno mas estas cosas le parecen que pueden ser utiles.

Saludos

Ruben Arno

mtrogg

  • Zen Apprentice
  • *
  • Posts: 12
  • Karma: +4/-0
    • View Profile
Re: Investigate a connected IP I see on the console ?
« Reply #1 on: July 28, 2014, 06:42:47 pm »
Well, I suppose you could just grep -Hirn mac or ip through dhcp lease table (located in /var/lib/dhcp) for linenumber so you goto more information around that linenumber recieved via dhcp communication.

then you could scan with tools as nmap..

you could use logging facility of http proxy module to see whats accessed to learn what type host it is. say what type of updates it tends to download (antivirus, os)

use first three octets of mac address to find vendors of nic (network cards) so you can narrow probable application (cellphone vendor/mobile, repeater/router recognition etc)

you could use tricks lets say via dns so reroute update processes into investigative sessions. you the gateway, you define the route to update domains looked for by client you want to see in the eye. as long as the client eats it its more of work but i guess its a way of more in depth investigating whats hapening witha client on your network.

you could also try with IDS module especially if you attach multiple network cards to that network the client you want to investigate is on.
« Last Edit: July 28, 2014, 06:48:09 pm by mtrogg »

sara736

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Re: Investigate a connected IP I see on the console ?
« Reply #2 on: October 11, 2014, 12:21:23 pm »
I was unable to add VirtualHosts or ServerAliases. I will research about those errors and test more before reporting it.
You can easily check out our high quality  free braindumps  which prepares you well for the real   IBM  .