Previous Table of Contents Next
Automatic for the People
A couple of network discovery tools are available for your use. They
are very useful and usually cost less than $100, making them, in my
opinion, quite a bargain for what they allow you to accomplish. They
work by performing the tasks that you or I would do: running
traceroutes, performing name lookups, opening sockets on a destination
to see whether they're listening, and so on. However, because a
computer has infinite patience doing the most boring and repetitive of
tasks, a network discovery tool is much more complete than you or I
would be!
In particular, these automatic network discovery tools will take a
range of IP addresses and systematically ping and check many common
service ports on each destination. For a large network, this can be
tens of thousands of checks (assuming that it checks twenty or so
services on each destination, and that there are 254 possible host
numbers on a network, and that you have a couple of networks). What's
more, if you leave your automatic discovery tool running overnight,
you'll have lots of answers in the morning without losing a bit of
sleep!
What about proprietary socket numbers for services such as Lotus Notes
or GroupWise? Don't worry about them. Once you identify that a server
is running at a certain IP address, you can do a more thorough port
scan (see Figure 24.4).
[24-04t.jpg]
Figure 24.4 Port scanners such as the Internet Anywhere Toolkit can
discover "listening" ports on a server, out of thousands of
possibilities.
Here's the rule of thumb: Even though it's possible to scan every
single port in the world using these tools, you're probably best off
scanning for a common "server" port, such as telnet (23), SMTP (25),
or NetBIOS (139), on all addresses and then performing a more thorough
scan on a machine once you find one that offers a common service.
SNMP scanners are also pretty good for network discovery. Although
SNMP is a UDP service and therefore can't have a "connection," a
program that "understands" SNMP can send SNMP datagrams to a range of
TCP/IP addresses and report to you which ones respond. Those that do
are likely servers, routers, switches, or "smart" hubs.
You can find these types of tools at the following sites:
o www.tnsoft.com
o www.solarwind.net
o www.tucows.com
o www.shareware.com
For the last two sites, you'll want to look under "Network Tools."
TCP/IP Review
Let's review the salient points of TCP/IP network discovery. You have
"known factors" in your "unknown network," such as functioning
workstations and/or servers that you can physically get to. You can
gather information from these known factors (such as TCP/IP addresses,
name server addresses, router addresses, and server addresses) and
write down a skeleton of your network that you can then flesh out.
Once you have the addresses of routers on your network, you can telnet
to those routers, check out the routing tables, and further discover
more network segments. You can use the next hop as a clue to the next
router and then repeat this process as often as necessary.
TCP/IP network discovery can be a long and drawn out process,
particularly when large numbers of hosts are involved; in this case,
automated discovery tools can really help.
IPX/SPX Discovery
Novell servers announce themselves to the network, so it's usually
pretty easy to identify them. I tend to concentrate on the NLIST
utility from a DOS prompt to show me the name of all NetWare servers
(see Figure 24.5). If you're a NetWare 3.x user, you can use the SLIST
utility instead to identify which servers you have. The NLIST or SLIST
utility will show you the servers' internal IPX addresses-be sure to
write them down.
[24-05t.jpg]
Figure 24.5 You can look for servers on a NetWare network by using
the nlist command. To only list bindery-compatible servers, use the /B
option.
Once you have IPX server names, you can then use the RCONSOLE utility
(assuming that the servers are in an unknown location) to connect to
the servers. As with TCP/IP routers, you'll need to know the password.
______________________________________________________________
If you don't know the RCONSOLE password for your Novell servers,
you can still get in if you have the appropriate permission to read
the SYS:SYSTEM\AUTOEXEC.NCF file. Just look for a line that reads
something like this:
load remote foobar
The last word is the remote password (in this case, "foobar.")
Secure, huh? It's a reasonable bet that if you find one remote
password, it will be valid for each server.
If you can't read the AUTOEXEC.NCF file but you have access to the
console of one of your servers, you can type the following:
LOAD EDIT AUTOEXEC.NCF
You'll then be able to read it from there. (While you use the
console, you're accessing the files as the supervisor.) You can
probably use this password on other servers as well.
______________________________________________________________
Once you get into a remote console, you can type config at the console
prompt, which will show you the IPX network addresses this server is
connected to. Write them down. Remember that each multihomed NetWare
server is a router as well.
When you write down each network address and server name, you should
have a pretty good idea of what the network looks like. Remember,
servers that have a common network number live on the same network: A
server "between" two networks acts as glue to tie everything all
together. Finally, type
display networks
at the console prompt to make sure you've diagramed a router for each
network.
If you have "holes" in the diagram-for example, if you see that you
have network numbers that don't have servers attached to them-there
might be router "filters" that are keeping you from seeing certain
servers or routers. In this case, you might want to check out the
track on console prompt command. It will open up the "route tracking"
screen. It looks really nuts, but once you get a handle on what you're
seeing, it will get easier to use (see Figure 24.6).
[24-06t.jpg]
Figure 24.6 You can track routing requests through the NetWare route
tracking screen.
Basically, two types of entries are shown on the route tracking
screen: the IN entry and the OUT entry. The IN entry is where other
servers and routers tell the server that you're looking at other
networks. The OUT entry is where your server tells others about the
networks it is connected to. We'll concentrate on the IN entry.
Previous Table of Contents Next
Wyszukiwarka
Podobne podstrony:
395 399399 0905 (399)399 404399 06399 Wycena niezakończonych usług budowlanych na koniec rokupraca;i;kariera,kategoria,395więcej podobnych podstron