Results 1 to 6 of 6
Hi, I take care of a small network, about 130 systems behind a NAT box. This is one of 2 networks at this school. It is of constant concern about ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 06-09-2009 #1
machine on my broadcast ip
I take care of a small network, about 130 systems behind a NAT box. This is one
of 2 networks at this school. It is of constant concern about interference from the other
2 of my main feeds go through their network. I am "not allowed" access or control of these feeds.
For a little while I have had strange effects in the network and then while doing a full nmap, I
discover a system on my broadcast IP. ( x.y.z.255 ) The OS is not identified. It says :
nmap -sS -O x.y.z.255
Starting nmap 3.81 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-06-09 16:39 EDT
Host x.y.z.255 seems to be a subnet broadcast address (returned 10 extra pings). Still scanning it due to ping response from its own IP.
Interesting ports on x.y.z.255:
(The 1660 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
443/tcp open https
MAC Address: 00:14:BF:5F:A9:29 (Unknown)
No exact OS matches for host (If you know what OS is running on it, see Nmap Fingerprint Submitter 2.0).
Nmap finished: 1 IP address (1 host up) scanned in 25.401 seconds
I can't telnet or connect by browser because " Network is unreachable "
Is there any methods or tests to find out more about this machine?
- 06-10-2009 #2
- 06-10-2009 #3
- Join Date
- Nov 2007
If you want to change your local system so that this is "just another node IP", then change your subnet mask.
Problem IP = 192.168.156.255
Change your local NIC to:
192.168.156.0/23 (Subnet mask changes from 255.255.255.0 to 255.255.254.0)
Now 192.168.156.255 is not a broadcast address and you can telnet/SSH to it.
* If there are machines on another VLAN using 192.168.157.X addresses, you will not be able to reach them. Just change the NIC info back to the original to correct the routing table once done.
- 06-10-2009 #4
- 06-10-2009 #5
- Join Date
- Nov 2007
- 06-10-2009 #6
I can't ping it though nmap says it is.
I am at home atm, I was having one of my buddies run the same
test, just change the subnet from x.x.240.0 to x.x.224.0. He
has not told me what happened yet.
I ran a check online and the mac belongs to linksys. I only have
one managed switch, 2 APs and possibly a few linksys nics out
ahhhm the game is afoot, to hunt and string up a spy...