Find the answer to your Linux question:
Results 1 to 6 of 6
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    machine on my broadcast ip


    I take care of a small network, about 130 systems behind a NAT box. This is one
    of 2 networks at this school. It is of constant concern about interference from the other
    network individual.
    2 of my main feeds go through their network. I am "not allowed" access or control of these feeds.

    For a little while I have had strange effects in the network and then while doing a full nmap, I
    discover a system on my broadcast IP. ( x.y.z.255 ) The OS is not identified. It says :

    nmap -sS -O x.y.z.255

    Starting nmap 3.81 ( Nmap - Free Security Scanner For Network Exploration & Security Audits. ) at 2009-06-09 16:39 EDT
    Host x.y.z.255 seems to be a subnet broadcast address (returned 10 extra pings). Still scanning it due to ping response from its own IP.
    Interesting ports on x.y.z.255:
    (The 1660 ports scanned but not shown below are in state: closed)
    23/tcp open telnet
    80/tcp open http
    443/tcp open https
    MAC Address: 00:14:BF:5F:A9:29 (Unknown)
    No exact OS matches for host (If you know what OS is running on it, see Nmap Fingerprint Submitter 2.0).
    TCP/IP fingerprint:

    Nmap finished: 1 IP address (1 host up) scanned in 25.401 seconds

    I can't telnet or connect by browser because " Network is unreachable "

    Is there any methods or tests to find out more about this machine?



  2. #2
    Linux Engineer b2bwild's Avatar
    Join Date
    Jul 2008
    Behind You!
    If you can manually ping the broadcast address, then the network should not be unreachable.

    Well thats not possible with 32bit IPv4 addressing.
    X_X Very strange.

  3. #3
    If you want to change your local system so that this is "just another node IP", then change your subnet mask.

    Existing config:

    Problem IP =

    Change your local NIC to: (Subnet mask changes from to

    Now is not a broadcast address and you can telnet/SSH to it.

    * If there are machines on another VLAN using 192.168.157.X addresses, you will not be able to reach them. Just change the NIC info back to the original to correct the routing table once done.

  4. $spacer_open
  5. #4
    Linux Engineer b2bwild's Avatar
    Join Date
    Jul 2008
    Behind You!
    Well, thats a solution..
    only thing is, you need to have redefine the routing between two subnets.

  6. #5
    Quote Originally Posted by b2bwild View Post
    Well, thats a solution..
    only thing is, you need to have redefine the routing between two subnets.
    No - no network changes are made on any network devices. This is strictly done on the local machine. The local machine will still send packets not destined for the local VLAN ( to its gateway. As stated, *if* there are actually machines on a network, your local machine will not be able to reach them while you have the subnet mask set "incorrectly."

  7. #6
    I can't ping it though nmap says it is.

    I am at home atm, I was having one of my buddies run the same
    test, just change the subnet from x.x.240.0 to x.x.224.0. He
    has not told me what happened yet.

    I ran a check online and the mac belongs to linksys. I only have
    one managed switch, 2 APs and possibly a few linksys nics out

    ahhhm the game is afoot, to hunt and string up a spy...

    Thanks all


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts