Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Locating an IP address via SMB



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 20 January 2004 16:13, Joshua Pollak wrote:
> 
> Is there a way to configure samba to log the IP's, workgroups, and 
> computer names of computers it notices on the network? Can I setup a 
> traffic monitor to do these things? I'm a bit of a novice in the 
> advanced network administration world, so any pointers would be 
> helpful.
> 


tcpdump -v -s 255 -i eth0 port not telnet | grep netbios-ns

... shows those boxes on the network announcing themselves and/or asking the 
NetBIOS name server stuff.  Sample data:

16:37:39.513035 IP (tos 0x0, ttl 128, id 6408, offset 0, flags [none], length: 
78) 172.24.220.119.netbios-ns > 172.24.223.255.netbios-ns: [udp sum ok] NBT 
UDP PACKET(137): QUERY; REQUEST; BROADCAST
16:37:40.263360 IP (tos 0x0, ttl 128, id 6920, offset 0, flags [none], length: 
78) 172.24.220.119.netbios-ns > 172.24.223.255.netbios-ns: [udp sum ok] NBT 
UDP PACKET(137): QUERY; REQUEST; BROADCAST
16:37:41.013788 IP (tos 0x0, ttl 128, id 9992, offset 0, flags [none], length: 
78) 172.24.220.119.netbios-ns > 172.24.223.255.netbios-ns: [udp sum ok] NBT 
UDP PACKET(137): QUERY; REQUEST; BROADCAST
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFADaAJsIjNiQTGkXARAlgHAKC7UMGN0/Gizudl2dudIZGrh8wK7wCgtVsu
BblAUhjvasIRvPooMSmUBlc=
=aekx
-----END PGP SIGNATURE-----





BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org