Finding other devices on your LAN?

Started by KeithW, July 09, 2024, 06:19:42 PM

Previous topic - Next topic

KeithW

Greetings,

Does anybody know of an example (code sample) or the pieces required to identify other systems
on your LAN?  At this time I have no interest in going outside of my LAN in any way, just saying.

Desired info would be:
System Name    (myNotebook)
IP Address     (10.0.0.1)

Possibly Device Type  (Computer, NAS, Printer, Scanner or other type of network addressable device)
System Type (if possible)  (Windows, Unix, Linux, MAC)
OS Type/Version (if possible)  (Win7, Win8, Win8.1, Win10, Win11, Server2008... or Linux Distro or Unix Type (BSD, SysV)

The first 2 are requirements, the 2nd set (any/all) would be icing on the cake.

Keith

td

I don't know that there is a sure-fire way to get all the information for all the devices on your LAN. You can get bits and pieces. For example, the Network Extender's wntServerList function will give you a list of Windows boxes on your LAN, and from there you can get information about each box using the wntServiceInf function. You may also be able to get some information using one or more WMI classes. You can find WMI examples in the Tech Database (link near the top of this page) or with a Web search. The ADSI extender can be used to discover Windows boxes.

An alternate approach is to query your LAN router using whatever APIs or services it supports for the task.

Other approaches may produce partial results. One is using .Net classes to get all responding network IP addresses and then query for DNS host names.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

KeithW

Thanx for the ideas, at least I have a point to start at.

The Alternate Approach is probably out as I have a ComCast Router/Modem and I doubt they will share any info on that gear and it's workings as I cannot even log in to it to the best of my knowledge.

The other Windows internals (.Net) are above my pay grade, so hopefully the WB Extenders get me far enough along.  I have been looking at a Network Mapping Tool but do not yet know if I can export a CSV of info as I just loaded it up last night.

Keith

bottomleypotts

I use nmap on a Kali VM and parse the response in Winbatch. It could be done on a windows machine but I have Kali for other cybersec reasons, and nmap is the tool that will give you the data you require and more.

td

I had forgotten about Nmap. Here is a link to documentation:

Nmap reference
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

KeithW

Thanx for the heads-up on NMap
I will check it out !!

Keith

KeithW

For the *most* part NMap does the job...

Its seems to miss some phones connected via WiFi (much of the time, but not always)
Its seems to be reliable for Hosts, NAS and my Samsung Tablet

I have tried a myriad of option combinations and I get what I want plus much, much more. I have tried to eliminate some of the unneeded info BUT have not stumbled on the exact ideal combination of program switches, as of yet. Just means I have to parse thru additional data at this time.

Now trying to setup the database for what I want to do.

Again, a Great Recommendation for sure, thanx !!

Keith

bottomleypotts

Tracking phones is a known exploit to track people/customers. Therefore Android and iPhone have privacy features that are designed to prevent them being discovered. You're not going to get around that!

td

Yet another random and not particularly well-thought-out suggestion that is likely not worth the effort. But since Nmap works, you could scan ports with the WinSock extender. It would be no small effort with no guarantee of success.

Also, Nmap has a fairly sophisticated OS detection algorithm that would be difficult to duplicate.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

KeithW


The only issue with "nmap" is the 5,000 options/switches and their add-this/minus-this effects.
I am getting what I need but would like to eliminate some of what I don't need... that combination still escapes me so I am parsing more data than needed to get at the desired items.

Still, very neat product that I did not know existed....

Keith

td

I use Nmap to check for port leaks on servers and routers but have never thought about using it to create a list of devices with properties on a local area network. The latter is something I use router APIs for which you cannot do.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

bottomleypotts

IMO, in addition to using your router to find devices, you should be network scanning. The use case is a device on the network that is either not configured to use the router or is bypassing your router for its own. In the past I would be the one setting this up for business department operating in stealth mode. You will be surprised about how often this will put something interesting on your radar.

td

Stealth devices are not a particular concern for us for reasons not necessary to express here, but your point is a good one. Our primary concern has more to do with properly configuring servers and the LAN client's ability to exclusively access them using special protocols. That said, surveilling tech bro surveillance-ware on the LAN can be an interesting hobby. A packet sniffer does the job. On the practical side, I used one to quickly identify a failing network device thanks to a questionable increase in some network packets.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

kdmoyers

The mind is everything; What you think, you become.