Basic Unix Tricks Series - #1 Find Devices on Network

in #linux5 years ago (edited)

Basic Unix Tricks Series

This post is one in a series which outlines basic usage, tricks, and my workflow for using bash terminal.

I hope to combine each of these posts into free PDF once complete. This post will include parts 0 and 1. Currently my plan for topics is as follows:

0. Use man
1. Finding devices on your local network
2. View all open ports of a device
3. tmux workflow
4. Useful .bashrc configs
5. Ranger for file exploration
6. Text art programs
7. Chain commands with &&, ||, and brackets
8. Useful keyboard shortcuts in bash terminal
9. Show most intensive process (CPU and memory)
10. Show use of network [bmon, slurm, tcptrack, nethogs]

man & notes on operating system

I'll mention many programs throughout this book. For most of them I'll only go
into about 5-10% of their usage at best. If you want to explore these programs
deeper it's important you learn the man command which can be found on almost
all linux operating systems.

man is short for manual. It is used by running the command and passing in the
name of another linux commandline program. For example if we wanted to get more
information on the command ls we would run the following:

man ls

This returns a description of the program and how to use it:

NAME
ls - list directory contents

SYNOPSIS
ls [OPTION]... [FILE]...

DESCRIPTION
List information about the FILEs (the current directory by default).
Sort entries alphabetically if none of -cftuvSUX nor --sort is speci‐
fied.

I encourage you to make regular use of man as you explore the linux operating
system, as if it can often save you the time of doing lengthy internet searches.

Additional resources I have found useful in exploring linux terminal include:

unix.stackexchange.com

Finding devices on your local network

Often when on a local network you'll want to see what devices are on your local
network, including the device IP addresses. This comes in handy in serveral
situations including but not limited to:

  • You want to get the IP address of your router
  • You're arrived at a hotel and want to check the network for bugs or hidden
    devices, like a rogue raspberry pi which could have been left behind.
  • You want to see the IP addresses of other computers on the network to see
    if they have any insercurities.
  • General curiousity about what devices are on the network.

The easiest method is to install a program called arp-scan. Arp-scan is a
program which sends arp packets to all devices on the network and displays
responses which are recieved.

On Ubuntu/Debian based systems you should be able to install it with:

sudo apt-get install arp-scan

Once installed use the --localnet option to view all devices on your local
network, the command requires root permission:

sudo arp-scan --localnetwork

The program will return a list of devices including the IP address, unique mac
address, and if possible the manufacturer of the device.

As I write this from my hotel room I can see the local Cisco router, which not
suprisingly can be logged into using the default username and password of the
device.

In addition I can sometimes see my Android phone which is also connected to the
network. For the android device seeing it depends on if a response was recieved
upon sending an arp-packet, which often doesn't happen when in sleep mode.

It can be useful to note the unique mac address of a device. For example if you
want to later see if a person is at another location. Say I'm at a friend's
house I might record the mac address of his laptop and phone. Then later
when at a large building on a single network, for example a library. I could
scan the network to see, if his device is connected, thus knowing if he is at
said location.

Finding devices on your local network, method #2

While I find arp-scan gives the most complete information for found devices, as
it returns IP, MAC address, and manufacturer, there are situations where devices
will not be included in the scan. If for example a device is present on the
network but hasn't been assigned an IP address.

For a more complete list use this second method. It will require installing nmap
, short "network-mapper". Again on Ubuntu/Debian you should be able to install
it with:

sudo apt-get install nmap

Once installed you'll want to use option -sn, which stands for no port scan. In
older version of nmap the option -sP may be used instead of -sn. This option is
often known as a "ping sweep". The full command is as follows:

sudo nmap -sn 192.168.1.0/24

Coin Marketplace

STEEM 0.35
TRX 0.12
JST 0.040
BTC 71288.26
ETH 3580.30
USDT 1.00
SBD 4.77