Ip Number Range

[newbiewa]

Hi Guys !

I want to know what ip number range is used on my network... just want to confirm whether i'm using the right command?

nmap 192.168.210.0/24[/CODE]

and if you could also explain how it works... btw thanks in advance

Regards,

Ewa

[digip]

You need to know what subnet you're on in order to scan the right one. What OS are you on? If windows, open a cmd prompt and type ipconfig. if on linux, type ifconfig in a console. They should return the connected networks you are on and show your IP address and subnet mask. Thats the network you would then scan with nmap.

[Infiltrator]

Most consumer routers will generally be in the range of

192.168.1.x,[/CODE]

[CODE]192.168.0.x[/CODE]

or

[CODE]10.0.0.x.[/CODE]

But to be certain, just head over to CMD and type ipconfig.

[newbiewa]

Hi Guys...

with ipconfig i got two networks.. one hubbed_network and 2nd switched_netowkr

Hubbed_network

ip address... 169.254.254.155

subnet Mask ... 255.255.0.0

Switched_network:

Dns Suffix is seclab

Ip address ... .. 10.1.10.15

subnet Mask .....255.255.255.0

Default Gateway... 10.1.10.1

so now my question is how to find the range of this network???

i tried

nmap 10.1.10.x
nmap 169.254.254.x
[/CODE]

but it says:

Failed to resolve give hostname/ip: 169.254.254.x. Note that you can't user '/mask' and '[1-4,7,100-]' style ip ranges

0 hosts scanned, 0 ip address (0 hosts up) and explain the range i have provided is not correct

btw i'm using Windows XP

[b]and can i find which ports are open on that range??[/b]

Thanks in advance

Edited September 28, 2012 by newbiewa

[digip]

169.254.x.x is a non routable IP, meaning it couldn't connect to the DHCP server and is an APIPA address, or "Automatic Private IP Addressing". Basically, your OS will assign you an IP in this range, when it can't reach a gateway on that interface.

As for the 10.x.x.x network, you would scan 10.1.10.0/24 or 10.1.10.0/16 or 10.1.10.0/8 but that depends on your subnet mask. if you mask is 255.0.0.0 you use /8 if 255.255.0.0 you use /16 and if its 255.255.255.0 you use /24.

In general, read up on IP class ranges, and subnet masks, and this will help shed some light on what you are trying to understand. In your case, the mask was "255.255.255.0" so you would scan "nmap 10.1.10.0/24" and that will scan all IP's on that subnet, including the router, or gateway located at 10.1.10.1

In a command prompt, type nmap --help for commands. I would start with the documentation on what you want, but if you want to find open ports, try :

nmap -sC -sV -Pn --open --reason 10.1.10.0/24 
[/CODE]

That will scan the entire subnet, and return ports open on devices it finds.

Edited September 28, 2012 by digip

[newbiewa]

Hi Digip!

Thanks for explaination and i'll look for network classes

and it is taking a lot of time to execute

nmap 10.1.10.0/24
[/CODE]

is it normal?

and second the code you provided says Scantype C not supported

[CODE]
nmap -sC -sV -Pn --open --reason 10.1.10.0/24
[/CODE]

Many Thanks for your reply

Sincere Regards,

Ewa

[digip]

What version of nmap are you using that you get the error? Has to by typed like I show here, and commands are case sensitive too.

[newbiewa]

I'm using Zenmap 5.00... is there any way to check version from command line?

Edited September 28, 2012 by newbiewa

[digip]

Even in 5.0 those commands should work, but for sake of argument, update to the latest version, and try again. I'm using 6.0, but those commands should still work in 5.0

[newbiewa]

there is no way to fix it on this one because i'm on a network and i can't download or update a new version, i have no rights... :(

[Infiltrator]

there is no way to fix it on this one because i'm on a network and i can't download or update a new version, i have no rights... :(

yeah, I know that sucks, you could use a Live USB or CD to boot Backtrack off that computer. That way, you don't have to install or update anything on that computer.

[digip]

yeah, I know that sucks, you could use a Live USB or CD to boot Backtrack off that computer. That way, you don't have to install or update anything on that computer.

Thats a good idea too. BackTrack would have the latest version of nmap and even in the live environment, you can do apt-get update and upgrade without touching the host system(just don't run the install icon or process for backtrack while booted off the disc!)

[newbiewa]

Hi guys thanks for the suggestion and i fixed the problem !

just want to know how will i find the servers on the network with nmap?

i know the command is the same

 nmap 10.1.10.0/24 [/CODE]

but what information me indicate a system as a server? the port information?

is it okay to ask it here or shall i start a new post?

Best Regards,

Ewa

Edited October 2, 2012 by newbiewa

[digip]

Using post scans that show the services(and why you should update to 6.0) can help determine what a machine is. Some machines are honeypots, and use what is called honeyports, and fake open ports to send back fake data, when in fact, no real service is on that port, but in general, ports open on a machine, help determine the OS, the software in use, and the version. The one command:

nmap -sC -sV --open --reason x.x.x.x
[/CODE]

will show you open ports, and the banner grab form them for what the service is, and version, where x.x.x.x is the IP address of your target. If that doesn;t work in 5.0, be sure to update to 6.0

[Pwnd2Pwnr]

Nmap terminal is our friend... zenmap is sticky and GUI... get it? Yeah yeah... I'll shut up...