detect IP address of a non-accessible machine

I have one old special-purpose device which is running Linux(kernel 2.0). While it supports monitor, I don't have compatible keyboard for this device. It has IP address configured, but I have no idea what it is. There is no documentation and I can't nmap 0.0.0.0/0

If I connect my laptop to Ethernet port of the device and execute "tcpdump -ni eth0" I can wait for hours and nothing appears. I guess it just doesn't send anything out. Is there a way to detect IP address in such situation? I mean is there a certain type of packet which will trigger a reply from this device?

Find more posts tagged with

Comments

pogue

I used to have to do an arp from a Windows lappie to find out the IP address of old HP JetDirect network cards in Laserjet printers.. I think the same should work in this situation if the box will respond correctly to arps.

I found this command in another forum, don't know if it is formatted correctly, but you can give it a try:

arp -na

The other forum says this should respond back with all the MAC/IP combinations on the local network segment, so if you connect to this box with a crossover cable, that should be helpful. Let me know how it goes...

Russ

pogue

Also, others have mentioned this option:

set up a tcpdump with "ether host aa:bb:cc:dd:ee:ff" option

The overall thought process is: Use a tool that will ping the MAC broadcast address on the local LAN segment. Then do an arp -a (or similar) to see what MAC addresses have responded.. Then do a rarp command that will resolve the IP from the MAC in question.

Russ

malcybood

Do you have physical access to the server? (assuming you do as you've identified it had a monitor)

If so and assuming it's a physical server

1. trace the network cable back to the switch port it's connected to
2. Connect to that switch and run show mac address-table interface g1/0/7 (or whatever port you identified)
3. Go to the layer 3 switch or router on the network and check the arp table with show ip arp | include aaaa.bbbb.cccc where a, b and c would obviously be replaced by the mac address

Voila!