I wanted to know if we could find out what type of switch our machine is directly connected to ..
For instance if I am connected to a Cisco,Brocade,foundry and Force10 switch .
Is it possible to write a perl script to find out the management address of the switch [without logging in]
Is it possible to write a perl script to find out the switch vendor and model number ...
Thanks for your suggestions.
EDIT: Wanted to add that I am directly connected to the switch .. I can disable the firewall on my machine ...
nmap is what you want. If that doesn't do it, the answer is probably "no". If you need the IP address of the switch, run traceroute/tracert to see what the next hop is.
There is no guaranteed way of being able to achieve this. It depends very much on how your switch has been configured and how open your network admins have made it.
If everything is completely open then the best way of finding out the type of switch is to use snmp. The net-snmp library for perl (see docs here) is a good place to start.
But that assumes that the management interface is exposed to your box.
There is no guarantee that it will be.
If it is then nmap (as suggested by others) may work. At least it might tell you if the management interface is accessible at which point you can use snmp to tell you the rest.
Traceroute might yield some more information, but only if the address used for it's routing is the same as the management address. (and assuming that your "switch" is really a "router". If not then this won't yield any useful information.)
ping might yield some information about the manufacturer, but only if it hasn't been configured to proxy-arp.
On Cisco switchs if CDP is activated you should be able to see CDP traffic on your wire which will indicate switch model, name and switch port you are connected to.
Don't know for other brands.
Not really. In the modern world of firewalled, packet-modifying, NATed subnetworks, you really can't do anything reliably to inspect a network from a client machine.
That said, trying nmap on your router might tell you something interesting. Or it might not. The results are entirely up to the admins of your network.
follow the wire
You can ping it to get its Ethernet address, and then look it up in one of the vendor code lists.
Related
I have a project on WinCC professional where Two PLCs (S7-300) are connected to a PC station via Ethernet, one is master and the other one is a Standby.
when a switchover happens, the WinCC must change the ip address so it reads from the standby PLC.
So, How an automatic IP address change could be implemented in WinCC Prof.?
consider changing the IP after an internal HMI tag is activated by user.
thank you
Sorry, not supported out of the box..
But, you can probably use the fine manual from WinCC 7.5(WinCC V7.5 WinCC: Configurations and Communication), page 418, chapter 6.11.5.4 Software Redundancy, no link i know, but its not allowed...
Google keyword "A5E45519419-AA" and somewhere on "siemens.com"
Creation of the needed tags and scripts, simple engineering.
Good luck!
A possible solution: (Not nice but maybe helpful in your case) is to use the prefix mechanism. Each HMI variable can be defined with a prefix (usually for dynamic screens when multiple object need to be referenced like a motor). Unfortunately, there is no option (script function) to switch a PLC connection during runtime in any kind of WinCC based SCADAs or HMIs.
Problem Statement
When one looks at listening ports on ones machine and notices a port such as TCP 5985 listening but with an owning process ID of 4 (SYSTEM/kernel), outside of googling the port number, it appears difficult at best to try and track down the true program (binary) that's really behind the request for the listening port. In such an example with port 5985, I know it is WinRM, as I enabled that manually and saw the change. While I can google and assume that what may come back makes sense, that doesn't mean I truly know what's actually asking for it to listen on this port and I must assume that, next time, Google may not provide a definitive answer (I plan for the worst). To recreate this, one can go to PowerShell (elevated) and type Enable-PSRemoting. This will start the listener on 5985 by default and listen from owning PID 4.
Why I Care
In order to set up a workstation firewall policy at a large company, I'm running a large-scale project to look across thousands of machines for listening ports and aggregating results centrally in our log management tool (with heavy filtering/documentation for what I already know - so only looking for what's left). For each port, I interrogate the owning PID for who signed it, path/name, service name, file details (description, product name, etc.). However, with PID 4 that is, of course, not available, since it's the kernel itself. I really need to know more about the true program to make a more informed decision on initially blocking it during the testing phase or not. Either way, it must be understood and documented as to what it is and its reason for listening at all.
Question
How then does one trace back the port to the actual service that requested it? Of critical importance is to be able to trace this back programmatically via PowerShell (5.1 or 7.0 GA) or some other command-line tool in a script - it can't be GUI. I'm not a real developer, but I am pretty decent with PowerShell - until someone gives me a one-liner that makes me shake my head on how obvious this should have been to me.
Already Tried
Get-NetTCPConnection -State Listen -LocalPort 5985 | Select-Object *
Tcpvcon/TCPView
ProcessExplorer (GUI anyway, wouldn't help me)
ProcessHacker (GUI anyway, wouldn't help me)
For those that made it this far and especially to those who answer - THANK YOU!
Having a similar issue and wanting to know the actual process using a port as PID 4 - SYSTEM. The following was the only way I could find to show me the originating PID:
netsh http show servicestate view=requestq verbose=no
The only other reliable way I found SMsniff by Nirsoft, this does need a capture driver installed, and therefor would not be helpfull in this context.
Do it have a way to access and add/change/remove the switchport mode option from a port by SNMP ?
I found no any information about it and seems to be not possible...
I'm curently searching a way to autoconfig ports using perl scripts and SNMP.
If anyone have a solution or even another way to do this, I'll be grateful.
Thanks.
What I understand from your post is, that you want to configure the vlans and trunks (or something else?) on multiple switches/routers . If thats true you better look on "VLAN Trunking Protocol". One of the best guides and explanation I found is that one- https://www.youtube.com/watch?v=jHw7OUqcg-g
The best way would probably be to prepare individual configuration and extract it via Console.
Otherwise I am still confuse what you really want to achieve. If they have IP assigned to a vlan/interface you can burst configuration via Telnet with a script. - But that looks like an overkill for this purpose.
I'm fairly new to SNMP/WinSNMP and I'm trying to access what it would take to accept SNMP traffic on ports 161/162 and forward it to another device. I would like to be able to examine messages and possibly modify them before passing them to the device.
Would WinSNMP agent APIs be suitable for it? Are there any examples out there how to accomplish this in C++?
I'd appreciate any pointers.
Thanks.
Sounds like you want to make a Proxy Agent. There are already a great number of such implemented, so in order to avoid reinventing the wheel, do a web search for "windows snmp proxy" and see if you could use one of those products instead.
Writing an iPhone app in which I want to save the user the grief of typing in IP addresses by finding other clients on the local network.
Is this possible?
If so, what is the preferred way of doing this?
Yes, use Bonjour. See NSNetService.
This class is used to advertise information about the service you're running using multicast DNS. Use NSNetServiceBrowser to find published services of the type you're interested in.
The clients need some way to register with the server. Or you can use portknocking. Long time back there was a protocol from Novell SLP. There is a OpenSLP now. Found a interesting link, I hope this helps
http://www.opendoor.com/shareway/slp.html