{"id":526,"date":"2010-04-05T01:06:54","date_gmt":"2010-04-05T06:06:54","guid":{"rendered":"http:\/\/yourLinuxGuy.com\/?p=526"},"modified":"2010-04-04T21:56:07","modified_gmt":"2010-04-05T02:56:07","slug":"fun-with-discovery-of-pc-names-on-a-network","status":"publish","type":"post","link":"https:\/\/yourLinuxGuy.com\/?p=526","title":{"rendered":"PC name discovery on a local network"},"content":{"rendered":"<p>Here&#8217;s a fun one for you.\u00a0 I had a situation recently where the customer had some of his windows PCs properly being populated in his reverse DNS zone (in an AD-controlled environment), and some that were not.\u00a0 He asked me to quickly scan the network and figure out which were which (before we started to look into the &#8220;why&#8221; part).\u00a0 <em>Note that for the examples that follow, the customer&#8217;s fictitious network address is good ol&#8217; 192.168.1.0\/24, and the commands were tested with the default packages on Opensuse 11.1 and 11.2.<\/em><\/p>\n<p>So first, I had to find those that <em>are<\/em> in the reverse DNS zone&#8230; So I simply made sure my PC points to the correct internal DNS server that is authoritative for the forward and reverse DNS zones, and then ran a sweep with some filtering:<\/p>\n<pre><code>nmap -sP 192.168.1.0\/24 |grep -v \"^Host 192\\.168\\.1\"|grep \"^Host\"|awk '{ print $2,$3 }'<\/code><\/pre>\n<p>Then, in order to get the local netbios name for Windows computers that <em>aren&#8217;t<\/em> in reverse dns , I came up with this:<\/p>\n<pre><code>for item in `nmap -sP 192.168.1.0\/24|awk '{ print $2 }'|grep \"^192\\.168\\.1\"`;do thingy=`nmblookup -A $item|grep \"<20>\"|awk '{ print $1 }'`;echo $thingy \\($item\\);done<\/code><\/pre>\n<p>&#8230;of course, non-Windows computers and devices without netbios will simply not respond to the query.  It might be neater to dump the output to file and such if you wish, but I didn&#8217;t bother. I&#8217;m just keeping it simple here.<\/p>\n<p>Note that the above does not take in to account if there are <em>multiple<\/em> reverse DNS entries per PC. If you need to know that, you could do something like this:<\/p>\n<pre><code>for item in `nmap -sP 192.168.1.0\/24 |grep -v \"^Host 192\\.168\\.1\" |grep \"^Host\"|awk '{ print $3 }'|sed s\/[\\(,\\)]\/\/g`; do nslookup $item|grep \"name =\";echo \"\";done<\/code><\/pre>\n<p>&#8230;and so on.\u00a0 You could really go crazy with this sort of thing&#8230;  It can also be handy if you are in an environment where you don&#8217;t have access to the DNS\/DHCP administration tools, but want to see what&#8217;s out there&#8230;.  Now wasn&#8217;t that fun?<\/p>\n<p>\ud83d\ude09<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Here&#8217;s a fun one for you.\u00a0 I had a situation recently where the customer had some of his windows PCs properly being populated in his reverse DNS zone (in an AD-controlled environment), and some that were not.\u00a0 He asked me&#8230;<br \/><a class=\"read-more-button\" href=\"https:\/\/yourLinuxGuy.com\/?p=526\">Read more<\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[12,47,92,91],"tags":[],"class_list":["post-526","post","type-post","status-publish","format-standard","hentry","category-advanced","category-linuxgeneral","category-nmap","category-nmblookup"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/pnjn1-8u","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts\/526","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=526"}],"version-history":[{"count":19,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts\/526\/revisions"}],"predecessor-version":[{"id":545,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=\/wp\/v2\/posts\/526\/revisions\/545"}],"wp:attachment":[{"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=526"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yourLinuxGuy.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}