How can i get ip address from any mac address?
gfire
Clay Calvert
>Do I have to ping all IPs of the whole subnet ?
Unfortunately, this a limitation of TCP/IP version 4.
One option, that you've already mentioned, is to ping the entire
subnet. There are third-party tools (I don't recall any of them now)
that do a 'rapid fire' subnet ping. In other words, they don't wait
for each reply. They blast X number of ICMP echoes and then display
what answers. You can get pretty close to that with pure batch. The
thing is that you are just looking for a MAC address, and seeing
"Reply from y.y.y.y" is not the goal here. You just want to start the
Ping process enough to do an ARP request. Well enough babbling... all
lines indented one space, the last line probably did wrap:
@echo off
::BlastPing
Set Base=10.0.1
For /L %%x in (1,25,226) do call:next %%x
goto:eof
:next
set /a End=%1+25
if %End%'==251' set End=254
start /min cmd /c for /L %%a in (%1,1,%End%) do ping -w 1 -l 1 -n 1
%Base%.%%a
The above took about 12 seconds to run, but you get the DOS prompt
back in about 2 seconds. I was surprised how well it worked on my
cable modem. I got 151 Arp entries. I didn't want to keep testing
because I was afraid the phone would ring, and it would be my ISP.
; )
It may disconcert you the first time you run it because it spawns 10
other minimized DOS prompts. You can take out the "/min" if you want
to see what it is doing. If you want to save a few milliseconds and
processor power, change "%Base%.%%a" to "%Base%.%%a>nul".
Once you get the DOS prompt back you can then have script #2, which
you simply pass the MAC address (or part of it) as the parameter
(Don't type too fast, because you want to wait for all possible
replies <g> ) :
@ARP -a | find "%1"
You could actually combine both into one, but that can be an academic
exercise. ; )
A couple of other options, if you are interested, is that if you think
it is in a particular Domain then you can grab those powered on
workstation names and then do an NbtStat against all of them. (Does
NbtStat work in native mode?)
The other option is that you may not necessarily care what the IP is,
you just want to know where the SOB is plugged in. If you're in a
switched network you can grab the MAC list via SNMPutil out of the
ResKit, and then parse it out. This technique is ugly, but possible.
It works best if you have a core switch.
HTH
Clay Calvert
Replace "W" with "L" in email.
Dean Wells
NATIVE MODE = No downlevel DC's and an awful lot of additional AD functionality.
HTH
Dean
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:q6b8otg6e57q2sdqv...@4ax.com...
Dean Wells
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Dean Wells" <dwe...@msetechnology.com> wrote in message news:Oq$heZELBHA.1400@tkmsftngp07...
Clay Calvert
<dwe...@msetechnology.com> wrote:
>Yes, NBTSTAT does work in Native mode assuming NetBIOS has not been disabled.
>
>NATIVE MODE = No downlevel DC's and an awful lot of additional AD functionality.
>
>HTH
>
>Dean
Thank you, that does help.
I guess there won't be any 'need' for NetBios once a
Domain/Tree/Forest goes into native mode, right?
You've answered my question that NbtStat won't work without NetBios,
but is there a command line tool that does the same? Specifically,
who's logged on, and MAC address? (Does GetMac in the NT ResKit rely
on NetBios?)
Thanks again,
Dean Wells
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:5rtdotsgussuqi4hv...@4ax.com...
On Thu, 23 Aug 2001 22:42:06 -0400, "Dean Wells"
<dwe...@msetechnology.com> wrote:
>Yes, NBTSTAT does work in Native mode assuming NetBIOS has not been disabled.
>
>NATIVE MODE = No downlevel DC's and an awful lot of additional AD functionality.
>
>HTH
>
>Dean
Thank you, that does help.
I guess there won't be any 'need' for NetBios once a
Domain/Tree/Forest goes into native mode, right?
[[DEAN]]
Sadly, that is a very common mis-conception. As I'm sure you're aware, NetBIOS is both a
programmatic interface and a means of creating (to coin an Apple phrase) Network Visible Entities -
i.e - devices that periodically advertise their presence or respond to queries for it. In Windows
2000, it is necessary to maintain the NetBIOS binding to IP (NBT) in order to use certain functions
such as the messenger service or computer-restricted user logons (to name but a few). It is most
certainly on it's way out but it is, nonetheless, a slow process.
[[NAED]]
You've answered my question that NbtStat won't work without NetBios,
but is there a command line tool that does the same? Specifically,
who's logged on, and MAC address? (Does GetMac in the NT ResKit rely
on NetBios?)
[[DEAN]]
Yes, GETMAC does reply on NetBIOS in order to enumerate the transports of the remote machine. There
are a variety of ways to determine the remote machines MAC address (PPPoe discovery performs just
such a function)... if it's on the same subnet, an ARP will do nicely ... a simple telnet session
... a remotely scheduled locally executed query on the foreign machine and many, many others. As for
determing who's logged on - that's a different story - NT and 2000 are CLNS (connection-less
networking systems) and do not (without modification/script/3rd party S/W) maintain who is presently
authenticated/still logged on or connected in excess of 15 minutes (by default).
[[NAED]]
Again, hope you find this stuff useful.
--
Clay Calvert
<dwe...@msetechnology.com> wrote:
>Oh ... PS - Cute script ;)
>
>--
>Dean Wells
>MSEtechnology
>dwe...@msetechnology.com
Thank you. Now here's an ugly one-line version of the same thing. :)
@For /l %%x in (1,23,231) do @set/a End=%%x+22&start cmd /v:on /c for
/l %%a in (%%x,1,!End!) do ping -w 1 -l 1 -n 1 10.0.1.%%a^>nul
The above is Win2K specific. You may want to put the "/min" back in,
and take the "^>nul" out, but its just a preference.
Note that the above only goes up to 253, but most of us have .254 or
.1 as the default gateway. If you know what your .1 is, then change
the first set of numbers to (2,23,232).
Actually, that last number doesn't have to be exactly right. The "For
/L" will go through another iteration if the value of %%a PLUS the
middle number is equal to, or LESS THAN the last number. Soooo, you
can set it to 240 or so, and it will still work with either 0 or 1 as
the first number.
The reason I chose 23 is because there was no combination of operands
that equaled 254, but 23*11=253. I tried inverting the parameters and
have 23 DOS prompts fire, instead of 11, but that really hit the
processor hard, and only saved about 3 seconds.
If you just want to see how the numbers can increment, then try the
following:
@For /L %%x in (1,23,231) do @set /a End=%%x+22&@cmd/v:on/c for /L %%a
in (%%x,1,!End!) do @echo %%x %%a
I know the routines above are ugly, but sometimes its fun to try to
"name that tune in one note". ; )
Cheers,
Clay Calvert
Yes, Dean. Very, very useful.
Hmmm, I don't mean to bug you, but it seems that keeping NetBIOS
around would be something of a security risk. I guess that goes
without saying.
Hopefully, it will be possible to filter out the NetBIOS ports
altogether on inter-organization type firewalls. I'm assuming WINS is
likely to go away in a pure Win2K environment.
By the way, my organization is gearing up for a Win2K migration, but
the battle is still waging fiercely over who will control the root.
I'm sure no one else in this group has been through that. <g>
Thanks again,
yalC
Dean Wells
ping the entire subnet. In this case we would first need to evaluate our subnet mask --> determine
our host octets and, finally, sequentially increase the octets from most significant to least
through our acceptable range (most likely, as you said, 1 through 254), i.e -
Assuming we were using subnet 10.0.0.0 (8 bit mask), in order to ping the entire subnet we would
use -
for /l %a in (1,1,254) do @cmd /c for /l %b in (1,1,254) do @cmd /c for /l %c in (1,1,254) do
@ping -n 1 -w 1 -l 1 10.%a.%b.%c
NOTE - For the sake of completeness, replace the % symbol with %% for use within a batch script.
If I mis-understood the objective, please go easy ... it's very late :)
Dean
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:vl2eotcqruvhqh8bo...@4ax.com...
Dean Wells
mentioned earlier. WINS can be dissolved using domain suffixes to a limited extent but the
feature-loss impact is still quite severe.
Dean
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:ab6eotskmflfm00so...@4ax.com...
Dean Wells
Consider using an empty placeholder forest root containing only the most senior of administrative
user accounts. Where possible, use registered DNS names to prevent future issues.
Dean
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:ab6eotskmflfm00so...@4ax.com...
Clay Calvert
<dwe...@msetechnology.com> wrote:
>Hmmm .. I may well be missing something here but I understood the original objective as wishing to
>ping the entire subnet. In this case we would first need to evaluate our subnet mask --> determine
>our host octets and, finally, sequentially increase the octets from most significant to least
>through our acceptable range (most likely, as you said, 1 through 254), i.e -
Yes the OP did simply mention pinging the entire subnet, in order to
get the corresponding IP address from a MAC address. I was simply
trying to provide a way to do that quickly using only a pure batch
routine.
>Assuming we were using subnet 10.0.0.0 (8 bit mask), in order to ping the entire subnet we would
>use -
>
>for /l %a in (1,1,254) do @cmd /c for /l %b in (1,1,254) do @cmd /c for /l %c in (1,1,254) do
>@ping -n 1 -w 1 -l 1 10.%a.%b.%c
Ah, but that doesn't get all of them. ; ) Most of the .0 and .255
entries would actually be valid. Only 10.0.0.0 and 10.255.255.255
should be avoided. Here's a simple routine that should get all of the
others.
for /l %a in (167772161,1,184549374) do @ping %a
It is true that the above aren't spawned into different threads, but
that could be done fairly easily. However, I don't think NT could
handle 16,000 plus CMD processes. ; )
>NOTE - For the sake of completeness, replace the % symbol with %% for use within a batch script.
>
>If I mis-understood the objective, please go easy ... it's very late :)
>
>Dean
LOL! I'll go more into this tomorrow... if you don't mind.
A chapter could be written on automating Pinging, Arping, etc.,
especially if the nuances of Dotless Decimal Notation gets thrown in.
Dean Wells
this theme (scripted deployment, etc..). The multithreading approach, a simple rolling counter
spawning separate instances does the job nicely.
As for W2K's support for CIDR, I generally choose not to implement null octets as many other vendors
are - shall we say - not quite there yet and it causes too many "difficult-to-resolve" issues.
Dean
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:9p8eotkhpgha0v5lb...@4ax.com...
Clay Calvert
<dwe...@msetechnology.com> wrote:
>Dotless decimal notation, difficult to find uses for it - other than this perhaps or any variant of
>this theme (scripted deployment, etc..). The multithreading approach, a simple rolling counter
>spawning separate instances does the job nicely.
>
>As for W2K's support for CIDR, I generally choose not to implement null octets as many other vendors
>are - shall we say - not quite there yet and it causes too many "difficult-to-resolve" issues.
>
>Dean
True. I would not deploy production devices in such ranges, but if
someone was trying to track down something unknown, then being all
inclusive wouldn't be a bad thing. A bad guy just might try hiding
with a .255 or .0 address.
Clay Calvert
<dwe...@msetechnology.com> wrote:
>Even in a pure environment, NetBIOS is still necessary for certain features such as those I
>mentioned earlier. WINS can be dissolved using domain suffixes to a limited extent but the
>feature-loss impact is still quite severe.
>
>Dean
OK, good to know. Thanks
Clay Calvert
<dwe...@msetechnology.com> wrote:
>Oooops - missed that last one.
>
>Consider using an empty placeholder forest root containing only the most senior of administrative
>user accounts. Where possible, use registered DNS names to prevent future issues.
>
>Dean
Yes. The problem is who would have the passwords to those accounts.
; )
It is a political issue at this point. I've recommended that three
groups share those passwords; IT security, the group responsible for
networking the bureaus together, and the group that supports the
principal officers. Correct me if I'm wrong, but those accounts don't
have to be used often once all Domains are in place and if no schema
changes need to occur, right?
Thanks again Dean
Dean Wells
ACLs or direct membership of the Schema Admins. group.
Domain creation can also be delegated (or the necessary config. NC xref's can be pre-created using
NTDSUTIL) allowing a lesser user to create a new child (the pre-creation does have to be performed
by a user with permission to modify the partitions container within the config. NC which, by
default, are members of Enterprise Admin.)
In severe political scenarios I have recommended and implemented divided knowledge of the forest
root Admin. password amongst multiple groups (no single group knows the entire password). This user
is also renamed for obvious reasons. A second user is then created with equivalent permission and
Smart Card logon was enforced (this cannot easily be done to the Admin. account itself), one group
possesses the Smart Card ... the other possesses the PIN. The forest-root Admin. account is used
only in the most critical of recovery situations after which the password is re-generated.
HTH
Dean
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:tg8fot0ev37533mog...@4ax.com...
Clay Calvert
<dwe...@msetechnology.com> wrote:
>That's correct but Schema modifications can be performed by non forest root users through custom
>ACLs or direct membership of the Schema Admins. group.
Great.
>Domain creation can also be delegated (or the necessary config. NC xref's can be pre-created using
>NTDSUTIL) allowing a lesser user to create a new child (the pre-creation does have to be performed
>by a user with permission to modify the partitions container within the config. NC which, by
>default, are members of Enterprise Admin.)
OK, so there can be a group created with 'add Domain' priviledges.
Excellent info. We wouldn't likely make Schema changes without a CM
meeting, but child creation doesn't need to be brought before a board.
>In severe political scenarios I have recommended and implemented divided knowledge of the forest
>root Admin. password amongst multiple groups (no single group knows the entire password). This user
>is also renamed for obvious reasons. A second user is then created with equivalent permission and
>Smart Card logon was enforced (this cannot easily be done to the Admin. account itself), one group
>possesses the Smart Card ... the other possesses the PIN. The forest-root Admin. account is used
>only in the most critical of recovery situations after which the password is re-generated.
>
>HTH
>
>Dean
Once again, this has been extremely helpful. Microsoft has
volunteered to help us migrate to Win2K, but I think I've got more
info from this exchange that the three meetings we've had with them.
Thanks again,
Dean Wells
--
Dean Wells
MSEtechnology
dwe...@msetechnology.com
"Clay Calvert" <ccal...@WanGuru.com> wrote in message
news:5lifotkdmf1ns0s7l...@4ax.com...