Network discovery programmatically_问答_开发者

开发者 https://www.devze.com 2022-12-16 20:11 出处：网络

Is there a specific protocol used for network discovery?开发者_如何学Go I\'m looking to code this into an existing java project.Currently I\'m using a port scanner to handle the case, but I\'m looking

Is there a specific protocol used for network discovery?开发者_如何学Go

I'm looking to code this into an existing java project. Currently I'm using a port scanner to handle the case, but I'm looking to swap that out for something that can give me a little more info. If possible I'd like to scan to discover machine and pull the Ip addr, host name, MAC addr, NIC make/model, OS, and anything else I can get.

There is no one protocol that will do all this for you. I've had to do exactly this and basically, the best approach involves using a combination of heuristics to locate, analyze and cross-reference network nodes and topology. Here are the data sources I used:

Traceroute allows you to identify edge devices and routers in the network
Port-scanner allows you to identify what services are running on each node
SNMP allows you to detect the type of device, as well as all its network interfaces, other IP addresses, the IP of devices connected to each port on switches, the routing table, the process table, the network configuration, etc... This is the best source of data, but requires the node to be running an snmp server (installed by default on windows and most linux distros) and to have credentials.
WMI for windows hosts, will provide roughly the same info as SNMP

Here's an accademic resource I dug up while working on my topology mapper. Hopefully it will help. Good luck!

Check nmap for what it can. It is network scanner, can scan with ARP, TCP-SYN, and many other sniffing techniques. It also contains large database of different machines fingerprints, so it can guess what OS/version given system runs.

Check out the SNMP protocol. It has a way to autodiscover devices on the network. Keep in mind that there are some security concerns with this (especially older versions of the protocol).

WBEM (similar to WMI on Windows) can be used to scan Unix computers and other devices. Of course, only if the WBEM instrumentation is installed...

WBEM even works for ESX(i) servers if it is enabled there.

Otherwise you might also use SSH to programatically logon to Unix computers and issue system commands to extract the information you need.

There is a nice Java library for WBEM called SBLIM There are many Java library for telnet and SSH out there