Information Security

arping – Backtrack 5 – Information Gathering – Network Analysis – Identify Live Hosts – arping

The arping application is a simple command that will allow you to ping devices by hostname, IP address, or MAC address. The unfortunate part is that most device will not respond to the arp requests, which are directed broadcast ICMP echo requests, though there are some out there that do. I go into more detail below regarding pinging via MAC address by providing an example of the typical output, example output when a MAC address responds to the ICMP echo requests, and details about how to configure hosts to respond to these ICMP echo requests. I also show a couple of the switches available with arping and provide examples of using arping to ping devices by IP and host.

Information Security

xplico – Backtrack 5 – Information Gathering – Network Analysis – Network Traffic Analysis – xplico

Xplico is a NFAT or Network Forensics Analysis Tool that is designed to either capture traffic in real time sessions or to provide an interface to upload PCAP (Packet Capture Data) files for analysis. The current version in Backtrack Linux 5 release 3 is 0.7 however the latest Xplico version is Xplico 1.0.1. I believe there are some dependencies required in the later versions of Xplico so I will write an updated article once Backtrack 6 comes up and the latest version of Xplico can easily be installed.

Code Snippets

Script to Find All IP Addresses on a Internal Network

I was working on a presentation this morning and as I was writing I realized I did not have a quick fast way to make a list of all the internal Ips on a LAN (Local Area network). Many of the tools I use including nmap, nessus and nexpose will accept a list of ips so  I decided to whip up a quick dirty shell script to get the job done.  I may clean it up in the future but for now it does its job. This is meant to work on Backtrack 4 but in its current state it will work on any Debian based distro. As always with any code found on the internet you use this at your own risk. Also I am sure this can be done better but like I said it was a 10 minute fix.

Technology Insights

Configure Static IP and DNS on HP Photosmart C5150

The easiest way to configure a static IP on the HP Photosmart C5100 is via the web interface. You probably do not know to the IP address of the all-in-one printer since you are just now configuring the static IP and if it is currently on the netork then it has received a dynamic IP address via DHCP (Dynamic Host Configuration Protocol). Regardless its an easy process which I will explain step by step below.

  1. Locate IP Address: First we will need to locate the current Internet Protocol address of the printer. Look in the properties of the printer and look at the Ports tab to see if there is an IP address specified. If there is not then you can print a test page, bring up a command prompt, and type “arp -a”. You should notice a couple different IP addresses of which one should be associated with a Physical Address that begins with 00:19:BB which is Hewlett Packard. Once you have located the IP address take note. It should be an address where the first three octets begin with 192.168.0.