Home page logo
/

basics logo Security Basics mailing list archives

Re: Discovering network topology
From: nikhil () niiconsulting com
Date: 15 Feb 2007 16:10:01 -0000

Hello Jeremy,

Discovering a network totally depends on the factor from where you are discovering it i.e. within the network (inside) 
or outside the network. Off-course discovering network from within the network is far more accurate as compared to the 
external ones. 

If you are absolutely sure that all the computers within the network are utilizing Microsoft Windows OS, then a tool 
called MBSA with Visio connector from Microsoft, could help you out in discovering the network topology (provided you 
have Microsoft Visio installed on your system). However third party tools like GFI Languard, Superscan or any network 
security scanner, can also help easily to discover the network. Off-course Nmap has always been an indispensable tool 
for network discovery.

Now-a-days scanners and discovery tools are so sophisticated and accurate that we can rely on the outputs of these 
tools without much hesitation. This is because the rate of false-positive outputs from these tools has been reduced 
drastically. However for our satisfactions, we could just verify by ourselves that the outputs are correct and are not 
false positives, by manually doing telnet to the IP Address and port. 

Besides traceroute (Windows tracert), Windows XP and above OS supports a built-in command called “pathping” which is 
basically an integration of two commands: tracert and ping. The advantages of pathping over ping and tracert are that 
each node is pinged as the result of a single command, and that the behaviour of nodes is studied over an extended time 
period, rather than the Ping's default sample of four messages or tracert's default single route trace.

Reference:
MBSA with Visio Connector: http://www.microsoft.com/technet/security/tools/mbsavisio.mspx 

GFI Languard: http://www.gfi.com/lannetscan/ 

SuperScan: 
http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/superscan.htm 

Nikhil Wagholikar
Security Analyst

NII Consulting
Web: www.niiconsulting.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]