|
|
Capturing ethernet addresses on remote machines
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
To all:
I already know how to use ifconfig grep and such to capture the ethernet address to a text file in the format which I want. How would you accomplish this for a number of networked machines that I have access to. I know that I can ssh to them and just copy the ethernet addresses however I would really like to automate the process.
It is for 200+ machines.
Thanks
Bostonmacosx
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2001
Location: Mahwah, NJ USA
Status:
Offline
|
|
Originally posted by BostonMACOSX:
To all:
I already know how to use ifconfig grep and such to capture the ethernet address to a text file in the format which I want. How would you accomplish this for a number of networked machines that I have access to. I know that I can ssh to them and just copy the ethernet addresses however I would really like to automate the process.
It is for 200+ machines.
Thanks
Bostonmacosx
If you can ssh to the machine you already have the ethernet address (duh) or if you are sshing to the hostname you can look it up with nslookup.
If the IPs are static then you can get all those addresses from the local DNS server. If the IPs are dynamic then you can get all the addresses from the local DHCP server.
If you run the DHCP server it maintains a database of all current IPs, MAC addresses and hostnames on its subnet... so the work is already done. Nice thing about DHCP is it will also tell you which laptops are connected.
There are also tools like nmap ( http://www.insecure.org/nmap) wich will get you ALL the data you want including open ports and OS.
Why do you want/need to do this?
|
-DU-...etc...
|
|
|
|
|
|
|
|
Mac Enthusiast
Join Date: Jul 2002
Location: Leiden, Netherlands
Status:
Offline
|
|
Originally posted by BostonMACOSX:
To all:
to. I know that I can ssh to them and just copy the ethernet addresses however I would really like to automate the process.
It is for 200+ machines.
Thanks
Bostonmacosx
Try rsh.
|
|
|
|
|
|
|
|
|
Forum Regular
Join Date: Nov 2000
Location: Boston Area,ma
Status:
Offline
|
|
Maybe I was clear enough. I don't want the IP address. I want the MAC hardware address for each computer. I want to SSH into the remote machine grab XX:XX:XX:XX:XX:XX and then write it to a text file on my local machine.
Hope this clears the confusion.
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2001
Location: Mahwah, NJ USA
Status:
Offline
|
|
Originally posted by BostonMACOSX:
Maybe I was clear enough. I don't want the IP address. I want the MAC hardware address for each computer. I want to SSH into the remote machine grab XX:XX:XX:XX:XX:XX and then write it to a text file on my local machine.
Hope this clears the confusion.
OK... if you have access to the DHCP server the work is already done. On my server the database is in /var/lib/dhcp/dhcpd.leases
Otherwise you can use rsh to run a remote command (like you would run via ssh) to help automate getting the MAC addresses from ifconfig.
|
-DU-...etc...
|
|
|
|
|
|
|
|
Dedicated MacNNer
Join Date: Aug 2002
Status:
Offline
|
|
Ahh I know how to do this on Windows, and I'm positive the same technique would work with OS X but I don't know the exact commands.
Anyway, when you ping a box you get the MAC back as part of the ICMP packet. In fact, any packet you get from any host contains the MAC of either that host or the nearest router to it (in the case of NAT).
So basically you need to write a script that will ping each host you're interested in, and then use that data to grab the MAC. In windows you can use the command "arp" to see how ip addresses are mapped to MAC addresses.
There is one restraint to this technique, and that's if the host you ping is behind a router or firewall providing NAT then you'll get the address of that device, not the host. This technique assumes you are on the same subnet as the hosts you want information from.
If anyone can explain how to "arp" in OSX then you're set. Otherwise you'll have to wait until my girlfriend finishes studying with my PowerBook.
|
|
|
|
|
|
|
|
|
Senior User
Join Date: Jan 2001
Location: Mahwah, NJ USA
Status:
Offline
|
|
Originally posted by Scarpa:
Ahh I know how to do this on Windows, and I'm positive the same technique would work with OS X but I don't know the exact commands.
Anyway, when you ping a box you get the MAC back as part of the ICMP packet. In fact, any packet you get from any host contains the MAC of either that host or the nearest router to it (in the case of NAT).
So basically you need to write a script that will ping each host you're interested in, and then use that data to grab the MAC. In windows you can use the command "arp" to see how ip addresses are mapped to MAC addresses.
There is one restraint to this technique, and that's if the host you ping is behind a router or firewall providing NAT then you'll get the address of that device, not the host. This technique assumes you are on the same subnet as the hosts you want information from.
If anyone can explain how to "arp" in OSX then you're set. Otherwise you'll have to wait until my girlfriend finishes studying with my PowerBook.
Ahahaha!! good idea (dunno why I didn't think of it ;-))
In Linux there is a command called "arping" which does a similar thing...
I threw together a little one line bash shell command to scan my entire subnet at home for IP+MAC addresses, thus:
for ((F=1; F <= 254 ; F++));
do /usr/sbin/arping -c 1 -I eth0 192.168.1.$F | grep reply;
done
The loop steps through the subnet range of 192.168.1.(1-254) and sends a single "arping" to each address via interface eth0... and then only prints the lines with "reply". I got the following results:
Unicast reply from 192.168.1.12 [00:60:08:36:8C:11] 0.840ms
Unicast reply from 192.168.1.13 [00:60:B0:36:A1:9C] 1.942ms
Unicast reply from 192.168.1.251 [00:60:97:71:48:A4] 0.729ms
Unicast reply from 192.168.1.253 [08:00:20:04:C7:A9] 1.107ms
Unicast reply from 192.168.1.254 [00:60:97:AC:12:CF] 0.768ms
Which is all five machines I have up at the moment (not including the box I arpinged from). Since I don't have any Windows boxes here I also tested it at work... it appears that printers, Mac OS 9, Windows, and whatnot all reply correctly. When it hits a router to a different subnet all I get is the MAC of the router. This is as it should be.
You can season the command to taste.
Thanks for the hint.
Ooops forgot to add one thing... where to get it for Mac OS X:
ftp://www.osxgnu.org/pub/osxgnu/Netw...g-1.00.xpm.sit
(
Last edited by utidjian; May 20, 2003 at 10:16 PM.
)
|
-DU-...etc...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Forum Rules
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|