Network Mapping

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello again as you know I'm Eli the computer guy over here for everyman I t.com and today's class is network mapping so we are going to talk about how you map a network basically all network mapping means is that you plug into a network and you try to figure out what is on the network what services are available on the network what shares are on the network what computers are on the network what what access points what's Browder's what servers etc the big problem especially for consultants coming in to to a a computer network that is already up and running is many times you have absolutely no idea what is on that network and the people that are hiring you they really have no idea what's on the network so you know you ask them how many computers they have they shrug their shoulders you ask them how many switches they have they show your shoulders uh access points etc so by being able to map a network you can figure out what is on the network so basically you can figure out you know where to go from where you are also another good point with learning how to do a network mapping is a lot of modern networking equipment when you plug it into the network it uses DHCP to automatically grab an IP address so you plug in a wireless access point you plug in you know a network printer etc and they automatically grab an A I P address well if you know that IP address you can go to your little computer you can go to that IP address and you can get into the nice little web interface and and administer that printer or that access point or that router the problem is is you don't know what IP address that that device has it's difficult to to to get to it so by understanding how to do network mapping you can automatically map an entire network and then be able to find all of your wireless access points all of your printers all of your computers etc so this class is going to teach you how to map a network we're going to talk about the basic services that are required that you use to map a network ICMP port scanning SMB server messaging blocks SNMP and such going to tell you about the basic process of doing it just so you have an over idea overall idea why you have map network now you know this can be good used for good and bad purposes this can be used as you as a consultant going in gets to figure out what is going on with the network to figure out what the servers are what the access points are etc this can be used for security so you can go in you can do network mapping to find out what shares are open that shouldn't be open what ports are open that shouldn't be open etc or you can use this for hacking uh where you go in and you find out that people left a whole bunch of folder shares wide open on the network and you can just hack away as you please so depending on what you're doing you can use network mapping of for your uses so uh so give me a second I'm going to put a couple things together and then we are going to get in this class network mapping so when you're doing network mapping there are four basic components to the systems into the networks that you should understand that you are going to be using to map out the network the first is something called ICMP this is called internet control message protocol this is part is a protocol that is part of the tcp/ip networking suite so if you're using tcp/ip which in this day and age just about everybody does I don't know why you wouldn't be using tcpip tcp/ip then within that tcp/ip is ICMP internet control messaging protocol this is the protocol that allows computers and networking devices to talk back and forth and send error messages so on though the very lowest level this is how computers and devices can talk and you know can make sure that another device is there and if it's not there can send error messages back basically what we're going to be using ICMP for is something called the echo request so the echo request is where your computer calls out to a computer or device on the network and says hey are you there so your computer goes hey are you there router and then the router says yes I'm here are you sure you're there yes I'm sure I'm here are you really sure I'm here yep etc so basically your computer calls out to whatever computer device on the network says hey are you there well what's supposed to happen is your computer will call out to that device that device is supposed to respond back say yes I'm here well with the echo request - three things can actually happen your computer tries to talk to that network or computer device and that device comes back and gives you an echo response that is crystal-clear so everything works perfectly or it can give an echo response and from the information within that echo response you can see that there are errors so so it's not that the network cable is unplugged entirely or that the network device is powered off but for some reason the communication isn't going back and forth as smoothly possible so it's a second reason thing that could be happening or the third is that for whatever reason that computer device is unplugged from the network that computer device is turned off or something has just gone haywire and the CPU has blown up so when you do this echo request basically you can get three responses everything is good and something's going on that's a little weird or no response at all this is all used using the ICMP the internet control messaging protocol the next tool or whatever that we're going to be talking about is something called port scanning so if you know anything about tcp/ip if you know anything about servers you know all networking services use ports within the tcp/ip protocols so so if you're going to a web site you use port 80 SSH if you're using SSH to get to a linux server you're using port 22 if you're using pop3 email access you're using port 110 so every single Network application uses its own port so what the what we're going to be doing is doing port scanning to see what computers have what ports open so so by seeing what ports are open we can determine what that computer or server might be doing so if the ftp port is open that might be a file server or somebody accidentally turn on the ftp port and we should turn that off the next thing that we're going to be looking at is something called SMB shares server message blocks shares generally used with Windows networks this is where you you double click on a shared folder and you can access shared folders shared files and share printers on other computers these are SMB shares so what we're going to be doing is looking for SMB shares finally there's something called SNMP this is called simple Network message protocol what this protocol was developed for was to send a a greater quantity of information to network administrator's so that they could fully understand what is going on with their systems and their servers so basically with SNMP you have three things first you have what is called a network message management system this network management system goes and it gathers information from all the computers and devices on your network that are using SNMP those computers and devices on the networks that are gathering information then have SNMP agents installed on them so these are just basically small little pieces of programming and then what you can do is you can create SNMP traps that state when something happens with that that device or that computer you want to send an alert back to that network management system so basically how SNMP works in the real world is let's say you have a server and you're worried you do not want this server to go over 90% CPU utilization so what you can do is you can install an SNMP agent onto that server then you can create a trap that says if the CPU goes over 90% usage for five minutes I want the network management system to be alerted so your computer is buzzing along if it goes over 90% for five minutes then it sends an alert back to that network management system now the nice thing with these agents and traps is you can gather a whole bunch of information it's almost limitless the amount of information that you can gather using SNMP agents and traps you can gather all the software that is installed on you that computer you can you can determine what updates have been installed on the computer you can determine all the the hardware that is on that computer so imagine if you had thirty or forty or hundred systems in your network and you could sit at one console and see you know what computers have only two gigs of RAM what computers have ten gigs of RAM you can see all the hardware information simply sitting at your network man Regt systems you're just sitting at one little console and you can see what is going on you can send alert traps again if a computer goes under let's say 10% harddrive space where it may cause problems that SNMP trap can send an alert to you so that you can see you know the Secretary's computer went under 10% utilization using these things you can get real-time information into you and you can also go out and you can quickly inventory all the systems and devices on the network so you know if you want to make sure all your Windows Vista systems are up to Service Pack 1 you can go out and you can scan all the computers and make sure there are up to a service pack 1 the main thing that you should remember with SNMP is that there is a simple network management protocol service on your Windows system so that has to be running if you turn that service off SNMP doesn't work at all it also requires UDP so not TCP UDP ports 161 and 162 torco put that all in the notes in the bottom but those are the 4 4 concepts that you should understand for mapping a network ICMP internet connection control message protocol this is part of the tcp/ip suite basically this is just a communication protocol for different devices on the network to talk to each other and basically say hey are you there there's port standing so every network application has to have its own port port 80 port 22 port 25 for 110 you know there's a lot of them out there SMB simple server message blocks these are these are the windows shares so we can go out and we can scan for those shares and then finally SNMP simple network management protocol this is what it allows you to gather a lot of information about the systems and devices on your network now for mapping your network you should know some basic dos commands if you if you've done any networking in the past if you work with das you should probably know these commands I would hope at this point by now but if you are new to network mapping we should just go over three commands that you should understand in order to do the basics for network mapping first we have to talk about is something called IP config IP config is the basic dos command that shows you what the IP address information for your computer currently is so if you run the command IP config space /all this command is going to show you what your current IP address is what your current subnet mask is you know that's all fine and good the big thing that is going to tell you beyond that is it will tell you the IP address of your DHCP server it will tell you the IP address of your default gateway and it will also tell you the IP address of your DNS server so if you're trying to figure out what's going on with the network you know you just walk into this network you have no idea what's going on well probably the first thing that you should figure out is what the default gateway is so of course a default gateway is your router your cable modem your ad Tran whatever gets you from from inside your building out to the Internet cloud so that's what the default gateway is once you understand what the default gateway is you should also see what the DNS servers are so so if you're trying to figure out how complicated your network is this is very important if you have a very simple network your DNS server your DHCP server and your default gateway will all be the same device whether it is a router whether it is a Windows server etc if it is a simple network DNS DHCP and default gateway will all be on the exact same device if you have a complicated network all those will be on different devices so if you go in and you see that your your your DNS server is 10.1 10.2 your DHCP server is 10.1 10.3 and your default gateway is 10.1 . 10.1 good or bad I mean it might not be good that you have a lot of stuff going on there but it tells you that you do have a lot of stuff going on now with the IP config so it's IP config space /all this will tell you the current information for your computer or it will come back and they'll say 0.0.0.0 which means that you have no IP address but whatsoever now if you've just plugged your computer into the network you can also use the IP config command and what you should do is space forward slash if you do release this will release the DHCP address that your computer currently has so if you plug into a network what I would suggest that you should do is your on IP config space forward slash release and then you do IP config space forward slash renew and this renews your IP address so this makes sure that you have the most current IP address information after you do this you do the IP config space for it slash all and again that will show you what your IP address is your subnet mask is your DNS your DHCP your default gateway this is very very important information now once you make sure that you are on the network then the next thing to do is make sure that you can talk to other computers or devices on the network this is you know we're talking about ICMP before the communication protocol the first thing that we use with this ICMP communication protocol is the command ping so what ping essentially does is ping has your computer call out to another computer or device on the network and ask if it's ask it if it's there so basically your computer will say hello and then the computer on the other side hopefully will say hi back now if the computer on the other side doesn't say hi back then you know that you have a problem so what happens in the DOS world is you do you do ping then you do space and then you can put in either an IP address or a domain name so you could put in ping space 10.1 10.1 so you're trying to figure out if you can communicate with your default gateway with your modem here our default gateway is 10.1 dot 10.1 so if I'm sitting in a computer I can do ping 10.1 dot 10.1 and this will tell me if I'm talking to to my router 2 to my default gateway if nothing comes back if it basically says error cannot be found then I know I have a major problem inside my network what will happen is after you do this ping command it will call out and get a response 4 times now if you are in the linux world it will just continuously a ping until you force it to stop you to a control see in the windows world it will do it four times and then automatically stop for you when it does this four times basically it'll go out it'll ping the device and then it will tell you the time to live it'll tell you how quickly this communication happened so if you have a high number you know that there's a delay in the system if you have a low number you know everything is is doing pretty good now when you do the ping for a domain name so you say ping let's say server this is an easy thing because it will ping as long as your computer can communicate with a DNS server the ping command will then resolve the IP address of the server that you're trying to get to so let's say you're trying to get to the exchange server so let's say you do ping exchange well then the ping command talks to the DNS server and it will then figure out what this IP address is so 10.1 10.13 and then it will ping this IP address again this is very easy thing because you can see if your exchange server is up and running and then it will also give you the IP address of that exchange server you know in case you need it in the future now with the ping command over all the ping command is a very simple command but if you do need no like all of its different options again you just do ping space forward slash question mark which you should know for das commands and this will give you the little description of how the ping command works it will tell you what arguments you can use with a ping command the two arguments that I would suggest that you use with the pink mat or think about using with a ping command are one which allows you to put in how many like the total number of pings that will happen so let's say you send out four pings two pings come back good one comes back a little weird then the next one comes out good and you want to get an idea of just how how flaky that the network connection may be well instead of sending out four pings you may want to send out 200 pings just so you continuously keep pinging that server and see what the results are to do that what you would do is you do ping space and then you you know you put in the IP address 10.1 10.1 and then you do space you do - and you use the N the lowercase n as in November argument space and then how many pings you want to send out so let's say 200 so what this will do is it'll ping 10 dot one dot ten dot one and 200 times instead of four so this gives you an idea of what's going on you know you send out four I think it's a little weird well let's send out 200 and just continuously if you keep hammering that server do you see any network problems the next thing is sometimes the server is very slow to respond a - to your ping requests and so sometimes you want to up what is called the time to live so the time to live on a ping request basically the computer says if I don't hear a response within so many milliseconds I'm going to assume that the ping command failed well depending on how flaky and nasty your network is that time to live may be too short so what you can do is you can do ping again 10.1 10.1 then you do space - lowercase I then after that you put in how many milliseconds you want the ping command to live for what the time to live for is again you plug it up to two hundred or a thousand or whatever it is basically this keeps the command open so if it's taking a really long time for that community for that server to communicate back to you you make sure that that at least you can hear again you know if you have to use the I command what this means is that you have a problem on your network all you're doing with increasing the time to live is trying to give yourself a better idea of what problem is going on now after you get done with the pink man so you know you ping out you call out to the device the next thing you can do is if you're trying to isolate where where a problem is in a network or trying to understand what what routers or what networking equipment are routing your your traffic you can use something called the trace route command so the trace route command is actually tr a seee R T so it's traced book but it's trace route the command is trace route what this does is it's kind of like the ping command only it actually gives you an echo response from every networking device that you go through so let's say you do trace route and then like as I will show you in our demonstration you do W W every man itu comm so I'm trying to see the route from my computer here all the way to our server every man I t.com sitting in the data center that that's a few miles away from here well when you do the trace route instead of just getting a normal ping response what will happen is you will actually see all of what are called the hops hops basically all the routers that this goes through in order to get to the server that you're trying to reach so first it'll first it'll say that it's going through the default gateway here 10.1 10.1 and then it'll say it's going through Comcast's gateway and then it's going through another gate win then another gateway then another dead weight gateway and then as you'll see then you go and you hit the the data centers networking devices and so they'll send information back and then finally hopefully you'll get to the information from everyman IT back to you so this is a very important tool this will make a little more sense when we go over and demonstrate it in a minute so the basic dos commands for mapping out a network are again IP config this is very important the main reason is is you can go and then very quickly hopefully find out what the DNS the DHCP and the default gateways are then you use a ping command ping is hello hi beer hello that's all it is it's basically your computer calling out to different network computers or devices ping works for computers ping works for routers ping works for printers ping works for wireless access points and depending on what you're dealing with pink may also work for your switches so this can hit all of the different on networking devices that are using tcp/ip then you know if you're trying to actually trace the route that you're a little your little packets take you can use a trace route or trace or command and that will show you every single hop that your packets take on to get to the server that they're trying to get to so with this let's go over to the computer and I'll show you an IP config ping and traceroute ok so here we are back at my my Windows 7 computer and we have the nice little command prompt icon here so if you're dealing with Windows 7 if you're dealing with Windows you're going to be using the IP config command you need to open up the command prompt as the administrator do a run as administrator if you're using a Windows XP or earlier well just use command prompt to not worry about it so what you're going to have to do is you're going to have to right-click the command prompt and then you're going to have to do run as administrator and of course is going to give you this little thing and you say yes and now your command prompt opens up now with this command prompt what we are now going to do is to make sure that we have all the latest information all the latest networking information on the system we are going to do IP config and we are going to release and renew the IP address so the first thing that we're going to do is IP config space forward slash release and this releases the DHCP IP address that we currently have on the system that's that easy now in order to renew the IP address we do IP config space forward slash renew and hit enter this makes sure that we have like I say the latest information now we've renewed the IP address so all we do now to see all of the IP information as we do IP config space forward slash all so what we did is we did release and this is where we released we did renew this is where we renew and now we do IP config space forward slash also this will give us all of the IP information for this computer so we hit enter and so this is our command up here now it says this tells us our hostname so it says the computer's name is graphic there's a whole lot of information here it tells you our network adapters so the first network adapter is a real tech PCIe yada-yada-yada it says the physical address so this is the MAC address in case you need it the data now it says what the ipv4 address so this is what you're going to see if you're dealing with a Windows 7 or Windows Vista Windows XP or earlier all this is a little easier to understand but with Vista and such it gets a little more complicated but you're looking for ipv4 address and it says the IP address of this computer is 10.1 1010 the subnet mask is a Class C 255.255.255.0 says when you obtained the address when the lease expires then here is one of the important ones what is the default gateway so this is the networking device that gets us out to the outside world whether it's a router whether it's a DSL modem cable modem etc so that's 10.1 10.1 so we will have to be able to communicate to this device in order get to the outside world this says with the DHCP server is again 10.1 not 10.1 and then it says what the DNS server is 10.1 not 10.1 again as I said and you know in the live-action blurb if the default gateway the DHCP server and the DNS server are all have the same IP address that means you have a relatively simple network to deal with but all of these servers can be different physical servers the default gateway could be 10 dot one dot 10.1 the DHCP server can be 10.1 10.2 and the DNS server could be 10.1 10.3 this does happen in the real world for good or for bad so so just make sure you know when you're looking at this you'll see how complicated a system that you're dealing with so since we've now figured out you know what what the default gateway is we are now going to do a ping command to take a look at it so I'm just going to clear this out real quick so we'll open this up again and so now we are going to ping our default gateway that 10.1 10.1 so in order to ping that gateway we just do ping P ing space then 10.1 10.1 so this will go out and it will call out to that default gateway and say say ask if it's there so we hit enter and now we see it's pinging at a ping four times so 4 times that default gateway said hey I'm here the time it took and the time to live so the time to live for this request was 60 four milliseconds the time equaled six milliseconds the first time less than one millisecond the second time five milliseconds third time less than one millisecond third fifth fourth time so this means that that the Gateway is responding very very very quickly so you're not having any problems so let's say that we wanted to ping the default gateway more than four times again all you do is ping space 10.1 10.1 space hyphen N and then let's say we want to ping it 10 times so now it's going to ping that 10 times so we ping it 10 times and you get the information again like I say is if you're having really weird networking problems sometimes you know I plug in that I want to ping a device 200 times just so I can get an idea of how often the reply errors out again you know we have a good Network here Cisco equipment professional so everything is running well but when you go into some of these nasty nasty networking environments you may have corroded cable you may have switches that are 10 years old you may be dealing with hubs for Christ sakes so so so being able to this ping command you know 100 or 200 times may give you an insight onto how the network is working now finally with the ping command all we need to talk about that time to live so again right here it shows that the time to live defaults to 64 milliseconds now what if you're thinking that maybe the equipment is responding but it just needs more time so in order to give it more time we do ping 10.1 10.1 space - I and then we put in our time to live a longer time to live so let's say we do 200 milliseconds and then we hit enter so it goes through and everything works fine so basically here there there were no problems so we went through so that is the basic ping command so with the ping command you can go out and you can ping you know devices and and things on the network you can also ping devices and such on the internet so we could do ping space ww everyman IT comm hit enter and now we are getting a response from everyman I t.com like I say every man IT comm is sitting at a data center a few miles away from here well the first thing that happens is the ping command resolve the IP address of every man IT - - oh 7.11 4.50 3.1 32 and then it pings to a 701 one 4.53 - 132 four times here you see that the time it takes is 25 milliseconds so the first one was 25 milliseconds 22 milliseconds thirty seven milliseconds 25 milliseconds again if we look up here pinging our own beef all Gateway took less than one millisecond so this does show you that it takes a little bit of time I mean it's milliseconds but it does take time to go out there and and talk to the server sitting out on the Internet now finally so we'll clear this out we are going to look at the trace route command or the trace route so if you don't put in trace route you put in tra see e RT so with that it's tr a c e RT and then you put in whatever IP address or domain name you want to trace to so so with this again let's put w w every man i t calm so what this is going to do is it's going to trace the entire route it takes to get to the everyman IT comm server so we hit enter and so so we see again it resolves the domain name - 207 104 dot 50 3.32 and now the first hop the 10.1 not 10.1 is our default gateway and then from there it hops to the closest Comcast server from there hops to the Baltimore Comcast server to the desoto Comcast server to this to the white mesh smart server to New York so it goes all the way up to New York then it goes down to McLean Virginia then it goes to Ashburn Virginia then it goes this 75149 231 162 this is one of the routers that is sitting at the data center and then it comes to to the actual server so this shows you the entire route that the command takes this can be very important when you're dealing with large networks now when you're dealing with small networks you know the small office with ten users you rare it rarely rarely rarely never have to use a traceroute command but if you're going in to a network a very complicated network where you may have 20 or 30 routers you know you have communications going you know you have you have a hundred remote offices you have two major offices you know there's all this communication going back and forth using this traceroute command can be very helpful to try to figure out how communication is going through all those individual networks so with that let's go back out to to the outside world and talk about network mapping software so those were the simple dos tools or dos commands you can use just to just to start understanding what your network looks like now the best tool once you have a vague understanding of what your network looks like is to use network mapping software now network mapping software this it this is full fledged software you can get it for Macs you can get it for Linux you can get it for Windows etc what this software does is it tries to go out and grab information about your network now that this network mapping software some of it is free some of it is open source some of it cost you five thousand dollars a license the cost really depends on how much information this network mapping software will get for you the big thing to understand with network mapping software is this software all the different versions of it are built to do different things so so you know you may go out and look go to downloads calm or softe pedia calm and you may see 50 different pieces of network mapping software and what you should realize is all these pieces of network mapping software do things differently they look for different information some of it will give you back very simple text files others will give you back these really fancy pictures and will show you how that all the devices connect to each other some some all they do is they go out and they look for open ports and open shares others again they map everything and they will tell you all the software that is installed on each and every computer so the main thing to understand about network mapping software is you know it's anywhere between free and open source to $5,000 a license not joking about that $5,000 a license and it all does stuff differently so depending on what you are trying to get will depend on what software you know you you end up using so we're going to go over we're going to do a little demonstration the first administration I'm going to show you is with a really quick light piece a piece of free software what it does is it goes out it scans for all the devices on the network it looks for open ports and it looks for open SMB shares these are basically Windows file shares that's all it does there's nothing fancy there's something cute about it it's just a very quick way to go out and scan your entire network the next piece of software they'll use is something called Spiceworks again it's free why because I'm teaching a class for you and you know or not I'm not going to spend $5,000 on piece of software but the nice part with Spiceworks is it can actually go out it can inventory a software on computers it can determine what types of devices search and networking equipment are so it can say oh this is a router oh this is a switch oh this is a wireless access point it will tell you the operating system that is sitting on whatever network device is fine so even if it can't figure out what something is it can tell you the operating system on it so it'll say so I'll show you hey this has a Cisco operating system on it if it's a Cisco operating system it's probably a piece of networking device so with that let's go over to a demonstration on network mapping software it's very easy to use the one thing that I will tell you is I will at this point only show you the results of the networking mapping software because network mapping takes a while so even on a really pathetically small network that I have here in this building it takes five or ten minutes to run so if you're going to map a network of a hundred two hundred three hundred thousand computers basically just just set the thing to go for a night and then come back don't expect that network mapping software will will work in five minutes because yeah well okay so we're now we're back on the Windows 7 computer and I'll show you two different types of network mapping software the first is something called port scan and then the second will be Spiceworks these are these are both free piece of software the first port scan I will just bring up like I said in the in the live action part of the class I'm not going to run a scan right now because running a scan even on a small network like mine does take time this takes physical time so if you're going into a large network the what I would tell you to do is plugging your laptop and immediately start the scan don't wait to do the scan until you have to leave in half an hour because it will take a while so with this very simple scanning software this scanning software will go out it will look for what devices are on the network it'll look for the MAC address it will look for open ports and it will look for SMB shares so like I said again all the software does different stuff some of it is really quick some of it's really pretty some of its really in-depth you know it just depends on what you go out to buy so we can see here you know scan through the network so it found host 10.1 10.10 gives the MAC address gives the host name so the hope that a computer name is graphic and then it shows what ports are open on this computer HTTP 80 it map 135 HTTP all of these ports are open on the computer and then it says what shares are open so the users share is open so if you want to try to connect to this you may be able to connect using the share for users under this you know it shows 10.1 10.3 and the MAC address it shows open ports but it doesn't give you any more information so again this isn't a very in-depth scanner just kind of kind of shows you what's out there then the one 10 to 11 the same so it shows you it's there you still don't really know what it is though that's 16 dot 13 so you can see hostname oh this is a gateway laptop so so that's something 10.2 10.1 again this add this has open ports so this gives you an idea of what devices and computers are on the network what ports are open the host name if it's available so this this this port scanner will run very quickly but it gives you just very very very basic information if all you needs basic information that maybe you know again all you need then we open up this a piece of software called Spiceworks so this is a much more complicated piece of network mapping software again it's free but it gives you more information of what's going on so here this will actually show you the types of devices that are on the network so you can say see right now there's two workstations on the network two servers on the network three networking devices one other etc so I can go on to this workstation click and it shows I have that gateway laptop and then I have in the graphic computer if I click on this graphic computer like I said before this is a more in-depth piece of network mapping software I can go down I can see it's a graphic computer I can see the motherboard that is on it I can see that as an Intel Core i7 processor I can see it has Windows 7 Professional I can see it has four gigs of ram so this is all information that the other piece of software didn't have you can even click on the configuration it even shows a local C Drive 29% free local F Drive 65 percent free e Drive oops look e drive is full so I need to take a look at this computer and see what's going on so this gives you lots and lots and lots of information about the computers that are on your network so if we go back to inventory we can go over to networking and here we can say oh look this looks like a wireless access point so this is an Apple a wireless access point and it tells you some information could it be found we can click on this so this it says this is a Cisco device we can go over here this is an SMC so this is a 10.1 dot 10.1 this is our default gateway so with like I say a more robust type of networking software this can go out and it can scan all the devices the computers the servers everything that's on the network and get information about them so so like like I say with graphics the graphic computer not only can I see its windows 7 pro 4 gigs of ram but i can actually click on software and this shows me all the software that's installed on this can so you know if you're trying to go out and you're trying to do an inventory to make sure you don't have pirated software on your computers this can be very very very very valuable so this is spice works and I also showed you pork scan again depending on what you want you know it depends on whether one of these pieces of software is good for you so with that let's go back out to the real world and talk about security considerations so now that you've seen how easy it is to map out a network you might be thinking hmm I have a lot of security holes here so the first thing you may want to do is run out and try to close all of those security holes the first thing that I am going to remind you is um you know the more things more services you shutdown the more complicated it is going to be to administer a network so you can close down all these services you can turn off SNMP simple network management protocol you can turn off ping requests etc but if you do that it is going to be very very very very difficult to map that Network if another technician comes in behind you or if something just just weird happens so the first thing is if you want to shut down the ping service so ping is the basic service that almost all of these network mapping pieces of software use to determine if computers exist so you can shut down that I CMP echo request now if you're dealing with a router so let's say you have a router that is sitting on the Internet and you don't want anybody to be able to ping that router within almost every single modern router if you go into the settings page there will be a little thing that allows you to turn off the ping requests so if somebody tries to ping your router it simply will not send a response back so basically the computer out on the Internet tries to ping that router and then the router ignores it now if you have normal computers sitting on your network normally in order to stop this ICMP echo request you have to install security software for whatever reason you cannot just go into Windows and say don't respond to ping requests you actually have to turn on security software so you know you just pick a McAfee your Avast or whatever else is out there and that software will turn off that ICMP it requests for you then you know if you if you want to turn off the the pings that's how you do that the next thing the the big thing is then and MP the the simple network management protocol now with this on all Windows computers you can go in and you can actually turn the service off so if you turn that service off then SMP SNMP will not work on that computer at all whatever agents or whatever else is installed it just stops working or you can use the firewall again it uses UDP port 161 and port 162 so if you turn on the firewall for that local computer and-and-and prohibit outbound traffic on port 161 and 162 that will stop SNMP from working also those are the ways that you can secure your network but again think about it a lot because SNMP is a very very very useful tool if this is the first you have heard about it before you go rushing to turn it off think about how useful it is to use I mean think about being able to look at any computer on the network and see what is installed of that computer see what the hardware on that computer is be able to get those alerts I mean that can be very very useful if you're not using it if you have no interest in using it you know by all means and shut it off again with with that whole ping and the ICMP echo command be very careful with that because yes if you turn it off it makes your network quote unquote more secure it also makes it a much bigger pain in the butt to actually try to administer if something goes wrong so I would never turn off ping not me I mean maybe I would turn it off for for the router to the outside world but internally inside my network there's no way in hell I would turn paying off but those are the things that you should think about for for the security of your network so that was a short class on work mapping network mapping is an invaluable tool for IT professionals like I say especially when you're going into a brand-new network or network you haven't seen for a while being able to plug in your little laptop and have it run a scan of the entire network is just a great thing whether it gives you just an overall idea of what's on the network kind of refreshes your your brain on what's going on whether you run it to see what security problems there are so so you know I talk about things and people laugh at me for it but it's true there are there are so many obsolete computers that people have not touched in the past five years that are still running on networks especially once you start dealing with large networks networks of a hundred or a thousand users I can guarantee you there are computers just putts in a long day after day that nobody's doing anything with well the problem is is those computers are then vulnerable to hackers attacks viruses etc because if nobody remembers them then people probably are not updating them virus updates aren't happening etc so these computers may be just sitting on the network chugging along and they're just there is little hives of virus and hacker activity by running a scan of the network you can you can you can figure out those old obsolete systems and rip them off the network also like I say with the SNMP agents and traps you can make sure that all of your computers are up to whatever hardware or software standards that you require so you know you you distribute all these little agents out there and the traps and you can see what computers have less than two gigs of RAM what computers have have a slow processor etc so if you go to your client or if you go to your boss you can give them a report and you can say hey listen out of a hundred computers we have ten computers here that obviously need upgrades of ramp I guess make sure it makes your life a lot easier so again this was the class on network mapping this is an invaluable thing whatever network mapping software you decide to use again is entirely up to you remember the free open-source stuff isn't as good as the expensive $5,000 so depending on the size of your network you know don't always go for the free stuff if you have a hundred users or a hundred systems you have thousand systems by the expense of software it really really really will do better for you you know all the software does different stuff with SNMP software management software the more expensive stuff you buy it's really I swear to god it's really worth the money so this was a class on network mapping again I'm Eli the computer guy over here for everyman IT and I look forward to seeing you at the next class
Info
Channel: Eli the Computer Guy
Views: 469,721
Rating: 4.9297156 out of 5
Keywords: network, mapping
Id: _uIOdTfp6Pw
Channel Id: undefined
Length: 51min 19sec (3079 seconds)
Published: Sun Dec 12 2010
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.