Network Mapping
HTML-код
- Опубликовано: 4 июл 2024
- Info
Level: Beginner
Presenter: Eli the Computer Guy
Date Created: November 9, 2010
Length of Class: 51 Minutes
Tracks
Networking
Hacking
Computer Security /Integrity
Prerequisites
Introduction to Networking
Purpose of Class
This class teaches students how to map a local network.
Chapters
Introduction (00:00)
How Network Mapping Works (03:12)
DOS Tools (11:44)
Network Mapping Software (34:54)
Security Considerations (44:14)
Final Thoughts (48:21)
Class Notes
How it Works
ICMP -- Internet Control Message Protocol -- part of Internet Protocol
Echo request
Used by OS's to send error messages
Ports Scanning
All network applications require specific ports to be open
SMB Shares
Server Message Block is used for Windows File and Print Sharing
SNMP
Simple Network Management Protocol
Part of IP
Allows communication of alerts for numerous types of problems on a system from applications, the operating systems or even the hardware
Uses Agents,Traps and Network Management System
Agents are pieces of software installed on the monitored systems
Traps are alerts that are set for the Agent (CPU goes over 90% for 5 minutes)
Network Management System receives alert messages from Traps.
SNMP Service must be running
Uses UDP Ports 161, 162
Basic DOS Commands
IPCONFIG
Ipconfig /all -- Shows current IP information fro system
Ipconfig /release -- Releases DHCP IP Address
Ipconfig /renew - Acquires a new IP Address from DHCP Server
Ping
i. IP Protocol
Ping 10.1.10.1 -- Pings either an IP Address or a Domain Name
Ping /? -- Shows arguments fro Ping command
Ping 10.1.10.1 --n 6 -- -n argument changes the number of pings sent
Ping xxx --i 200 -- -i argument changes the Time To Live for a Ping
Tracert
IP Protocol
tracert www.everymanit.com -- Shows all of the routers on the path to the destination
Network Mapping Software Description
Network Mapping Software Discovers Devises and Systems on Your Network
Can be free or very expensive
There are numerous types of software that find different information
Security Security Good vs. Bad
Turn off SNMP services? -- SNMP can be very useful if you use it.
Use firewalls -- Firewalls can block Network Mapping Software from discovering devices on the network
Turn off Ping Echo -- You can turn off Ping Echo using security software. Ping is a very useful diagnostic tool, and can cause confusion for technicians if standard systems cannot be pinged.
Final Thoughts
Network Mapping can be used for Good and Bad purposes. You must weigh utility vs. security when deciding to allow or block the ability to map a netwrk.
Resources
Spiceworks
PortScan Наука
3:35 ICMP
4:19 Echo Request
6:05 Port Scanning
7:02 SMB Shares
7:28 SNMP
11:01 Summary
12:12 DOS tools
23:35 3 DOS commands
25:30 CMD line ipconfig
29:07 CMD line ping
33:01 CMD line tracert
35:12 Network Mapping Software
39:00 PortScan
41:30 Spiceworks
44:26 Security
48:25 Final Thoughts
Marry me ?
Marry me ?
Marry me ?
its already there in the description
I love you Korono
Came from the future to say this video helped me in late 2023. Thanks a million
My left ear is filled with knowledge, my right is letting it all out
It helps if you put your finger in your right ear ;)
Ease of Access> Enable Mono Audio saved me :D
@@princegoyal8813 YOU ARE HIRED!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! for helpdesk :D
half of my mouth can't stop laughing. Lol..
Clever
Dear Eli
Your tutorials are the most clear and exciting I have ever seen. You make me understand everything you demonstrate, explain and present. You have skills and great knowledge of real practicals of computer world. I'm impressed because I have been to other countries to study what I should have acquired sitting in front of my PC at home. Thanks for helping me understand better.
I appreciate everything you do so much Eli, thank you. I try to share your videos as much as possible. Thank you so much for everything you've taught me.
who on earth would dislike such videos!!
Mr.Eli.. ur like the teacher i never had.. til now ..!! ur the best.. thanks!!
Whew! This lesson took a while for me to digest.
Thanks for explaining everything really well.
First of all, I must thank you. With this video series, you opened my mind to new possibilities that I was unable to consider before, making my complex nodes of thought to loosen their tight , making things easily understandable (to the point I wasn't able to concentrate on your talking cause I was thinking how to apply the beautiful things I just have understood). You're easily understandable thanks to the high PNL skill applied in your speech. While getting things really easier to understand you can even guide these poor sheeps to the village's marketplace! Thanks Computer guy, you have my trust!
I forgot... if you try to ping my IP from your Gate? Way, my ICMP will kindly deny your offer.
i love the key point links in the vid description for reference you are the best. I'm currently taking electrical engineering in school and am learning networking/ programming on the side this is so helpful due to my time constraints thank you much man
To hear the lesson on both ears, download the video and open it with the latest version of VLC (older version may not suppport this).
Then:
- Right click on the screen
- Audio
- Stereo Modality
- Left
So you will hear the sound from the left side on both hear when using headphones!.
Thank you Eli for your videos!!!
Very informative and resourceful video. Instead of closing the command prompt just use 'CLS" command to clear that.
my left ear loved this video
+1wsx10 I have the same problem, it really drive me crazy.
Install Audio EQ Chrome extension and select the option "Mono", it will play audio on both the channels.
You're a saint! I would add that if you are using headphones you may need to change the presets to headphones.
Thank You! Your video and all the user comments made me realized I was wearing my headphones backwards.
Awesome video. Thank you so much for uploading this. I was finally able to settle an argument with my cousin regarding discovering MAC addresses on a network.
thanks for your time and effort man your videos are gold...
My left ear loved this!
I just discovered your channel and I think this is awesome. Great refresher course.
Eli the computer Guy, YOU ARE VERY INTELLIGENT!!!
Ely. you are a natural teacher. It is great to listen and learn from you. The problem I have is I cannot organize your lessons in the right order, so I listen to different subjects as I find them...but, again - every lesson is always very well organized, professional etc. By the way, there is a problem with the fact that technology changes quickly, for example, in comm cables there is cat 7..(the red cable), but I understand that it is not possible for you to update, and it is really not that critical.
So thanks a million. Arik
Dude - You're very good at training! Thank You!
I simply adore u! You're the best person that explains it
You know what makes him the best tech teacher on the web? No Indian accent.
Peter Terranova I’m a year late but I’m dead 😂😂😂😂
@@arifjay6756 im a year and 2 months late but wow that was funny.
Lol i feel bad for people trying to understand the accents especially thick native ones. I'm soo so thankful I can understand it because Indians do have an excellent and prolific grasp on IT, in general. So yeah I definitely feel for you guys! Ahahah
you know the struggle man :D
That's pretty racist
A little tip for all new DOS users; typing "help" (not including the ""), alone or after a command, will give you options for that command. If typed alone, it gives a comprehensive list of commands. So for example; ping /help will give you a list of arguments for the ping command. Another essential DOS cmd set to know for networking would have to be to understand and know how to reset winsock and understand netsh.
Subbed! Great great great talks you have here Eli... Technical, precise and interesting. A big thank you for your time and efforts you put on this.
Excellent explanation ! this really helped me understand snmp and default gateway
Enjoyed The Class! I Love Your Classes! My Brother learned from you and he told me to come here
cause he said you are a god at everything computer related!
Lol But hope to hear from you back!
best tut on network mapping ive seen
very informative and helpful eventhough most of the videos is dated. Great job Eli...
You are very practical. Thank you so much!
my certs preps would be real hard if it wasnt for ur generous free lesons.... i thank u very much sir
Thank you, really good explanation!
YOU ARE THE BEST OR SHOULD I SAY A BEAST....... IN THE IT WORLD.... THANK A BUNCH... IM FOREVER THANKFULL.
Best computer educational videos ever!
you're saving my life. tysm!!!!
thank you for this video, I am a younger person and I am very interested in the subject of fixing computers and applications, so thanks alot.
Thanks for your easy to follow videos.
great instruction as always Eli!
You have listed the most important steps to do manual network mapping. But, I believe, consultants these days need an automated network discovery tool to map it, and then export it to Visio, PNG or any other formats they may like. There are quite a few network topology mapping tools out there!
Thanks for the great class!
As an IT professional, these videos are great for getting perspective, handing off to the new guys to get them on a jump start, etc. However, as IT professionals, it usually requires headphone use at work and your audio is only left channel which is incredibly irritating.
This is very good intro to network mapping.
Your videos are very useful!! thank you!
Amazing Class, thanks Eli
Great Video! it made me realize how important is my left ear
Damn... this vid is definitely going to require 2 or 3 run throughs.
Very interesting class, excellent explanation, thank you very much
Useful arguments to ping are *-t* to ping continuously until stopped, and *-w* to set the timeout. You can use ping in batch files to insert a pause of any length by pinging a non-existant network and waiting for a timeout w.
The TTL is hardly useful in ping because the default of 64 hops and timeout of 4s are plenty for any network. Australia is 20 hops and 350 ms away from europe. Furthest places like China might be 30-35 hops. If you placed 65 routers inbetween you and the destination, or a routing loop which somehow resolves, a response with TTL of 64 set by the remote machine would never make it back anyway.
Traceroute works by sending multiple pings or udp packets with different, increasing TTL values to give a complete picture of the route _towards_ the destination. Each router our packet passes through decrements its TTL value, and when that value reaches 0, the router sends back an ICMP response. It is sometimes useful to use ping and traceroute _on a router_ to see the route taken from their perspective. A response packet _from_ the destination might be routed over a different path.
If a host cannot be pinged because its set to not send out ICMP in the firewall, traceroute can still be useful to determine the latency of the last hop that did respond. If the remote computer is down and doesn't respond to ARP, that last router will also usually send back an ICMP "host unreachable".
The Windows command interpreter isn't "DOS". I would also never turn ping off. It's quite handy to troubleshoot speed or packet loss issues. Good routers can be set to limit the rate of echo messages sent to minimize flood.
Great delivery.
I'm almost certain that TTL in a ping is not a time-counter but a hop-counter. it means that a packet can pass so much hops until it dies, where each node it passes means one less TTL record. by default an ICMP gets on the road with 255 hops which includes both directions (i.e. 128 is max TTL you``ll see when there is only one router to pass) I may be wrong but I`m pretty sure I`m not
+willow klan Actually TTL is a time counter. The minimum amount that can be reduced is one second. Nowadays routers process packets in less than a second, that's why the TTL is reduced by one at every hop. Theoretically, if you somehow can stop the packet at your router for 3 seconds, then the TTL will be reduced by 3. I guess, nowadays it is not a mistake to consider TTL as a hop counter, but one should be aware of the underlying nature, just in case.
+Sergey Khegay reason for TTL is to kill packets that else would continue to go around forever. Each relay device (routers) shall reduce TTL by one each time they handle a packet. Sender sets initial value as wish. This is how tracert works. First paket has TTL=1, first device shall decrease it to 0 so you get an ICMP error message from this device and log it. Next comes TTL=2 so you get the error message from the SECOND device, counting outwards like an onion, and so on. tracert with maximum 30 hops means that it shall try up to 30 steps or TTL value before it stops it.
10 years old but still stuff I need to know to become an IT professional
Thanks for sharing Eli... so very wise
Great stuff i am excited to make my debut
Smashing explanation.
But as per usual... Eli, thank you. JUST THANK YOU!!!
Also to release the DNS cache you can use ipconifg /flushdns.
Good lesson.. Thank you.
You are awesome.. For protecting our privacy that our goverment violates everyday.. Everybody needs to protect themselves. Please teach us about cyber security.
I was able to land two jobs at the same time. I am going to go in depth in Database and User Interface theory in grad school and move away from help desk and tech support.
Thanks
All So Good, Thank You.
very very very cool video lesson!!!!!!!!!!!!!!!!!!!!!
Eli just do cls to clear section :D , dont have to open and close ^_^
I would really enjoy watching an overview of CommView for WiFi
Computer guy thanks for you video.
you are the best
God bless you, my brother in Christ.
Love the vids... but I'm going to have to finish this one later. I need to go to the doctor because my right ear isn't working right.
Correct me if I'm wrong but the Time To Live (TTL) has nothing to do with time and everything to do with the number of hops the ping can survive for before being returned to sender. A hop is effectively a router in this scenerio.
Traceroute works by sending a pings with a TTL of 1, then 2, then 3 and so on. Thats how it knows the route the packet takes ;)
I've not explained as well as perhaps it could have been, but you can read more at www.grc.com/sn/sn-313.txt, about two thrids down, search for Traceroute.
Every protocol sent through tcp/ip network has a time to live = TTL, and that TTL number decreases after every device the protocol goes through and when it hits zero the protocol is destroyed
TTL in DNS is the amount of time certain data is stored as cache. This is defined in the SOA
This video is best viewed without headphones
@17:20 Time to live (TTL) doesn't indicate latency or delays in the system. It's how many hops the packet will take before giving up. The latency is indicated by the "time" field. Additionally, increasing the TTL will not increase the chances of a packet surviving a single flaky hop. Its just there to prevent networks from having immortal packets hopping around in circles.
Awesome - as always.
awesome video
Just fyi, the TTL isn't a stat in milliseconds.. rather, it's "router hops." It's a mechanism IP uses to ensure packets don't run around endlessly. When a router gets a packet, it lowers the TTL field in the header by 1. If doing so puts it to 0, it will send ICMP time exceeded back to the source. That's how trace route works. 3 packets are send with TTL of 1, and the first router sends back an error, which the tracert program shows as the first hop. Then it sends 3 packets with TTL of 2, etc
Cool tutorial, love it I have a feeling ill spend a lot of time on your channel. Little advice though if you haven't already figured it out. You should record record your sound in stereo sorry I was watching with headphones, and it was kind of annoying hearing only my left speaker outputting sound.
Your Awesome Period.
I'd like to say that for some companies and savvy computer users you can block ping request or ICMP requests to your router to better hide yourself. This can also give you an unreachable error as well.
I'd like to add on that there are alternative ways to ping to workaround the ICMP blockage if you use software like nmap.
Nice video and informative
Yup. However, if it is a public network, windows computers have a setting called "public" which makes the firewall rules much more strict, you might not be able to do a port scan or the such, but you can tell that they are there, because they will still respond to ping requests.
Thanks for the INFO, Eliote?
Thank You Brother
snmpv3 is a good work around for security purposes, snmp 1 and 2 are unsecure due to not having encryption I think.
Thanks for the EA video too
You aren't too old. You just have to keep learning. Right now everybody's getting involved in cloud systems. Learn about that. Actually, learn about everything about computer programming you can. Keep up to date with Java and everything misdirectionx talks about.You have to update yourself, sense technology is always chaging. Basicvally, keep watching youtube videos on this stuff.
Echo Request in a nut-shell:
Q: Hey other computer, are you there?
A1: "Yes, I'm here and I'm doing great."
A2: "I'm here, but I'm fu*ked up bad, fam."
A3: [ no response ]
There are some issues with ipconfig release where some computers do not seem to either release or request a new IP address properly. In windows 10, there is a function called "Reset network" which reinstalls the network card drivers among other things but it does solve the issue.
Hey, love your videos and patience. could you please share the knowledge on How storage arrays like Dell EMC vmax used , mapping of LUNS ,eNAS , DWDM ,This provisioning etc..
Better than a college education! I just graduated from UC Santa Barbara (a school within the top two percent of all schools in the nation) I was just thinking how that degree is worthless and how this information will further my subsistence far beyond what any university degree would. Please keep up the vids....They are extremely helpful to me as a newbie in the IT business. Also, I'm just curious, do you still own a computer repair shop? thanks
Thank you a lot
Thanks Sir ....!!!!
for sharing this Info. :)
Great video, just to point out TTL is counter instead of time in reality.
Generally the IP would be the gateway, however if you run a tracert, you will see every router that information will run through. More the likely the first router would be the colleges something like 192.168.1.1. FYI, that IP will be a LAN ip not a public one.
Thank you.
Intermapper.. saves lives lol...
Thank you. :)
nice video bro
thankyou very much
Hey Eli, your networking videos are so amazing and I'm taking advantage of it to add up my skills in networking.
By the way, do have a website for your organization? if so, pls send me the link.
Thanks a lot..
thanks a lot...
2020 thanks :)