Category: terminal

general linux/osx terminal tools

Categories
terminal

Scanning local network for devices

Introduction

Whether you’re a network administrator, a tech-savvy homeowner, or just curious about the devices connected to your local network, knowing how to scan and identify those devices is a valuable skill. In this comprehensive guide, we’ll explore different methods and tools for scanning your local network, uncovering connected devices, and improving your overall network management and security.

  1. Understanding Your Local Network

A local network, or Local Area Network (LAN), is a collection of devices connected within a specific geographical area. These devices could include computers, smartphones, printers, and IoT devices. Local networks allow for data sharing, communication, and collaboration among the connected devices.

  1. Why Scan Your Local Network?

Scanning your local network can serve various purposes, such as:

  • Identifying connected devices for inventory and management
  • Detecting unauthorized devices for security reasons
  • Troubleshooting network issues by revealing connectivity problems
  • Mapping your network topology for better understanding and organization

  1. Scanning Methods and Tools

There are several methods and tools available for scanning local networks. Some of the most popular ones include:

  • Ping Sweeps: A simple method to check if a device is online by sending ICMP echo requests to IP addresses within a specified range.
  • ARP Scans: Utilize the Address Resolution Protocol (ARP) to identify devices by querying their MAC addresses.
  • Network Scanners: Tools like Nmap, Advanced IP Scanner, and Angry IP Scanner offer advanced scanning features, such as port scanning and OS fingerprinting.

In this article we will go over local network discovery using the ‘ip’ and ‘nmap’ tools. First we will go over it using the commands ‘ip’ and ‘nmap’:

ip route
default via 10.0.0.1 dev wlp1s0 proto dhcp metric 600 
10.0.0.0/24 dev wlp1s0 proto kernel scope link src 10.0.0.21 metric 600 
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

On the second line you will find our subnet mask ‘10.0.0.0/24’. This means all devices in this network are assigned IPs in the range ‘10.0.0.1-254’.

‘nmap’ understands this CIDR notation, and you can pass exactly that as a parameter:

nmap 10.0.0.0/24
Starting Nmap 7.80 ( https://nmap.org ) at 2020-11-14 11:21 EST
Nmap scan report for _gateway (10.0.0.1)
Host is up (0.0068s latency).
Not shown: 994 closed ports
PORT      STATE SERVICE
53/tcp    open  domain
80/tcp    open  http
548/tcp   open  afp
5000/tcp  open  upnp
8200/tcp  open  trivnet1
49152/tcp open  unknown

Nmap scan report for 10.0.0.2
Host is up (0.0098s latency).
Not shown: 995 closed ports
PORT     STATE SERVICE
8008/tcp open  http
8009/tcp open  ajp13
8443/tcp open  https-alt
9000/tcp open  cslistener
9080/tcp open  glrpc

Nmap scan report for 10.0.0.6
Host is up (0.0029s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
8080/tcp open  http-proxy

Nmap scan report for 10.0.0.8
Host is up (0.013s latency).
All 1000 scanned ports on 10.0.0.8 are closed

Nmap scan report for 10.0.0.9
Host is up (0.016s latency).
All 1000 scanned ports on 10.0.0.9 are closed

Nmap scan report for 10.0.0.12
Host is up (0.013s latency).
Not shown: 995 closed ports
PORT      STATE SERVICE
8008/tcp  open  http
8009/tcp  open  ajp13
8443/tcp  open  https-alt
9000/tcp  open  cslistener
10001/tcp open  scp-config

Nmap scan report for 10.0.0.13
Host is up (0.0067s latency).
All 1000 scanned ports on 10.0.0.13 are closed

Nmap scan report for 10.0.0.17
Host is up (0.026s latency).
Not shown: 999 closed ports
PORT     STATE SERVICE
8080/tcp open  http-proxy

Nmap scan report for fedora (10.0.0.21)
Host is up (0.00026s latency).
All 1000 scanned ports on fedora (10.0.0.21) are closed

Nmap scan report for 10.0.0.25
Host is up (0.011s latency).
All 1000 scanned ports on 10.0.0.25 are closed

Nmap scan report for 10.0.0.32
Host is up (0.0050s latency).
Not shown: 999 closed ports
PORT      STATE SERVICE
62078/tcp open  iphone-sync

Nmap done: 256 IP addresses (10 hosts up) scanned in 46.90 seconds

sudo arp-scan -I wlp1s0 -l
Interface: wlp1s0, type: EN10MB, MAC: 9c:b6:d0:21:e3:b9, IPv4: 10.0.0.21
Starting arp-scan 1.9.7 with 256 hosts (https://github.com/royhills/arp-scan)
10.0.0.1	3c:37:86:4d:03:4b	NETGEAR
10.0.0.6	00:17:88:67:98:4e	Philips Lighting BV
10.0.0.3	4c:24:98:3a:17:88	Texas Instruments
10.0.0.10	d0:c5:d3:61:b8:88	AzureWave Technology Inc.
10.0.0.8	58:70:c6:01:f3:75	Shanghai Xiaoyi Technology Co., Ltd.
10.0.0.9	fc:49:2d:e4:1b:49	Amazon Technologies Inc.
10.0.0.4	d0:c5:d3:1c:83:55	AzureWave Technology Inc.
10.0.0.25	94:be:46:11:c7:46	(Unknown)
10.0.0.12	d4:f5:47:15:69:2d	Google, Inc.
10.0.0.28	42:9c:77:6b:69:41	(Unknown: locally administered)
10.0.0.34	40:16:3b:e1:1f:8c	Samsung Electronics Co.,Ltd
10.0.0.28	42:9c:77:6b:69:41	(Unknown: locally administered) (DUP: 2)
10.0.0.34	40:16:3b:e1:1f:8c	Samsung Electronics Co.,Ltd (DUP: 2)
10.0.0.13	18:b4:30:e5:15:6e	Nest Labs Inc.
10.0.0.2	00:04:4b:54:15:68	NVIDIA
10.0.0.13	18:b4:30:e5:15:6e	Nest Labs Inc. (DUP: 2)
10.0.0.2	00:04:4b:54:15:68	NVIDIA (DUP: 2)
10.0.0.11	88:de:a9:18:42:e9	Roku, Inc.

Scanning your local network for devices is an essential skill for effective network management and security. By familiarizing yourself with various scanning methods and tools, you can easily identify and document connected devices, troubleshoot issues, and maintain a secure network environment. Don’t forget to scan your network regularly to keep it in optimal shape and to protect against potential threats.

References:
http://www.sput.nl/internet/cidr-routing.html

https://superuser.com/questions/124453/how-can-i-scan-the-local-network-for-connected-devices-mac-os

Categories
terminal

Show recently installed packages

There are many different ways to get a list of all recently (or not so recently) installed packages. This can be useful when troubleshooting a recent update that potentially broke your application and/or infrastructure. The commands vary according to the Linux package manager used in your distro. This will generally give you a long list of packages, so it’s a good idea to pipe it to ‘less’. Once in ‘less’, you can use ‘ctrl + d’ to go down 1 page, and ‘ctrl + u’ to go up 1 page, and ‘q’ to quit.

RPM based (Fedora, CentOS, RHEL…):

$ rpm -qa --last | less

If you only want the last 10 updated packages, you can pipe it to head:

$ rpm -qa --last | head

To show all packages installed via rpm:

$ rpm -qa
Categories
terminal

Batch renaming files in the terminal

Renaming a few files, one at a time should not be very time consuming. But if a task requires hundreds, or sometimes thousands of files, there is a simple way to do it as well. You can rename multiple files simultaneously (batch) with using just the bash, in a single line. First, do a ‘dry-run’ with ‘echo’ to make sure this is the result you want. Here are the steps to execute a terminal batch renaming with ease:

To replace the file extension from ‘.config’ to ‘.json’:

$ for f in *.json; do echo "$f" "${f%.json}.config"; done
apple-develop.json apple-develop.config
banana-develop.json banana-develop.config
jackfruit-develop.json jackfruit-develop.config
orange-develop.json orange-develop.config

Then, replace ‘echo’ with ‘mv –‘ to actually rename the files:

$ for f in *.json; do mv -- "$f" "${f%.json}.config"; done
$ ls
apple-develop.config   jackfruit-develop.config
banana-develop.config  orange-develop.config

To replace a prefix ‘develop’ with ‘test’:

$ for f in *.config; do mv -- "$f" "test${f#develop}"; done
$ ls
test-apple.config   test-jackfruit.config
test-banana.config  test-orange.config

To replace the suffix ‘develop’ with ‘test’ (this one actually works with any occurrence of ‘develop’ to ‘test’):

$ for f in *.config; do mv -- "$f" "${f//develop/test}"; done
$ ls
apple-test.config  banana-test.config  jackfruit-test.config  orange-test.config

Now you have successfully finished a terminal batch renaming.

https://stackoverflow.com/questions/5394112/how-can-i-batch-rename-files-using-the-terminal
Categories
terminal

Renaming files in bulk: mmv

There are many ways to rename multiple files at once. One of the easiest ones, if you have the power to install new packages or if you already have it installed in your system, is with ‘mmv’. Here are some examples. We’ll use the following file structure:

$ ls
develop-apple.config develop-jackfruit.config
develop-banana.config develop-orange.config

To replace the prefix ‘develop’ with ‘test’ from filenames that follow the pattern “develop-banana.config”. First use the ‘-n’ flag for ‘no-execute’ mode. It’s like a ‘dry-run’, it’ll show the changes about to be made, without executing the changes:

$ mmv -n 'develop*' 'test#1'
develop-apple.config -> test-apple.config
develop-banana.config -> test-banana.config
develop-jackfruit.config -> test-jackfruit.config
develop-orange.config -> test-orange.config

To replace a suffix:

$ mmv -n '*develop*' '#1test#2'
apple-develop.json -> apple-test.json
banana-develop.json -> banana-test.json
jackfruit-develop.json -> jackfruit-test.json
orange-develop.json -> orange-test.json

To replace a file extension:

$ mmv -n '*.json' '#1.config' apple-develop.json -> apple-develop.config banana-develop.json -> banana-develop.config jackfruit-develop.json -> jackfruit-develop.config orange-develop.json -> orange-develop.config

Don't forget to remove the '-n' flag when you're 100% sure of the changes you're making so they're written to disk.