Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Tracing Broadcast traffic

Posted on 2004-04-03
5
Medium Priority
?
761 Views
Last Modified: 2013-12-19


how to trace broadcast traffice ARP protocol and giving me information that its originating from source 10.138.4.1 and destination 10.138.0.1 , that is shown by using ethreal software. The thing is these IP address is not part of the network. Whats this basically ?

Regards,
0
Comment
Question by:aejaz
  • 4
5 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 10747485
sounds like an attack to do you have a firewall and have you blocked ICMP?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10747486
in fact ignore that, these are NON routable addresses so they HAVE to be on your network do this instead...............
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 60 total points
ID: 10747497
get a laptop plugged in on the same network, and get on the same network number as the offenders, now ping those IP addresses, there now in your ARP cache :)

do a arp-a command and get the MAC addresses for them

Now track those MAC addresses through your switches MAC address tables and sooner or later you can follow them from switch to switch till the last switch will tall you which port its on, go to the switch and see whats patched into it - and youve got one of the offenders, time for some violence :)
0
 

Author Comment

by:aejaz
ID: 10751050
thanks.... tat was very simple , i just hav given 20 points :) , i m scolding myself why didnt i think myself :D

Regards,

aejazzz
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10752978
:) ThanQ
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question