Date: Wed, 14 Aug 2002 14:21:23 -0700 From: Nathan Kinkade <nkinkade@dsl-only.net> To: Mark Rowlands <mark.rowlands@minmail.net> Cc: fgleiser@cactus.fi.uba.ar, freebsd-questions@FreeBSD.ORG Subject: Re: tool to derive ip from mac address of a remote box? Message-ID: <20020814142123.189769af.nkinkade@dsl-only.net> In-Reply-To: <200208142309.23143.mark.rowlands@minmail.net> References: <20020814161845.B22629-100000@localhost> <200208142309.23143.mark.rowlands@minmail.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 14 Aug 2002 23:09:23 +0200 Mark Rowlands <mark.rowlands@minmail.net> wrote: > On Wed August 14 2002 21:20, Fernando Gleiser wrote: > > On Wed, 14 Aug 2002, Mark Rowlands wrote: > > > I know this is not strictly freebsd related but ......there is a > > > dodgy network card somewhere on my network pumping 1.5mb/s of > > > crap..... All I have is a mac address, how can I get an ip for it? > > > > If the offending machine has sent some packets to the BSD box, do a > > arp -an | grep <mac> > > > > If it hasn't, try a 'tcpdump -len ether host <mac>' > > > > > I should learn to give better info :- > > the packet is broadcast and has an invalid ip header so that is why I > only have the mac address :-(........ tried dumping and this is all I > get, 1.5mb/s of em........ > > 0000 ff ff ff ff ff ff 00 05 5d d8 9b 76 08 00 00 01 ........ > ]..v.... 0010 08 00 06 04 00 01 00 02 2d 2e af d7 e0 00 00 fe > ........ -....... 0020 ff ff ff ff ff ff e0 00 00 09 21 74 72 79 20 > 77 ........ ..!try w 0030 77 77 2e 65 6c 73 61 2e 63 6f 6d 20 24 > 8c 00 43 ww.elsa. com $..C 0040 00 44 01 34 d1 ad 47 44 42 43 41 > 43 41 43 41 43 .D.4..GD BCACACAC 0050 41 43 41 43 41 43 41 43 41 > 00 20 43 41 43 41 43 ACACACAC A. CACAC 0060 41 43 41 43 41 43 41 43 > 41 43 41 43 41 43 41 43 ACACACAC ACACACAC > 0070 41 43 41 43 41 43 41 43 41 42 4e 00 ff 53 4d 42 ACACACAC > ABN..SMB 0080 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > %....... ........ 0090 00 00 00 00 00 00 00 00 00 00 00 00 11 00 00 > 21 ........ .......! 00a0 00 00 00 00 00 00 00 00 00 e8 03 00 00 > 00 00 00 ........ ........ 00b0 00 00 00 21 00 56 00 03 00 01 00 > 00 00 02 00 32 ...!.V.. .......2 00c0 00 5c 4d 41 49 4c 53 4c 4f > 54 5c 42 52 4f 57 53 .\MAILSL OT\BROWS 00d0 45 00 01 00 80 a9 03 00 > 50 53 33 32 30 31 36 31 E....... PS320161 > 00e0 00 00 00 00 00 00 00 00 01 00 03 03 00 00 00 00 ........ > ........ 00f0 aa 55 00 89 2d 39 4b 4d 58 49 31 35 4c 41 30 34 > .U..-9KM XI15LA04 0100 43 00 > C. How many segments are on this LAN? This isn't a very technical suggestion, but most switches/hubs have activity lights for each port. Possibly, just look for the one that is blinking like mad continuously :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020814142123.189769af.nkinkade>