What is the IP Address?

What is the IP Address?
Prev	Chapter 1. General Information	Next

By default, the Network Security Toolkit uses DHCP to determine its IP address. If your machine has a keyboard and monitor attached or you are able to connect to it via the serial port, you can use the following to determine your IP address:


[root@probe root]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:01:02:68:27:12
          inet addr:192.168.0.11  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:119 errors:0 dropped:0 overruns:1 frame:0
          TX packets:76 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:19117 (18.6 Kb)  TX bytes:13105 (12.7 Kb)
          Interrupt:3 Base address:0x9000
 
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
 
[root@probe root]#

If you do not have a keyboard and mouse attached or serial access, the determination of the IP address assigned becomes a more difficult task. You will need to locate the logs of your DHCP server to determine what address was assigned.

Alternatively, if you have access to port scanning software (like nmap), you can scan your network for ports 22, 80 and 443 as shown in the following:

Figure 1.3. Using nmap To Locate NST

[pkb@salsa pkb]$ nmap -p 22,80,443 192.168.12.0/24
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on nacho.linux.bogus (192.168.12.1):
Port       State       Service
22/tcp     open        ssh                     
80/tcp     open        http                    
443/tcp    open        https                   

Interesting ports on rice.linux.bogus (192.168.12.2):
Port       State       Service
22/tcp     open        ssh                     
80/tcp     open        http                    
443/tcp    open        https                   

All 3 scanned ports on tamale.linux.bogus (192.168.12.5) are: closed

Interesting ports on salsa.linux.bogus (192.168.12.7):
Port       State       Service
22/tcp     open        ssh                     
80/tcp     open        http                    
443/tcp    open        https                   

All 3 scanned ports on flan.linux.bogus (192.168.12.8) are: closed

Interesting ports on mole.linux.bogus (192.168.12.9):
(The 1 port scanned but not shown below is in state: closed)
Port       State       Service
22/tcp     open        ssh                     
443/tcp    open        https                   

Nmap run completed -- 256 IP addresses (6 hosts up) scanned in 4 seconds

[pkb@salsa pkb]$

Since the Network Security Toolkit probe only provides services on ports 22 and 443, I can look at the above output and see that 192.168.12.9 is the only system meeting these restrictions (the key being the absence of port 80).

Prev	Up	Next
Why is the nstpasswd Command Insecure?	Home	Chapter 2. Trouble Shooting