I was able to get a connected IP addresses on my network by pinging the broadcast IP. Now how do I figure out more information about that individual IP address, say it is 192.168.0.199? Can I say something like:
finger ipaddror is there an equivalent command?
I did read the manual of w, finger, who and I was not able to find anything relating to IP addresses. It is all about usernames. That is what I want to find out mainly.
Anyone have any idea? I'm on a Unix system (Mac). I tried to ping the address in question hoping it would provide some light but nothing more of value besides the IP address came out of it.
43 Answers
Install nmap. Then run this command as root:
nmap -O 192.168.0.199 (or whatever the IP address is).
You will get output like this:
root: /home/l # nmap -O 192.168.0.244
Starting Nmap 5.51 ( ) at 2012-02-27 16:10 EST
Nmap scan report for 192.168.0.244
Host is up (0.0019s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
80/tcp open http
139/tcp open netbios-ssn
1641/tcp open invision
MAC Address: 00:90:A9:22:14:E2 (Western Digital)
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.9 - 2.6.31
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 4.09 secondsIt will list open network ports, which may allow you to determine what is running on that computer. It reports the MAC address for that IP address if possible, and then tells you which manufacturer owns the block that address is in. It then attempts to determine OS that machine is running. In my example, you can see the device is made by Western Digital, and is running Linux (it is in fact a network storage applicance). Hopefully this gives you enough information to match the IP address to its machine.
Edit: just noticed your on UNIX, sorry, this will only work on windows machines - i'll leave this answer here anyways incase other windows users have similar question / you have a windows machine on your network.
May I suggest netscan:
This can scan a range and grab certain info, including logged in user, uptime & so on.
If the information you need isnt immediately available, you can add more advanced requests via WMI and registry.
finger, as well as most other network discovery tools, rely on a remote server application on the machine you're pinging.
If there is no such service, you can use remote fingerprinting to (heuristically) detect the remote operating system. In a similar fashion, you may be able to find out some characteristics of the remote system, such as current TCP counters, system uptime, etc.
You can also use third-party services such as the global whois or reverse DNS queries. However, unless your network administrator has manually configured these entries, they will not be set for private IP addresses.
