Thanks to:
Simon Tardell <tardell_at_particle.kth.se>
Anthony Talltree <aad_at_nwnet.net>
Chander Ganesan <C_at_Asu.Edu>
Richard ??? grscott_at_grscott.is.ge.com
Cliff Krieger <ckrieger_at_latrade.com>
rwa_at_cs.athabascau.ca (Ross Alexander)
Dave Wolinski <wolinski_at_umaxp4.physics.lsa.umich.edu>
Hans Kowallik <hans_at_physics.orst.edu>
Arnaud Valeix <fnet_at_ifh.sncf.fr>
Reinhard Merz (MARB) <merz_at_telematik.informatik.uni-karlsruhe.de>
"Stuart Davidson" <stuart.davidson_at_eurocontrol.be>
and all that will still answer...
========
my question was:
#Question: how do I map hardware addresses to IP-Adresses, to
#know which host is really talking?
#
#I know about "arp -a" on DEC Unix, but it only shows entries of
#hosts, that have talked to the alpha recently.
#How do I identify the others?
...
#In the same vein: does such a graphical network monitor exist as freeware
#on DU?
==========
Answer is:
(from grscott_at_grscott.is.ge.com)
(from rwa_at_cs.athabascau.ca (Ross Alexander))
(from Dave Wolinski <wolinski_at_umaxp4.physics.lsa.umich.edu>)
ping your broadcast address, then do an arp -a
(although VMS machines seem not to reply to this.
You seem to have to ping every address one by one on your
network to get the VMS machines, too...)
All running hosts on your local network should respond to the ping
(as far as the broadcast will travel on your particular network...
routers, bridges, repeaters in between...)
and so they will be in the arp table for a short time.
Example: In my case the address of my machine is 129.13.104.2,
the network mask is 255.255.0.0.
Binary AND gives a broadcast address of 129.13.0.0
/usr/sbin/ping -c 1 -n 129.13.0.0
Other ideas were:
(from: Simon Tardell)
get a complete list of your network, ping every host
and do an arp -a on that host immediately afterwards.
(I did this with:
nslookup
> ls -t A OUR.DOMAIN > outputfile
this list contains 9552 hosts on our network... so it takes some time
to ping and arp -a them all...)
========
Network monitoring programs:
(from Simon Tardell)
"etherman" (
http://www.cs.curtin.edu.au/~netman/)
"tkined & scotty" (
http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/)
(from Cliff Krieger <ckrieger_at_latrade.com>)
(from Hans Kowallik <hans_at_physics.orst.edu>)
etherman, interman
ftp://www.cs.curtin.edu.au/pub/netman/dec-alpha/
http://www.cs.curtin.edu.au/~netman/etherman.html
"Etherman will use the /etc/ethers file to convert MAC addresses to
hostnames. You have to populate the ethers file by hand. I would
recommend pinging every address, and then direct arp -a. You will have
to clean up the output a bit, but that should be simple."
(from Dave Wolinski <wolinski_at_umaxp4.physics.lsa.umich.edu>)
" For a graphical network monitor, we use etherman. Here's an
excerpt from some info that came with etherman (freely available):
Packetman, Interman, Etherman, Loadman works on the following
platforms:
SunOS, Dec-Mips, SGI, Alpha, and Solaris. It is available on
ftp.cs.curtin.edu.au:/pub/netman/[sun4c|dec-mips|sgi|alpha|solaris2]/
[etherman-1.1a|interman-1.1|loadman-1.0|packetman-1.1].tar.Z
Packetman was designed to capture packets, while Interman, Etherman,
and
Loadman monitor traffic of various kinds."
(from Arnaud Valeix <fnet_at_ifh.sncf.fr>)
(no graphics, but comes with DU)
"
...
You should use on digital unix the program called : tcpdump.
1/To run it, you need first to adjust the PACKETFILER option in
the kernel.
like this:
options PACKETFILTER
and rebuild and reboot your machine
2/under dev directory
make a : ./MAKEDEV pfilt
3/pfconfig -a +promisc +copyall -b 255
4/Becarefull with driver in promiscous mode (security hole)
for machine upon INTERNET.
5/ run : tcpdump ( with parameters)
My self I wrote a program of NFS analyse for NFS v2 and V3
...
"
Rainer Landes, eMail: Computer-Administration_at_Physik.uni-karlsruhe.de
Tel(+49)721 608 3578
http://www-comp.physik.uni-karlsruhe.de/
Computer facilities of the Faculty of Physics, Univ. of Karlsruhe, GER
Received on Wed Feb 05 1997 - 09:52:31 NZDT