From: Bert Hyman on
In news:i278fn$els$1(a)reader1.panix.com danny burstein <dannyb(a)panix.com>
wrote:

>
> One semi-legit purpose for "seeing" the other users is that iTunes
> allows a user to place the local music file into a semi-public
> directory. That way, if other iTunes users can "see" your computer,
> they can also play "your" music.

Doesn't that rely on Apple's "Bonjour" service, where iTunes actually
broadcasts its existence so that other iTunes instances can find it?

That wouldn't require any general-purpose ability to see other systems
on a network.

--
Bert Hyman St. Paul, MN bert(a)iphouse.com
From: danny burstein on
In <Xns9DBC7ABBE4C0FVeebleFetzer(a)216.250.188.141> Bert Hyman <bert(a)iphouse.com> writes:

>In news:i278fn$els$1(a)reader1.panix.com danny burstein <dannyb(a)panix.com>
>wrote:

>>
>> One semi-legit purpose for "seeing" the other users is that iTunes
>> allows a user to place the local music file into a semi-public
>> directory. That way, if other iTunes users can "see" your computer,
>> they can also play "your" music.

>Doesn't that rely on Apple's "Bonjour" service, where iTunes actually
>broadcasts its existence so that other iTunes instances can find it?

Hmm. you know, I don't have a clue as to how it does its magic...
All I know is that it works. (And, as I mentioned earlier, I was
quite surprised, happily so, to see a dozen other iTunes libraries
that I could listen to...).

>That wouldn't require any general-purpose ability to see other systems
>on a network.

Dunno. But I'm sure someone or another here will be by with the
answer in a moment, and I'll feel like crawling under a rock...

--
_____________________________________________________
Knowledge may be power, but communications is the key
dannyb(a)panix.com
[to foil spammers, my address has been double rot-13 encoded]
From: Fuller on
On Wed, 21 Jul 2010 09:03:49 -0700, Jeff Liebermann wrote:
> net view
> arp -a
> nbtstat -n

Hi Jeff,
You immediately seem to have the most understanding here.
On my home network, with 3 computers on a router, these commands report:

C:\bin\> net view
System error 6118 has occurred.
The list of servers for this workgroup is not currently available

C:\bin\> arp -a
No ARP Entries Found

C:\bin\> nbtstat -n
LAN:
Node IpAddress: [0.0.0.0] Scope Id: []
No names in cache
WAN:
Node IpAddress: [10.20.30.200] Scope Id: []
NetBIOS Local Name Table
Name Type Status
---------------------------------------------
BORONA <00> UNIQUE Registered
BORONA <20> UNIQUE Registered
OFFICE <00> GROUP Registered

In summary, these commands won't find my computers on the network let alone
anyone else trying to break into my network (which is what I'm watching out
for). I'll try the other suggested programs and report back.

In the meantime, my main question is that I don't understand why these
commands don't even show my own computers connected to my own network?
From: Mike Easter on
Fuller wrote:

> anyone else trying to break into my network (which is what I'm watching out
> for).

One good way to watch for intrusion is to use something like WallWatcher
to collect, view, and analyze your router logs.

If your router's ability to log is compatible with WW's ability to
collect then the viewing and analysis is made much more interpretable by
WW's organization and graphical display of the data.

Otherwise router logs would be mind-numbing.

http://www.wallwatcher1.com/ collects, displays, and analyzes log
information from more than 135 Routers and firewalls


If you are interested in investigating any problems with network
interference in your area (or rogue access points) something like
NetStumbler might help you
http://www.stumbler.net/readme/readme_0_4_0.html What is NetStumbler?

--
Mike Easter
From: Jeff Liebermann on
On Wed, 21 Jul 2010 18:14:06 +0000 (UTC), Fuller
<fuller_w(a)Use-Author-Supplied-Address.invalid> wrote:

>C:\bin\> net view
>System error 6118 has occurred.
>The list of servers for this workgroup is not currently available

You have file and print sharing disabled on your unspecified operating
system. I'm assuming Windoze XP SP3.

>C:\bin\> arp -a
>No ARP Entries Found

Your network may be broken. At a minimum, it should show the MAC and
IP address of your unspecified maker and model internet router. For
example, on my system, I now see:

C:\>arp -a
Interface: 192.168.1.11 --- 0x3
Internet Address Physical Address Type
192.168.1.1 00-16-01-97-fd-a6 dynamic
192.168.1.122 00-00-00-00-00-00 invalid
The last line is my iPod Touch, which I turned off just before running
the command.

>C:\bin\> nbtstat -n
>LAN:
>Node IpAddress: [0.0.0.0] Scope Id: []
> No names in cache
>WAN:
>Node IpAddress: [10.20.30.200] Scope Id: []
> NetBIOS Local Name Table
> Name Type Status
> ---------------------------------------------
> BORONA <00> UNIQUE Registered
> BORONA <20> UNIQUE Registered
> OFFICE <00> GROUP Registered

Very strange. Your LAN is disconnected and you have a WAN connection
using a non-routeable IP address. That means you probably have your
computah plugged directly into a cable, DSL, or wireless modem. That
works, but you're not going to see the rest of your ISP's customers
machines. The router at the ISP is always configured to prevent this.
Nice try. Your LAN related command will work when you get a LAN.


Also, compare your output with mine. See anything different?

C:\>nbtstat -n
Local Area Connection 4:
Node IpAddress: [192.168.1.11] Scope Id: []
NetBIOS Local Name Table
Name Type Status
--------------------------------------------
CHOLESTEROL3 <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
CHOLESTEROL3 <20> UNIQUE Registered
WORKGROUP <1E> GROUP Registered
WORKGROUP <1D> UNIQUE Registered
..__MSBROWSE__.<01> GROUP Registered

Note the MSBROWSE with means Windoze discovery service is working.
20 is File Server Service, which suggests that file sharing is
enabled. I'm not sure why 'net view' would fail if it's really
enabled. Firewall rules problem? Virus? Key Logger? Hard to tell
from here. IE and ID are Browser Service Election, which means that
since I only have one machine on at this time, it gets to play Master
Browser for "view network neighborhood". There's quite a bit of
interesting stuff under nbtstat:
<http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/AdminTips/Accounts/Nbtstatrevealswhoisloggedon.html>

>In the meantime, my main question is that I don't understand why these
>commands don't even show my own computers connected to my own network?

I had rather hoped that you would do some Google searching for the
details behind the commands. If you want it delivered on a silver
platter, $75/hr is my consulting rate. Paypal to the address in the
signature.

You might consider answering my previous questions before asking any
more. I'll make it easy for you:
1. What do mean by "see"? What information do you want?
2. What are you trying to accomplish?
3. Why are you trying to hack computers that do not belong to you in
a coffee shop?
4. Add one more. What do you have for hardware, how is it configured
(IP layout), and where is the wireless in the puzzle?



--
Jeff Liebermann jeffl(a)cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558