Introduction: Who Is That on My Network and What Is He Doing? Network Forensics Tutorial?

Forensic Network Device Analysis Using ARP (Address Resolution Protocol)

Hi Guys, this is a method you can use to identify all live host devices on your network. Have you been in a situation where you are not able to get an IP for one device on the network only to find out that there are a load of smart phones taking the address pool?

Use the brief steps below to understand and forensically identify what is on your network and what their purposes may be.

Identify your gateway.. Use nslookup or [ipconfig]

Know your subnet (what is your network address for example mine is 192.168.1.0 network)

arp -a

Copy Mac address and revers lookup on Wireshark OUI Lookup tool or any other working platforms out there.

Once that is done, you will be able to for example, create an amazing info rich topology..

So go ahead and watch the video again.. and skecth your home's network topology..

  1. NSLOOKUP
  2. IPCONFIG
  3. TRACERT

Comments

About This Instructable

478views

26favorites

License:

Add instructable to: