Who Is That on My Network and What Is He Doing? Network Forensics Tutorial?

Introduction: Who Is That on My Network and What Is He Doing? Network Forensics Tutorial?

Forensic Network Device Analysis Using ARP (Address Resolution Protocol)

Hi Guys, this is a method you can use to identify all live host devices on your network. Have you been in a situation where you are not able to get an IP for one device on the network only to find out that there are a load of smart phones taking the address pool?

Use the brief steps below to understand and forensically identify what is on your network and what their purposes may be.

Identify your gateway.. Use nslookup or [ipconfig]

Know your subnet (what is your network address for example mine is 192.168.1.0 network)

arp -a

Copy Mac address and revers lookup on Wireshark OUI Lookup tool or any other working platforms out there.

Once that is done, you will be able to for example, create an amazing info rich topology..

So go ahead and watch the video again.. and skecth your home's network topology..

  1. NSLOOKUP
  2. IPCONFIG
  3. TRACERT

Teacher Notes

Teachers! Did you use this instructable in your classroom?
Add a Teacher Note to share how you incorporated it into your lesson.

Be the First to Share

    Recommendations

    • LED Strip Speed Challenge

      LED Strip Speed Challenge
    • Sculpting Challenge

      Sculpting Challenge
    • Clocks Contest

      Clocks Contest

    Discussions