CDP has some really good information about the network in the packet if you need to gather information. See below. I have only concentrated on gathering the core IP address, its software version, and the platform it is. There is more information, but for today's post, we don't care about it. I really just want you to see what you can gain if you don't have access to the network devices, but can gain sniffing capability.
Generically, here is the fields you can expect to see.
And to get specific info you may want, dive deeper.
Good for linux/unix servers:ReplyDelete
tcpdump -nn -v -i -s 1500 -c 1 '(ether[12:2]=0x88cc or ether[20:2]=0x2000)'