Network discovery programmatically

Question

Is there a specific protocol used for network discovery?
I'm looking to code this into an existing java project. Currently I'm using a port scanner to handle the case, but I'm looking to swap that out for something that can give me a little more info. If possible I'd like to scan to discover machine and pull the Ip addr, host name, MAC addr, NIC make/model, OS, and anything else I can get.

Answer 1

Check out the SNMP protocol. It has a way to autodiscover devices on the network. Keep in mind that there are some security concerns with this (especially older versions of the protocol).

Answer 2

There is no one protocol that will do all this for you. I've had to do exactly this and basically, the best approach involves using a combination of heuristics to locate, analyze and cross-reference network nodes and topology. Here are the data sources I used:

• Traceroute allows you to identify edge devices and routers in the network
• Port-scanner allows you to identify what services are running on each node
• SNMP allows you to detect the type of device, as well as all its network interfaces, other IP addresses, the IP of devices connected to each port on switches, the routing table, the process table, the network configuration, etc... This is the best source of data, but requires the node to be running an snmp server (installed by default on windows and most linux distros) and to have credentials.
• WMI for windows hosts, will provide roughly the same info as SNMP

Here's an accademic resource I dug up while working on my topology mapper. Hopefully it will help. Good luck!

Answer 3

Check nmap for what it can. It is network scanner, can scan with ARP, TCP-SYN, and many other sniffing techniques. It also contains large database of different machines fingerprints, so it can guess what OS/version given system runs.