Komodo Labs Forums
Slitheris Network Discovery => Slitheris Network Discovery - Support & General Discussion => Topic started by: plutomars on February 26, 2017, 09:51:52 PM
-
Hey there komodo folks. Since we have your products at work, I figured I'd download your free version to use at home just to observe the results.
So I ran a Slitheris scan on my home network, which doesn't really have anything unusual going in the device arena, just the usual consumer router, some wifi gadgets & tv. At first I observed what I thought was mega bizarre behavior and thought "oops, it's because I'm connected to a VPN", so I shut that down. Rescanning, I still see a bunch of weird stuff. Then I thought "oh, well, it's detecting my VMware virtual nics in the background". Sure, but those are recognized by Slitheris. In addition to that
1. I have a ton of hits on unknown devices inside a subnet in the 192 range - 47? - estimated hops on all of them between 4 to 6?
2. then I have what I expected from my vanilla consumer devices on a separate 192 subnet.
Any ideas? I'm not a net admin, and I know it's not your job to police my home network, but figured I'd ask anyhow. : )
Thanks!
-
Hi there. Thanks for the post!
If estimated hops are between 4-6, then there's something very unusual going on with your home network, at least from the viewpoint of your PC where Slitheris is running. Estimate Hops comes from what Slitheris expects for a ping TTL value vs. what it receives back. So on a typical home LAN, if you ping another PC you should get back 128 as the TTL and on Linux-based devices you'll see 64. You can see this independent of Slitheris by pinging those devices from a DOS Prompt.
We'd be interested in hearing what you get back from pinging a few LAN IPs on your own.
As far as Unknown devices, that's something we're working to greatly improve in Slitheris v2. Device Type identification is currently experimental and only useful as a hint. Basically you won't find any other free-for-home IP scanner that even attempts to identify devices. So Slitheris v1.1 is currently the best you find for recognizing device types. But that all should change this year! It will be a free upgrade, since everyone gets Free Lifetime Upgrades. :)
-
1. I have a ton of hits on unknown devices inside a subnet in the 192 range - 47? - estimated hops on all of them between 4 to 6?
2. then I have what I expected from my vanilla consumer devices on a separate 192 subnet.
Any ideas? I'm not a net admin, and I know it's not your job to police my home network, but figured I'd ask anyhow. : )
Slitheris will detect routes and auto-populate them as separate networks. So it could be one of a few things:
1) Your router is advertising routes to networks you're not aware of
2) You've got a software-based interface that's essentially created a separate /24 network for you (like a VMWare private network) and your Windows PC sees those networks as a result (run a route print from command line to confirm)
3) You've got a VPN connected to your gateway, or you've got a Point-to-site VPN from your PC to a remote network