Another day, another question !
I am trying to write a script that would monitor my LAN for any new new devices connected to it and if it finds a new device, send me an email.
My test network is a very simple one consisting of just 1 cisco 2900XL switch. So far the script can runs every 2 minutes (cronjob) and finds the new mac address.
How can I get the IP information corresponding to the mac found? This is what I have so far :
Scan scan through the DHCP leases file of the dhcp server to see what IP was assigned to the device (if the device is set to DHCP though)
If my network had a router look through its routing tables for the mac entry, but my setup is a simple one and does not need one.
Also method#1 would fail if the device had a static ip on it.
Any ideas for this ?
thanks
-ankit
Arpwatch is available and already does what you want. Depending on your distribution, it's easy to install.
Show arp tables:
better use of ICMP and SNMP for device discovery.
Another way which may be useful is to use nmap and scan your entire network. This way you can get all of the devices connected on your network. http://nmap.org/download.html. Just create a script that runs it as a cron job.