Do you remember our last day before the break, how there were some problems and at they asked students to not begin any exams? All exercises stopped working, and we waited for an hour or so for the fix. In the end, when service was restored, the facilitator mentioned that the problem originated from a DNS problem.
If you look back the post on Route 3, a DNS problem could be the direct cause of no response from [vcenter]. We may just have the wrong IP.
I mean, I don't know their network, and I certainly don't know which IP should be the vcenter server.
But, I bet we can figure it out if we allow ourselves to do some network enumeration.
Using a for loop, we can scan the /24 network.
for /L %g in (1,1,254) do ping -n 1 x.x.x.%g >> ne_result.txt
This command could take a few minutes to complete. There are probably faster ways to do this. A program that would send out all of the pings at once, instead of waiting for a response before sending the next would work quicker. But, meh. A command line for loop is good enough for me.
Searching through the ne_result.txt file for 'reply' I've found that there are 14 active boxes on the /24 network.
With a list of active IPs, we can check to see if any of them respond to vcenter's administration port 9443. Two of the fourteen boxes were already identified in Route 3, leaving twelve left to scan.
nmap -sS [ip] -p 9443
This scan does a dns probe as well, so I got a dns name for all but one of the responding boxes.
It's Christmas eve now, and I've got to go put presents under the tree. Have a great night and thanks for troubleshooting with me!
-dh
If you look back the post on Route 3, a DNS problem could be the direct cause of no response from [vcenter]. We may just have the wrong IP.
I mean, I don't know their network, and I certainly don't know which IP should be the vcenter server.
But, I bet we can figure it out if we allow ourselves to do some network enumeration.
Using a for loop, we can scan the /24 network.
for /L %g in (1,1,254) do ping -n 1 x.x.x.%g >> ne_result.txt
This command could take a few minutes to complete. There are probably faster ways to do this. A program that would send out all of the pings at once, instead of waiting for a response before sending the next would work quicker. But, meh. A command line for loop is good enough for me.
Searching through the ne_result.txt file for 'reply' I've found that there are 14 active boxes on the /24 network.
With a list of active IPs, we can check to see if any of them respond to vcenter's administration port 9443. Two of the fourteen boxes were already identified in Route 3, leaving twelve left to scan.
nmap -sS [ip] -p 9443
This scan does a dns probe as well, so I got a dns name for all but one of the responding boxes.
- [ad2] is filtered
- [chat] is closed
- [media] is closed
- [report] is filtered
- [esxi3] is filtered
- [esxi4] is filtered
- [esxi5] is filtered
- [esxi6] is filtered
- [esxi7] is filtered
- [esxi8] is filtered
- [unk] is closed
- [metting] is closed
It's Christmas eve now, and I've got to go put presents under the tree. Have a great night and thanks for troubleshooting with me!
-dh
No comments:
Post a Comment