Wednesday, 13 April 2011

Finding Server's Network Port Programatically

A while ago using info available on the net I knocked together a batch file that uses a windows port of TCPDUMP that doesn't need winpcap installed.

This worked fine and was great in our environment where CDP is enabled, Some advise disabling for security though.

Well all worked fine until I started trying it on windows 2008 and was receiving the following error message:

tcpdump.exe: PacketGetAdapterNames: The operation completed successfully. (0)

I looked around and 3.9.8 seemed to be the latest version, and doesn't offer support for windows 2008 r2 however I downloaded the trial of version 4 from here  http://www.microolap.com/products/network/tcpdump/download/

Which still doesn't state it works on windows 2008.. :(  -- however my batch file now works again.. :)

Anyway my rough and ready batch file contains the following:


cls
tcpdump -D
set Interface=
echo.
set /P Interface=Enter Interface Number: %=%
tcpdump -nn -v -s 1500 -i %Interface% -c 1 ether[20:2] == 0x2000 >c:\out.txt
Echo "Port Details Are" |Echo.
type c:\out.txt |findstr /R "\Device-ID \Address.[(] \Management.Addresses \Port-ID"
del c:\ out.txt >nul
pause

I will eventually re-write this as powershell or VBS so I can deploy it via SCCM to get a view of ports the servers are patched into.

No comments:

Post a comment