pinging network script

metallica1973 · 11-23-2007, 08:30 AM

I found this example on some other post:

PHP Code:


			
Example #1



#!/bin/bash

echo

echo ""

echo "Enter hostname or ip address: " 

read host

echo

num=`ping -s 1 -c 1 $host > /dev/null; echo $?`

if [ $num -eq 0 ]; then

    echo "Connected to $host."

else

    echo "Cannot connect to $host."

fi





Example #2



#!/bin/bash

host="ip_address_here"

num=`ping -s 1 -c 1 $host > /dev/null; echo $?`

if [ $num -eq 0 ]; then

    echo "Connected to $host."

else

    echo "Cannot connect to $host."

fi

and another baisc script:

PHP Code:


			
servers="server1.foo.bar server2.foo.bar server3.foo.bar"

for server in $servers ; do

if ping -c 3 -t 5 $server 2>&1 > /dev/null

then

echo "$server: up"

else

echo "$server: down"

fi

done

and was wondering how I would do this with a 50 network devices. I would like to pull this list of IP's from another file(that has the list of ip's) I would like to see if they are up or not and want it to very quick and efficient. I would also like a nice output to some log files saying that this X amount of switches are up and the others are down and if they have port 23 open on the devices. I would also like a time and a date of displayed on the files. help

acid_kewpie · 11-23-2007, 08:54 AM

cat iplist.txt | while read ipaddress
do
ping $ipaddress
etc...
done

spoodie · 11-23-2007, 09:15 AM

Something like this

Code:

#!/bin/bash

# Replace "file" with the file name that has the list of IPs
iplist=file
upcount=0
downhosts=""

for i in $(cat ${iplist})
do
        ping -c 1 -t 1 $i > /dev/null 2>&1
        if [[ $? -eq 0 ]] ; then
                (( upcount+=1 ))
        else
                downhosts="${downhosts} ${i}"
        fi
done

echo "${upcount} switches are up"
echo "The following switches are down: ${downhosts}"

This doesn't do anything about port 23 as you weren't clear about what you wanted. Do you have netcat (the "nc" command) installed?

metallica1973 · 11-23-2007, 09:22 AM

as far as telnet port 23, I just want to make sure that those ports are not open on these devices and if they are to include it in the log!

spoodie · 11-23-2007, 09:56 AM

This should do it then, assuming you have "nc" available. Modify the output as suits your requirements.

Code:

#!/bin/bash

# Replace "file" with the file name that has the list of IPs
iplist=file
upcount=0
downhosts=""
port23s=""

for i in $(cat ${iplist})
do
        ping -c 1 -t 1 $i > /dev/null 2>&1
        if [[ $? -eq 0 ]] ; then
                (( upcount+=1 ))
        else
                downhosts="${downhosts} ${i}"
        fi

        nc -z $i 23
        if [[ $? -eq 0 ]] ; then
                port23s="${port23s} ${i}"
        fi
done

echo "${upcount} switches are up"
echo "The following switches are down: ${downhosts}"
echo "The following switches have port 23 open: ${port23s}"

matthewg42 · 11-23-2007, 10:08 AM

nmap can be used to ping a list of hosts. You use the -sP option to specify a ping scan, and you can read the list of hosts from a file using the -iL option:

Code:

nmap -sP -iL hostlist.txt

On the plus side, this will probably perform better than reading s list of hosts and calling ping for each in turn, as nmap will ping multiple hosts in parallel. There are also some useful output options which you might like.

On the negative side, nmap might not be installed, and some sysadmins may object to having it installed as it can be used for evil as well as good.

acid_kewpie · 11-23-2007, 10:08 AM

personally i'd be using nmap to check for a port being open. very easy to script around that.

Alien_Hominid · 11-23-2007, 11:40 AM

of course nmap (if you need speed)

metallica1973 · 11-23-2007, 11:52 AM

Gentleman, I cannot use netcat in this network. Is there another option that I can use such as telnet and then close the connection once there has been an estblished connection to show that telnet and port 23 are open? Because of our network restricition I do not have the flexibilty to use that application. Trust me I would love to use it but the security guys around here have us locked down. You guys are great(spoodie,matthewg42,Alien_Hominid) and as far as acid_keypie, you are the man and I owe you million favors. thanks

acid_kewpie · 11-23-2007, 01:35 PM

what sort of network restriction would that be? all the network sees in a three way tcp handshake, be it netcat, nmap, telnet...

metallica1973 · 11-23-2007, 02:52 PM

I cannot reveal my location of work but lets say that it is the utmost in security. I have ask the security engineers that the policy is so tight that I could get fired for using an unauthorized program. The server are audited by security engineers and it is almost crazy. So the reason I am asking use alternate method is because of this reason.

acid_kewpie · 11-23-2007, 03:09 PM

There seems to really be quite some conflict of scope and scale here... if things are that secure, that important, why are you not looking to use proper security cleared tools to do this job? telnet in itself *should* be seen as a liability by a policy of the level you suggest. the ability to expose passwords in plaintext through such an outdated protocol should be in itself enough to ban that program i'd have thought. using telnet to monitor automatically isn't going to be fun as you cna't tune the timeouts and such, so you can be looking at a minute or longer per connection attempt, compared to a second for a proper tool.

Alien_Hominid · 11-23-2007, 03:43 PM

Quote:

Originally Posted by metallica1973

I cannot reveal my location of work but lets say that it is the utmost in security. I have ask the security engineers that the policy is so tight that I could get fired for using an unauthorized program. The server are audited by security engineers and it is almost crazy. So the reason I am asking use alternate method is because of this reason.

I don't get it. How nc, nmap are insecure? You can use them for various things but they don't make system insecure just because they're installed. They are just same tools like ping, finger or telnet and they're not daemons run with root privileges. So where is the problem if you compile and run them from your home dir? What damage can they do if they're run with your privileges?
Either your network security engineers talk nonsense or you just want to run them in some shell provider (then prohibition is understandable). And telnet (as service) is mostly deprecated everywhere.

Why not to take a different approach? Those computers, which are online, connects to the main one and updates their status like every five minutes.

acid_kewpie · 11-23-2007, 03:47 PM

to play devil's advocate, a policy is a policy, and if it's not up to you to make it, you usually just have to lump it regardless of it making sense or not...

metallica1973 · 11-23-2007, 08:06 PM

my job is has to due with network performance/security and it also entails working with Solaris/Linux boxes and admin stuff. I am on probation for this job because I just started it and my boss ask me to create this script that is going to replace a vbs script on a windows box that does exactly this:

pings the devices from a file that has all of the ip address of the Cisco NAM's and sniffers and also attempts to telnet to these devices to see if telnet is enable on these devices which is a security issue. My job is to create a shell script that will do the same thing but is faster, more efficient and has a better looking output then what is being produced. These sniffers and Cisco NAMS are scattered all over the USA and it is my responsibility to make sure that these devices that so many other people use, do not have certain services open telnet) for it is a breach of security. I hope that you get a better understanding. I am just trying to impress my boss in hopes that I can keep this job. I got this job by mistake and I am under qualifiedly but if I can impress this guy I can really launch my career forward toward network security and WAN's. thanks