I've been meaning to ask this for a while so figured I would while I have it in mind.

I have a Windows 2003/XP based network with about 40 managed PC's. Monthly I have to use eEye Retina to do a vulnerability scan and upchannel/remediate the findings.

The problem is, if I run the scan and a user has shut down the PC, Retina is denied access and I then I have to track down the offending PC and have it powered up, then re-scan.

Is there a script or command line argument that would allow me to ping a range of PC's either by name or IP range?

This way I can find the offending PC and power it up before running the initial scan (I can't deny users the right to power down, btw, just would rather they not do it inadvertently).

Thanks.

http://nmap.org/book/inst-windows.html

If you use a Mac or any *NIX machine as your checker-outer machine it would be simple to just script the thing, something like

for ((i=0;i<255;i+=1)); do
if ping -a -t 1 192.168.0.$i > /dev/null; then
echo "Success: 192.168.0.$i"
else
echo -n "*"
fi
done

Yeah, there are a thousand ways to do it and that's a real painful one of them but it would work.

Are they laptops, or desktops with fixed connections?

You could use Wake-on-LAN to bring any sleepers up, run your software, then even put them back to sleep / shutdown if you want.

nmap is a great utility and there is a Windows version with a GUI (Zenmap) for those that are a-skeered of a shell. For Windows it can be scripted with PowerShell.

HerrGlock, your if ... else ... fi don't line up. :tease:

Angry IP Scanner is a nice open source utility that scans a range of IP addresses. Binaries available for Win/Mac/Linux.

http://www.angryip.org/w/Home

http://www.angryip.org/wiki/images/e/e1/Ipscan-vista.png

Thanks everyone for the recommendations. Definitely given me something to go on.

Appreciate it.

create a text file with the ip addresses;
vi iplist.txt
192.168.3.0
192.168.3.1
and whatever else you have.
Sure it takes a little time but saves in the end.

Then a script ping.sh

for i in cat `cat ./iplist.txt`;do #Note those are back ticks
fping $i |grep unreachable
done

nmap is a great utility and there is a Windows version with a GUI (Zenmap) for those that are a-skeered of a shell. For Windows it can be scripted with PowerShell.

HerrGlock, your if ... else ... fi don't line up. :tease:

Yeah, yeah, yeah. I pulled it out of a longer script. I'm just happy it didn't look a lot more horrible.

Yeah, yeah, yeah. I pulled it out of a longer script. I'm just happy it didn't look a lot more horrible.

Vestal Virgins appreciate neatness.

:wavey:

Ditto for nmap, good for all sorts of outside the box problem solving... like a poor mans inventory sniffer....

Vestal Virgins appreciate neatness.

:wavey:

No see virgins!
:tongueout::wavey:

No see virgins!
:tongueout::wavey:

But, if you do, they will be very neat and orderly virgins.