Versions Compared

Old Version 10

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version Current

changes.mady.by.user Mark Unwin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

New in Open-AudIT 4.1.0, we have introduced Device Seed Discoveries. This is another type of discovery, where you provide the IP of a single "seed" device. This device is audited, and any IPs it knows are then added to the list of IPs IP's to be audited. Then, those devices are audited and any IPs they know are also added to the list of IPs for auditing. This process then continues within the parameters configured by the user.

Device Seed Discoveries are a good option if you know that your network consists of a range of subnetssubnet's, but you're unsure what they are. Seed the discovery with a local router and watch your network unfold before your eyes.

...

You can limit the Device Seed Discovery to fall within a strict set of parameters, including:

  • Restrict to Subnet
  • Private/public IP(s)
  • Respond to Ping check (important for routers with long lived ARP caches) 
  • Restrict to Private

These parameters enable you to audit only what is useful and relevant to you, saving processing time and allowing you to discover your network in an orderly manner. 

We also have an option to Ping Before Scan (important for routers with long lived ARP caches). This is usually a good idea.

All regular discovery options are also available for use in Device Seed Discoveries.

Summary

The Device Seed Discovery type is the newest highly-effective method for network crawling, giving you the ability to target your network as narrowly or as broadly as you need. It's fast, it works and it's great.

If you have an Open-AudIT Enterprise licencelicense, as well as Open-AudIT 4.1.0 or newer, you can try a Device Seed Discovery today. 

If you don't have an Enterprise licencelicense, or need to update your software, you can learn more about doing both here.

...

Technical Details FAQ

How does a Device Seed Discovery find known IPs?

Provided you have the correct credentials, Device Seed Discovery works as follows: 

  • For SNMP devices, OIDs for:
    • SNMP OIDs for ipNetToMediaPhysAddress (1.3.6.1.2.1.4.22.1.2), ipNetToPhysicalPhysAddress
    • ipNetToPhysicalPhysAddress (1.3.6.1.2.1.4.35.1.4.3.1.4) and atPhysAddress
    • atPhysAddress (1.3.6.1.2.1.3.1.1.2)
    • ipRouteEntry (1.3.6.1.2.1.4.21.1.1)
  • For SSH devices:
    • "arp -an" and "netstat -rn" commands.
  • For Windows devices:
    • "arp -a" commands.

...