Page 1 of 1

Checking if an IP is free, without having an IP address [MS Windows]

Posted: Wed Jul 10, 2024 2:20 am
by ansky
You connect your computer to the customer's network and you discover that there is no DHCP server. Now you must assign an IP address manually but if you take one that's already assigned, you'll cause a conflict and take down the other computer, which may be critical, resulting in disaster.
You can't use ping, as it requires an IP address to begin with.
So, we'll use ARP.
For this, you need to install nmap : https://nmap.org/download#windows (reboot after installing)
Assign an IP address in the APIPA range to the interface in question, like 169.254.0.1.
Then open an elevated powershell window and get the list of interfaces using command Get-NetAdapter and note the ifIndex of the interface that is connected to your customer's network.
Next we'll setup a temporary route :
route add [network] mask [subnet mask] 0.0.0.0 if [ifIndex]
Here's an example :
route add 192.168.1.0 mask 255.255.255.0 0.0.0.0 if 32

Now we can use nmap to send an ARP request :
nmap -n -sn -PR --packet-trace --send-eth [IP address]
Example :
nmap -n -sn -PR --packet-trace --send-eth 192.168.1.1

Starting Nmap 7.95 ( https://nmap.org )
SENT (0.1070s) ARP who-has 192.168.1.1 tell 169.254.0.1
RCVD (0.1070s) ARP reply 192.168.1.1 is-at 11:22:33:44:55:66
Nmap scan report for 192.168.1.1
Host is up (0.00s latency).
MAC Address: 11:22:33:44:55:66 (Routerboard.com)
Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
So we can't use 192.168.1.1.
How about 192.168.1.2?
nmap -n -sn -PR --packet-trace --send-eth 192.168.1.2

Starting Nmap 7.95 ( https://nmap.org )
SENT (0.1050s) ARP who-has 192.168.1.2 tell 169.254.0.1
SENT (1.3230s) ARP who-has 192.168.1.2 tell 169.254.0.1
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 1.54 seconds
We get no ARP answer for 192.168.1.2, it's most likely free to use.

Re: Checking if an IP is free, without having an IP address [MS Windows]

Posted: Fri Aug 30, 2024 6:08 pm
by rextended
And where is the MikroTik device at this point?

All loss of time.

Just power on the mikrotik device.

Start IP scan on right interface, done.

The IP scan do not need IP on device, just specify the IP interval, like 192.168.1.0/24 and the RouterBOARD do all automatically.

Re: Checking if an IP is free, without having an IP address [MS Windows]

Posted: Sat Aug 31, 2024 6:23 pm
by jaclaz
@rextended
Let's assume that by pure chance there is not any Mikrotik device in the customer's network.

Doing an IP-scan from windows is a perfectly legit operation, but IMHO the original post over-complicates it a bit.

A window computer set to get IP address from DHCP should already get an APIPA address if no DHCP server is found.

Having to install nmap seems to me a complication, as well going IP by IP might take forever.

Download Nirsoft Fastresolver:
https://www.nirsoft.net/utils/fastresolver.html
no need to install can run even from within the (41 kb).zip file.

If you issue the
route print
command the first few lines are the interface numbers to be used as IF argument in the following temporary route add command

There is AFAIK no real need to use an APIPA address, *any* IP range/address that is surely NOT used should do (using an APIPA one should be a good guess of a NOT used network anyway), though the route add command should be pointing to "self" as gateway (example for network with "own" IP address 169.254.0.1 and interface 0x2), and, for what it costs in this temporary setup you can add a route to the whole internet (this way you can explore more networks from fastresolver)::
route add 0.0.0.0 mask 0.0.0.0 169.254.0.1 IF 0x2

At this point running fastresolver will find the active IP's (by showing their MAC address),

You have anyway to know the existing customer's network range to input it in the Fastresolver.