FreeBSD Manual Pages
SDIG(8) Switch Digger SDIG(8) NAME sdig - The Switch Digger SYNOPSIS sdig [-d] [-v] [-F] [-p/-P] [-f config] [-m/-m MAC] ( IP | hostname ) DESCRIPTION The Switch Digger, or sdig, is a tool that is intended to help network administrators track down systems. It was designed in a public school district environment with about 1500 systems spread across 25 remote locations. sdig works by first finding the IP address of the target system, then it contacts the router(s) in that network to get the MAC address for that IP address. With that known, it then probes every switch on the target network to find a port number. The port that doesn't lead to another switch is returned, along with any description you may have provided. OPTIONS -d Raise the debugging level by 1. This gets rather messy above 3 or 4. -v Be verbose. This makes sdig print every port instead of just the one that is the most likely candidate, for example (includes inter-switch ports with LINKINFO written in sdig.conf). -F Fast mode. sdig will not do reverse DNS (in-addr.arpa) or Net- BIOS queries to port 137 when this is enabled. -f config Use the configuration file config. -m MAC Look for this MAC address rather than asking a router about it. You still can provide an IP address or hostname so that sdig knows which network to check. -m A total-network sweep option is when you don't provide the IP, takes longer to query all switches, so care is taken than each IPxCOMMUNITY is only queried once. IP An Internet Protocol address to find, i.e. 192.168.1.1. hostname A DNS or WINS hostname to find. WINS resolution is only avail- able if you have installed nmblookup from Samba and have added it to your config file. -p/-P Parallelized SNMP queries have been added and improved as a fea- ture of the recent sdig versions. If compiled in, they can be disabled at run time, or different activities may be done at discretion of future programmers. "-p" increases the "use par- allelism" counter. "-P" decreases the "use parallelism" counter, but to no less than zero. You might want to disable this i.e. if it misbehaves on your platform, or if you have very many switches and spawning many children would exhaust your file descriptors (network sockets) or process table entries. Hint: Future versions may add a limit on number of spawned children. If the "parallelized queries" feature is not compiled in, these "-p/-P" flags are recognized, but ignored. LIMITATIONS You can't track down arbitrary hosts on the Internet. Well, most peo- ple can't. You might be able to do this if you convince all the router and switch manufacturers of the world to drop in a SNMP backdoor for your sdig host. US government three letter entities: contact me for details. BUGS This program was developed on just one kind of system (Linux glibc2) so it probably doesn't compile cleanly on others. NOTE: version 0.45 was developed on Solaris x86/SPARC and also works there. BACKGROUND I (Russell Kroll) first wrote this program to show some local people that you don't need to dump lots of money into a program like 3com's Transcend just to hunt down some lusers on your network. If you don't need to create fancy network diagrams to impress the PHBs, then this program will probably work for you. It was developed originally on 3com SuperStack 3300s, and continues to be tested both on those and various HP 2324s and 4108s. Other equip- ment should also work if it provides the same basic OIDs. Jim Klimov also tested it in a diverse network with HP, Cisco, Avaya, and Allied Telesyn equipment, to name a few. SEE ALSO sdig.conf(5) AUTHORS Russell Kroll <rkroll@exploits.org> up till sdig-0.40 Russell A. Jackson <raj@csub.edu> sdig-0.41 .. sdig-0.44 Jim Klimov <jimk- limov@gmail.com> sdig-0.45 Mon Apr 4 2003 SDIG(8)
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | LIMITATIONS | BUGS | BACKGROUND | SEE ALSO | AUTHORS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=sdig&sektion=8&manpath=FreeBSD+Ports+15.0.quarterly>