I want to detect all the android phone connected to my network by a wi-fi. I have used nmap but it is not showing any specific detail to get the android .can any thing is there by which I can detect at least a android is in my network.
Thanks
Asked
Active
Viewed 2,149 times
-1
-
Why do you want to know? – Zoredache Aug 06 '12 at 15:17
-
It a project I am working on. – pradiptart Aug 07 '12 at 05:57
2 Answers
4
Use MAC address vendor lookup and record all the MAC address prefixes for all the phone manufacturers that use Android. It's a heuristic but a pretty good one.
Use arp or arping to resolve IP addresses to MAC addresses.
-
In that case ,If other os is there and it is of same company which is having a android product then what to do we will say it is an android by simply look-up the mac ?It is not that much reliable,Is there any other method. – pradiptart Aug 07 '12 at 05:56
-
And also if the same manufacturer is making the nic card for the computer then it is not correct . – pradiptart Aug 07 '12 at 09:21
1
Only give a cert/key to devices that "register" with IT.
Record the MAC of the device when the user registered it.
You shouldn't have unauthorized devices on your network.
Chris S
- 77,945
- 11
- 124
- 216
-
1That's a bit harsh now a days. The better solution is to create two subnets, one for company-owned devices and another for everyone else. Obviously you restrict the everyone-else subnet and wireless network to only go directly to the internet and bypass all corporate resources. – Brent Pabst Aug 06 '12 at 14:25
-
We do have a "Visitor" WiFi network, but it can't get to anything corporate, not our public e-mail or anything else. If they're happy with that, the password is posted at the front desk. Most people with Androids want their e-mail or something similar, so we've got the registration process. – Chris S Aug 06 '12 at 14:29
-
What we do is exactly what Brent mentioned above. One thing I'll add is with so many internet heavy smartphones, we have basically put that network on extreme low priority QOS - anything can take the bandwidth away from that network as needed. As for the email, why not just allow access to that server by the devices? I would assume when you said 'public e-mail' its normally accessible from outside of your network, meaning that its appropriately secured in such a way that allowing users to access the server from the visitor network would not be a concern. – JTWOOD Aug 06 '12 at 14:57
-
2@JTWOOD We're draconian like that. We have information on our network that's covered by various laws, and quite a few of them. So people don't get access to anything without at least a full page of paperwork and managerial blessing. Helps to keep our insurance cheap (since they audit our security practices yearly). Some organizations take security more seriously than others... – Chris S Aug 06 '12 at 15:58