someone showed me a software in windows (kerio something, i think) which tracked the IP address in the local LAN and found out the PC name (windows computer name). that showed "ACER-EX3GH21" so we knew it was a acer machine, and tracked the person doing the port scans (it was a virus).

is there a way to do this in linux? (samba maybe?)

The host command should work.

Also nmblookup -A will show you the computer name.

I found this while I was searching ... The article is titled "Hacking Windows Shares using Samba"


http://www.hackinthebox.org/article.php?sid=5719

I think smbclient could do it even if they don't have available shares...

smbclient -L //<ipaddress>/

thanks davisfactor, that worked!

Icarus, i tried that, but it asked me for a password.

anyway, host and nmblookup -A works great!

one thing though, most XP SP2 machines dont respond to pings, and the nmblookup thing doesnt work with them. but that program managed to find the name anyway! is it possible in linux?

If your trying this from a windows machine, you can just use the NBTSTAT command.

nbtstat -A ip.address This will give you the hostname from the ip address.

nbtstat -a hostname This will give you the ip address from the hostname.

The nbtstat command will also give you the logged on user (if any), simple shares, workgroup, etc.