How does my Android phone figure out what's on my network without logging into the home router?
I can see 8 devices on the network when I log into the admin account of the router using a web browser on a laptop.
However, I can see all those devices from my Android phone WITHOUT logging into the router, simply by using "Fing" Android freeware:
formatting link
My question?
How does the phone see both wired & wireless devices (such as a wired printer & a wired Ooma) without logging into the router?
More importantly, how can I get Windows & Linux to see the same 8 or 9 devices on my network that the phone sees *without* logging into the router's admin account?
I looked into this when I bought my Nexus 7 tablet. From what I learned, basic Android users are "Standard" users, using Windows terminology.
Unless things have changed, you will have to "root" your phone. That simply means giving yourself "Administrator" rights. Never got abound to doing it, since I could transfer from anywhere on the network to the tablet.
I don't know yet if Whiskers has the secret because "my" Android phone (which is NOT rooted!) can "see" all the devices on my network (9 of 16) where the other 7 of 16 used to be on the network in the past.
So, Android can see *everything* without being root!
formatting link
How Android does that, I do not know.
By way of contrast, if I *log* into my router as "admin" (essentially root), then I can see all the current devices, which are the same as what Android sees.
This is wrong. Fing will show you EVERYTHING on your network (past and present), without any need to be root!
Try it to see what I mean and post a screenshot. Fing - Network Tools, by Overlook
formatting link
HOW Android accomplishes what takes a router to be root is what I'm trying to do either on Windows or on Linux.
$ arp-scan You need to be root, or arp-scan must be SUID root, to open a link-layer socket. link_open: Operation not permitted
$ sudo arp-scan ioctl: Cannot assign requested address WARNING: Could not obtain IP address for interface eth0. Using 0.0.0.0 for the source address, which is probably not what you want. Either configure eth0 with an IP address, or manually specify the address with the --arpspa option. Interface: eth0, datalink type: EN10MB (Ethernet) Usage: arp-scan [options] [hosts...]
"One possible drawback to this system of using ARP to ping a host is that the ARP protocol is not a routed protocol. If you are not on the same subnet as the host you are trying to connect to, then this method is not going to work without first joining that subnet, which may or may not be physically possible."
Probably time for a Networking 101 class at school, then get the instructor to cover all the possibilities for you :-)
A purpose built tool, might need more than one method. And if nameservers were involved (Bonjour, Avahi, SSDP, NetBIOS, UPNP, DLNA, kitchen_sink), you might actually need a daemon or DLL or something added to the system, to aid in participation in the scheme. So what you're looking for, a heterogenous solution, might be a little more complicated to build, than a solution that only needs to work with its own OS partners.
Having a nameserver, allows perhaps determining what services a device offers. Whether it's a printer or a TV set that plays streamed movies.
Ping used to work fine, until someone considered it a security risk, and servers started disabling ICMP. There is partial or full disable-ment possible. For example, my former ISP did such a good job, the email server could no longer handle fragmented packets, and you could only send very short emails (ones that fit in a single packet). I was required to change the maximum packet size on my end, to make email work again. And the tech support at the ISP, swore up and down, that their end had nothing to do with it :-)
I never took Networking 101. But I have known people who have tried to study this stuff in detail. Our masters grad at work, it took *two years* to assemble a document listing all the protocols and a thumbnail of details for each one. I never got to see the resulting document. I'm sure he benefited from the effort, paid for by our employer. Software architect class individuals would use that document for product planning.
*******
The listing in your router, is the DHCP list. Computing devices needing a dynamic address, use a "lease" with the router. The router keeps a pool of addresses for the purpose. It might be reasonably complete, except for static addresses you assign to devices, which is on the same subnet, but outside the range of pool addresses. The presence or absence (powered off) state of a static device, wouldn't show up in the router list.
Some protocols, require the participants to "cache" recently seen objects. For example, using Windows file sharing, I can see references to items that are no longer on the network. There will be some "wheel spinning" on Windows, if it is required to try to find a non-existent file sharing device. A disadvantage of caching references to them.
And if I could find a decent article on heterogenous environments, I would have pasted it into this posting by now :-) I don't know if this is a popular topic, or why any web site would bother carrying the information needed. For example, a Macintosh site is not likely to entertain articles about Windows, or vice versa.
Here is another result from Fing on unrooted Android:
formatting link
Here is the comparable result from netdiscover on Linux:
formatting link
$ netdiscover -i wlan0 -r 192.168.1.0/24 The program 'netdiscover' is currently not installed. You can install it by typing: sudo apt-get install netdiscover
$ sudo apt-get install netdiscover $ netdiscover -i wlan0 -r 192.168.1.0/24 You must be root to run this.
$ sudo netdiscover -i wlan0 -r 192.168.1.0/24
formatting link
The results are anomalous in that the Apple device showed up on both tests this time, but not all Android devices showed up on the Linux test.
So, once again, the iOs/Android Fing shows *more* devices on the network than did Linux/Windows.
Any method that will work, will need to use multiple methods. While a single, simple method will "mainly" work, it's the exception cases that need to be covered with more methods.
Try to track down the source code for any program (on any platform), that is doing a good job for you. Check the comments in the code, to see how many network features it is using to identify all devices. That's the best I can suggest, to get a handle on what alternate set of tools might work.
Are you certain there are actually 11 devices ? For DHCP address assignment, a "pretty neat" job was done in the second example. Looks too orderly.
*******
Both Fing and Nmap use TCP SYN (half open connections), but they may not be using the same ports, or scanning ports in the same order. Fing apparently does something very simple, for the network map, and then resorts to scanning more ports to build a service map. (In such a case, relying on well known port values that haven't shifted, to identify a service.)
formatting link
Some device network interfaces recognize port scans, and if a scan pattern is "hammered" at the device, a large number of packets end up dropped on the floor. This is why, with my previous router, I could never be sure whether it was stealthy or not, because the router would claim to be under attack, and an unknown amount of WAN (port scanner) traffic was being ignored.
If you fired up Wireshark on a platform it supports, and let the two scanning tools loose, you may be able to compare the approach used, and why they differ in effectiveness.
if you only want to find the devices fing finds do an arp scan. if you want to find all devices attached to your network (including those fing does not find) you could try a MAC scan, but you'd die before it completed.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.