networkers .bashrc

I couldn't find anything existing to lookup a specific TCP/UDP port, so I quickly created some messy bash functions. What I wanted is to have a simple command to lookup a specific TCP/UDP Port, and also to lookup a MAC-address -> manufacturer.

script

In order to get this thing working, put this in your .bashrc in your homedirectory / /etc directory.

``` {.lang:sh .decode:true} function plookup { grep -hE "(^|\s)+$1(/|\s)+" ~/data/lookup/tcp_* }

function mlookup { MAC=$(echo $1 | sed 's/://g' | sed 's/-//g') grep -ih -B1 -A4 "$MAC" ~/data/lookup/oui.txt }

and additionally you need some files in \~/data/lookup/. In my case I've
got the [oui.txt](http://standards.ieee.org/develop/regauth/oui/oui.txt)
for the MAC addresses, and three individuals for the TCP/UDP ports. For
the portlists I've used the data of the three links posted below (nmap,
networkuptime, wikipedia), and simply copied the relevant part into
simple textfiles.

output
======

Finally you can use it like that:

``` {.lang:default .highlight:0 .decode:true}
|| user@workstation~ ||  plookup 3128
ndl-aas         3128/tcp   Active API Server Port
ndl-aas         3128/udp   Active API Server Port
squid-http      3128/tcp        0.004516
3128 Reverse WWW Tunnel Backdoor , RingZero
3128    TCP             HTTP used by Web caches and the default for the Squid cache     Unofficial
3128    TCP             HTTP used by Tatsoft as the default client connection   Unofficial

|| user@workstation~ ||  mlookup 00-0c-29
00-0C-29   (hex)                VMware, Inc.
000C29     (base 16)            VMware, Inc.
                                3401 Hillview Avenue
                                Palo Alto CA 94304
                                UNITED STATES

links

Let me know if you have questions!
Cheers,
Raphi