Asset Management - Physical and logical

Written By Stephen Dick

Asset management is the process of discovering all devices within a network and noting all the specific resources to a point where you have complete knowledge of the information within your network.

This is important when troubleshooting devices all the way from a possible device having a similar IP address and device name, but the MAC address is different because of a possible traffic collision or even a possible threat actor having a similar device on the network transferring important files outbound of your network when it shouldn’t be.

In this guide, I will be showing the process of completing asset management from both in the physical environment and logical environment with a few devices and virtual machines.

It’s important to do this whenever you add a new machine in your environment no matter the size of it.

If you wish to use the label maker I used, I will link this below (Brother P touch TZ)

- https://www.samsclub.com/p/brother-p-touch-home-office-label-maker/prod23012820?xid=plp_product_1

Software used for network discovery is NMap

- https://nmap.org/

This will work with any operating system, but will require either super user permissions (Linux) or Administrative Privileges (Windows)

I will be using Fedora Desktop 38 in this example

- https://fedoraproject.org/workstation/download/

Libreoffice Calc for my spreadsheet software

- https://www.libreoffice.org/download/download-libreoffice/

Ending will look similar to this

Map key i use for the layout

Tab layout

Physical labeling from asset port number to switch port number example below

Front of assets

Ensure you are on the same subnet for your devices you want to do the asset management.

Open a terminal (with admin privileges if using windows)

With nmap installed, you can see a list of commands and plugins to use with nmaps suite

Command - nmap -help

The following command will be used when doing host discovery and scanning for open services, service versions and ports for each machine

Command - sudo nmap -Pn -sV ipaddresshere

Example command - sudo nmap -Pn -sV 192.168.1.0/24

The above example command scans all IP addresses within the 192.168.1.0/24 subnet

Results of the scan from a Damn Vulnerable Linux virtual machine as an example

Link to Damn Vulnerable Linux - https://vulnhub.com/entry/damn-vulnerable-linux-dvl-13-e605,7/

Open the Spreadsheet and label as the following for the Asset Management - All tab

Port Connected

Asset label the machine belongs to physically

Function/use for the virtual machine

IP address in CIDR notation

MAC address of the virtual machine

The network it belongs to

Physical model of the server

Operating system the virtual machine is running on

Services and service versions per port number

Similar to below

Continue until your whole environment is fully labeled

Then break it down to the per device level as well for the hardware and software used

Migrate the assets when migrating the virtual machines when applicable

Stephen Dick