Using Avahi command-line programs to discover services

If you are running the Network IPS system on Linux, you can use Avahi to browse for services that are being broadcast on the local network.

Before you begin: You must install the Avahi RPM package for the Linux operating system you are using before you can use the following command-line programs.

Using the avahi-browse command-line program /usr/bin/avahi-browse

avahi-browse is a command-line program that you can use to browse for all mDNS broadcasts on the network and to resolve the host name and IP address of the device performing the broadcasts.

avahi-browse command-line options: avahi-browse <options> <service type>

Use the following command-line options with the avahi-browse program:

Option	Description
`-d <domain>`	Specifies the domain in which you want to browse for services on. If you do not specify a domain, then all domains will be browsed. The Network IPS system broadcasts on the .local domain.
`--resolve`	Displays the host name and the IP address of the Network IPS system, including the service advertisement string. Example: "IBM® Security Network IPS GX4004--SSH"
`-t`	Terminates the avahi-browse program after dumping the current list of named services. The avahi-browse program no longer runs or listens for new broadcasts.
`-a`	Displays all service broadcasts on the network. You do not need to specify a <service type> with this command-line option.
`--no-db-lookup`	Instructs the avahi-browse program not to translate service types. Example: Translating `_ssh._tcp` to a friendlier name such as "SSH Remote Terminal" or translating `_http._tcp` to "Web Site"

Example of viewing the SSH broadcast for your Network IPS system

Type avahi-browse -d local _ssh._tcp --resolve -t at the command line.

(-d and -t are optional. If you use the -a command-line option instead of _ssh._tcp, you will see all broadcasts.) The --resolve command-line option provides the host name and IP address of the Network IPS system, so that you can SSH to that system using ssh admin@<hostname>.local or ssh admin@<ip_address>.

Example of viewing a Web site broadcast for your Network IPS system

Type avahi-browse -d local _http._tcp --resolve -t at a command line.
Open a Web browser. In the Location bar, type https://<hostname> or https://<ip_address> using the host name or IP address that was returned by the --resolve command-line option.

Using the avahi-discover-standalone command-line program /usr/bin/avahi-discover-standalone

The avahi-discover-standalone command-line program is an X Window program that displays all the discoverable services across all domains. You can only run this program from an X Window session.

This command-line program is the same as running avahi-browse -a --resolve. You can use the host name and IP address returned by this program to connect to a Network IPS system using SSH or a using a web browser.