Solved

Detecting firewall's ip

Posted on 2004-04-09
5
398 Views
Last Modified: 2013-12-04
Beating my head in on this one.  The school has changed the network's configuration and isp.  I am getting about twice the bandwidth now, which is nice, but I can no longer get to the control panel of my website.  I cannot access any ftp sites (never could before), and I can no longer access my https control panel(uses port 8443).  I *can* access other secure sites though.  I know that I'm not behind the proxy server that I was before.  BUT, there is *something* in the way.  There is no proxy server listed in the registry (that I could find).

The truly unfortunate side-effect of this is that our network is no longer run in-house; so I no longer have the luxury of say asking the admin what this address is.

I *do* have a supervisor login..  Where can I find this information??

I've found a couple tunnelling clients, but I need to know the ip of the firewall to get them to actually work..

Thanks,

Shawn
0
Comment
Question by:ShawnCurry
5 Comments
 
LVL 31

Assisted Solution

by:Gareth Gudger
Gareth Gudger earned 200 total points
ID: 10795275
The firewall might be the gateway address in your IP properties if you want to try the tunneling software.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 200 total points
ID: 10795315
Do a Tracert (traceroute) to some web site's... try google.com and ntsecurity.nu you should see perhaps the first few HOPS stay the same, any hop that doesn't respond is probably a PIX firewall, as they by default do not respond to pings, but are normally configured to pass a traceroute through. A traceroute is a Ping that vary's the TTL until it reaches it's destination. Your computer says... ping google.com ttl = 1 so the first hop says, i got your ping, and responds becaus the ttl is expired. your pc ping's with a ttl = 2 , the first hop decrements the ttl to 1 and then the second hop say, got it... and so on. A pix will decrement your ttl's on ping's but will not reply as another device will. A firewall is tough to detect with a ping alone. Get Nmap or another scanner. You can scan a /24 (class c subnet) very easily.

nmap -sT -vv -P0 1.2.3.0/24  (that's a capitol Pee and a ZERO) replace your subnet where 1.2.3.0 is (leave the 0/24 just need to fill in the first 3 octets) or nmapnt for windows  (nmapnt -sT -vv -P0 1.2.3.0/24

Prior to all of this, contact your helpdesk. A supervisor login to what? Cisco router? Brocade switch?
-rich
0
 
LVL 3

Author Comment

by:ShawnCurry
ID: 10795422
The gateway address is the PDC..  I've read a little bit about those traceroute programs; it is very cool stuff.  My supervisor login is to the windows network.  I don't think the firewall hardware is even in this building; it's probably in Illinois somewhere now.  It is a class c ip address...  I'll have to try monday.

I'd love to call helpdesk, but he's gone on vacation for the next two weeks..  I'm sure he'll help me when he comes back; but I'm on a time table; and this change sets me back at least a day, probably longer.

What I *know* is that I used to set the proxy in my browser; now I don't, but there's still something in my way, and it's pissing me off!!!

Thanks for the input; keep it coming!!

Shawn
0
 
LVL 6

Assisted Solution

by:Joseph_Moore
Joseph_Moore earned 100 total points
ID: 10795551
Ok, what does the TRACERT to www.yahoo.com reveal? That will telll you what the network routing archeticture is (I think I spelled that wrong, but I've had a lot of beer, so I deserve some slack here). Once you know what ICMP uses for routing, you can jump from there.
0
 
LVL 3

Author Comment

by:ShawnCurry
ID: 10934610
Well, I eventually got around it; I simply rolled my own cgi upload form.  Well, maybe not so simply!  Oh well, a mult-part mime parser may come in handy..

Anyway, thanks.

Shawn
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question