• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 412
  • Last Modified:

Detecting firewall's ip

Beating my head in on this one.  The school has changed the network's configuration and isp.  I am getting about twice the bandwidth now, which is nice, but I can no longer get to the control panel of my website.  I cannot access any ftp sites (never could before), and I can no longer access my https control panel(uses port 8443).  I *can* access other secure sites though.  I know that I'm not behind the proxy server that I was before.  BUT, there is *something* in the way.  There is no proxy server listed in the registry (that I could find).

The truly unfortunate side-effect of this is that our network is no longer run in-house; so I no longer have the luxury of say asking the admin what this address is.

I *do* have a supervisor login..  Where can I find this information??

I've found a couple tunnelling clients, but I need to know the ip of the firewall to get them to actually work..


3 Solutions
Gareth GudgerCommented:
The firewall might be the gateway address in your IP properties if you want to try the tunneling software.
Rich RumbleSecurity SamuraiCommented:
Do a Tracert (traceroute) to some web site's... try google.com and ntsecurity.nu you should see perhaps the first few HOPS stay the same, any hop that doesn't respond is probably a PIX firewall, as they by default do not respond to pings, but are normally configured to pass a traceroute through. A traceroute is a Ping that vary's the TTL until it reaches it's destination. Your computer says... ping google.com ttl = 1 so the first hop says, i got your ping, and responds becaus the ttl is expired. your pc ping's with a ttl = 2 , the first hop decrements the ttl to 1 and then the second hop say, got it... and so on. A pix will decrement your ttl's on ping's but will not reply as another device will. A firewall is tough to detect with a ping alone. Get Nmap or another scanner. You can scan a /24 (class c subnet) very easily.

nmap -sT -vv -P0  (that's a capitol Pee and a ZERO) replace your subnet where is (leave the 0/24 just need to fill in the first 3 octets) or nmapnt for windows  (nmapnt -sT -vv -P0

Prior to all of this, contact your helpdesk. A supervisor login to what? Cisco router? Brocade switch?
ShawnCurryAuthor Commented:
The gateway address is the PDC..  I've read a little bit about those traceroute programs; it is very cool stuff.  My supervisor login is to the windows network.  I don't think the firewall hardware is even in this building; it's probably in Illinois somewhere now.  It is a class c ip address...  I'll have to try monday.

I'd love to call helpdesk, but he's gone on vacation for the next two weeks..  I'm sure he'll help me when he comes back; but I'm on a time table; and this change sets me back at least a day, probably longer.

What I *know* is that I used to set the proxy in my browser; now I don't, but there's still something in my way, and it's pissing me off!!!

Thanks for the input; keep it coming!!

Ok, what does the TRACERT to www.yahoo.com reveal? That will telll you what the network routing archeticture is (I think I spelled that wrong, but I've had a lot of beer, so I deserve some slack here). Once you know what ICMP uses for routing, you can jump from there.
ShawnCurryAuthor Commented:
Well, I eventually got around it; I simply rolled my own cgi upload form.  Well, maybe not so simply!  Oh well, a mult-part mime parser may come in handy..

Anyway, thanks.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now