Solved

Getting router IP

Posted on 2004-10-13
9
397 Views
Last Modified: 2013-11-29
I'm trying to lookup my router IP but i don't know what/where to look, I don't know the maker/modle and all I have right now is a MAC ID. I'm trying to get my comp to be able to do some internet gaming again, but everything i try to connect to (including telnet) is 'actively refused'. I'm not entirely sure how to explain the situation so please, ask questions, because I'll prolly learn something from just you asking=D

Thanks for your time.
0
Comment
Question by:Apothem
9 Comments
 

Author Comment

by:Apothem
ID: 12305044
Oh yeah, I have no 'server' type connection to the router, I'm client-side only...
0
 
LVL 2

Expert Comment

by:nukeme369
ID: 12305055
www.whatismyip.com "should" show you your Internet side IP.  Typically you could use that to figure your public side. If you know your local IP, I would run an IP scan on the same subnet. i.e. if your local IP is 192.168.32.45 with a subnet mask of 255.255.255.0 then ping every address from 192.168.32.2 to 192.168.32.254.

What kind of environment (school, work, home, etc), and how many other machines are on your side of the router?
0
 

Author Comment

by:Apothem
ID: 12305070
Well lets see, I can get my internet IP easily,  and when i use Cain & Abel to do the subnet scan, I get like 40+ systems, I checked my routing tables and they're all using a different submask than what's being assigned via DHCP in the ipconfig.... There's also a bunch of comps i can't resolve host names to... The environment, by the way, is a boarding school, with an unbelieveably unreliable network, The internet has been down for the last 2 days, and it just came back up and NOTHING works except Aol instant messenger and Internet explorer.... It's really wierd considering it wasnt like this beforehand...
0
 

Author Comment

by:Apothem
ID: 12305110
Ack, all of them are using a different mask, except 1, but then again, I don't know jack about the routing tables so I really shouldn't even have really mentioned it, I'll double the points tho if you can give a good description/explaination of what a routing table is along with the solution to this one.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 2

Assisted Solution

by:wjc7662
wjc7662 earned 500 total points
ID: 12305261
If you are looking for the internal private ip address of your router, you can get this by running the ipconfig command.  The default-gateway address should be your router's internal address.  If this does not help, how many routers do you have?  You say that the subnet masks are different on different machines?  This would indicate to me that there are multiple subnets on the network, which also indicates multiple router interfaces.  (whether they are all on one router, or they each exist on separate routers is really not an issue.)
As far as routing tables go, a wider base of knowledge is needed to understand the purpose of routing tables.  
Routers are used to create network segments, breaking up broadcast domains.  To do this, subnet masks are used to identify a valid range of ip addresses in a particular subnet.  Since subnets make networks logically discontiiguous, or unreachable from other subnets, routers are needed to communicate between these subnets.  For routers to perform their roles, they must have an interface connected to each logical subnet.  When a router is connected to s subnet, it builds a table to identify the subnets that it is attatched to and what interface it is attatched on.  This is the routing table.  When a router receives a request to forward packets to another network, it compares the destination address to its routing tables.  When a match is found, that packet is then forwarded out the interface associated with the specified network.
Hope this helps.
0
 

Author Comment

by:Apothem
ID: 12305298
Well, technically, this is my school's network considering that I'm a boarding student, but anyway, I'm connected to a wireless router, the gateway, being 192.168.60.1, is universial on all computers.Which is why i came to the conclusion that maybe that ip isn't for every single AP on the campus. It appears the routers are no more than a forwarding point to the actual server where all the data is processed. Keep in mind that I can only do client side checks and it has been a real pain in the >>insert body part here<< trying to find out the littlest details about this network.
0
 
LVL 2

Accepted Solution

by:
wjc7662 earned 500 total points
ID: 12305340
The 192.168.60.1 router is most likely as you say,  a forwarding point.  More than likely, everyone accessing your AP is on a single subnet, such as one for dormatories.  FYI, telnet can be used to test other port connectivity.  From the command prompt you can 'telnet ipaddress port#'  (telnet quake.com 3389).  If you get a connection, then that port is open.  As far as gaming, it sounds like your admins have disabled those ports.  I would speak with them to verify this, and if appropriate, ask them to re-open them.
0
 

Author Comment

by:Apothem
ID: 12307031
Hmmm, well what's really funny about all this is the fact that AOL instant messenger works, which uses port 5190, and port 80 works, so yup, i think you're right.... I think i'm gonna strangle the network admin when i see him.... j/k =P Thanks everyone for your help!
0
 
LVL 27

Expert Comment

by:pseudocyber
ID: 12307073
See if you can run a traceroute.  For instance, if you traceroute

At a command line, enter:  tracert www.dnsstuff.com and you would get:

1    <1 ms    <1 ms    <1 ms  vl242-c3-core-04.x.com [x.x.x.131]
2    <1 ms    <1 ms    <1 ms  inside-c3-fw-01a.x.com [10.32.250.11]
3    <1 ms    <1 ms    <1 ms  hsrp-x-border.x.com [x.x.x.1]
4    <1 ms    <1 ms    <1 ms  f0-0-x-border-x.x.com [x.x.x.3]
5     5 ms    10 ms     5 ms  t3-4-2-0.ar4.x.x.net [x.x.x.65]
6     5 ms     5 ms     5 ms  208.51.134.30
7     9 ms     5 ms     5 ms  atl-core-02.inet.qwest.net [205.171.21.101]
8     6 ms     5 ms     5 ms  atl-core-01.inet.qwest.net [205.171.21.149]
9    49 ms    65 ms    49 ms  chi-core-02.inet.qwest.net [205.171.8.198]
0    49 ms    49 ms    49 ms  chi-core-01.inet.qwest.net [205.171.20.169]
1    49 ms    49 ms    49 ms  chi-edge-09.inet.qwest.net [205.171.20.122]
2    56 ms    58 ms    57 ms  65.117.168.138
3    55 ms    56 ms    55 ms  aggr-rtr02.eth4-6.sdf.xodiax.net [216.26.128.182]
4    55 ms    55 ms    55 ms  kyle.ve23.sdf.xodiax.net [216.26.134.5]
5    56 ms    56 ms    57 ms  host73.216.26.134.zirmed.com [216.26.134.73]
6    57 ms    57 ms    57 ms  www.dnsstuff.com [69.2.200.183]

Now, depending on how secure your network is, and if your network people block ICMP effectively, you could reverse it by going to http://www.dnsstuff.com and doing a traceroute back to your own network (use one of the first IP's in the traceroute above):

1 3 ms 9 ms 9 ms 216.26.134.2  [www.DNSstuff.com 1st hop] 62 UNITED STATES  
2 34 ms 42 ms 53 ms 216.26.129.91  core-rtr02.ge-1-3-0.sdf.xodiax.net. 251 UNITED STATES Unix: 11:24:12.854
3 3 ms 6 ms 39 ms 216.26.128.181  edge-rtr02.ge-0-3-0.sdf.xodiax.net. 251 UNITED STATES Unix: 11:24:12.896
4 9 ms 14 ms 14 ms 65.117.168.137  chi-edge-09.inet.qwest.net. 250 UNITED STATES Unix: 11:24:12.957
5 9 ms 12 ms 12 ms 205.171.20.125  chi-core-03.inet.qwest.net. 249 UNITED STATES Unix: 11:24:12.972
6 11 ms 21 ms 14 ms 205.171.20.177  chi-core-02.inet.qwest.net. 249 UNITED STATES Unix: 11:24:12.989
7 11 ms 14 ms 14 ms 205.171.205.34  cer-core-01.inet.qwest.net. 247 UNITED STATES Unix: 11:24:13. 7
8 10 ms 13 ms 13 ms 205.171.139.146  chp-brdr-01.inet.qwest.net. 247 UNITED STATES  
9 14 ms 9 ms 13 ms 208.50.13.249  [Missing reverse DNS entry] 245 UNITED STATES Unix: 11:24:13. 71
10 124 ms 161 ms 176 ms 67.17.68.230  so0-0-0-9953M.ar4.x.x.net. 244 UNITED STATES Unix: 11:24:13.200
11 * * *          
12 * * *          
13 * * *          
14 * * *    
[4 hops with no response; assuming we hit a firewall that blocks pings]


As you can see, we lock ours down ;)  But the neat thing this does is give you IP addresses in bound and outbound and you can put them together.

Additionally, explore using "ping -r".  At a command line, do a "ping /?"

HTH

PS - An easy way to test to see if ports are open, listening, and unblocked is to use telnet as was suggested - for instance, to test if you can get to www.experts-exchange.com over port 80, in a command line, type:  telnet www.experts-exchange.com 80.  When you get connected, type:  get.  All the html garbage you get tells you port 80 is open all the way to your destination.

To expand a bit (it's a pun) on the routing tables ...

Internet Protocol uses a hierarchial addressing scheme known as IP addresses.  The subnet masks allow the routers and hosts to compare addresses and determine whether to change the layer 2 ethernet address or not.

Lets say you have host A, B, and C.  A and B are on the same network.  A wants to send the first packet of the day to B.  A knows it's own IP address, its own subnet mask, and the destination IP address.  First thing A will do is do a binary compare of its address and the destination using its subnet mask.  This is a Binary AND.  It will take it's 192.168.1.100 address and convert to binary to get 11000000.10101000.00000001.1100100 and its mask of 255.255.255.0 is 11111111.11111111.11111111.00000000 it will AND these and get (in dec) 192.168.1.0 - this is the network.  Now, it will do the same thing to the destination - and get 192.168.1.0.  This means it's on the SAME network and it will now do an ARP to get the layer 2 ethernet MAC address of the destination layer 3 address.

However, if it's sending to destination C and its address is 192.168.3.100 the binary AND would reveal that its on a different network because the 3 in binary is 00000011 and the 1 in binary (from the previous 3rd octet) is 1.  So, it's DIFFERENT and it now knows it needs to be sent to the default gateway so it will issue an ARP to get the layer 2 MAC address of the default gateway and send the packet to the router.

Once the router gets it, it will compare the destination address to the IP addresses in its routing table and if it has an entry, will forward it out the appropriate interface.  

Hope that makes some sense ...
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now