>> I wish to remotely access a web server on the the PC that sits on my
>> desk. It is behind a NAT firewall, which in turn is intermittently
>> connected to the Internet on a dynamic IP (dialup) address. I am the
>> administrator of the firewall, and have directed incoming http
>> requests to the PC.
>>
>> I have no convenient way of locating the PC from the Internet. I
>> cannot use an IP posting type program, since the PC does not know the
>> current external IP address of the firewall. I know that if it is
>> connected, it will appear on one of four class C networks. I can
>> locate it by scanning port 80, and then loading the addresses which
>> respond in my browser. In the process, I'm sending attempted
>> connections to many machines that aren't running web servers, as well
>> as loading the home page of several machines that aren't mine. In
>> practice, the about half of the latter are servers that have been
>> configured to display a public page, and about half are unconfigured
>> (Microsoft IIS demo pages are very common).
>>
>> In theory, I could be looking for unconfigured servers in an attempt
>> to exploit weaknesses in the default configurations. In reality, I'm
>> just hunting for my PC.
>>
>> Comments? Is this, or should this be, illegal? Is it rude?
>If I'm correct and you are doing this from a homesite, to your employers
>site, then most certainly it all depends upon protocol at your employer.
>If you have permission from the boss, then at worst you might showup on
>some higherend users IDS logging system and be questioned about the scans.
>I would see no reason why they should not show any interest in these
>connection attempts, nor perhaps even find them mildly rudely intrusive,
>but it would ultimately rest with your employers policies and whether you
>have permission to be making the connections you are attempting.
I must not have been clear.
Internet
/ \
/ \
Me @ ISP
Home POP
/ | \
/ | \
ISP ISP Work NAT
User User Firewall
|
|
PC @
Work
I am at home, attempting to connect to my PC at work. I am the
sysadmin at work and have permission from there. The other machines
that I am scanning to find my work PC are other users on the same POP
(which contains 4 class C networks). Most of these will be individual
machines, but there is at least one other NAT Firewall/Router
connected.
David Getchell
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
