Re: [gentoo-user] Find IP of proxy
On 06/04/06, Mike Owen <[EMAIL PROTECTED]> wrote: > > On the Windows side, do you have to authenticate to the proxy, or does > it just connect through it? Just connects throught it. M$IE is configured to connect tot the Interner through the proxy. -- Regards, Mick -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On 4/6/06, Mick <[EMAIL PROTECTED]> wrote: > On 06/04/06, Mike Owen <[EMAIL PROTECTED]> wrote: > > > I'm curious as to why you need the proxy info in the first place. It > > sounds like you can connect out just fine, so why bother with > > configuring a proxy? > > No I can't connect to the Internet. Also I believe that icmp traffic > is blocked. No pings are returned. > On the Windows side, do you have to authenticate to the proxy, or does it just connect through it? > > > > If you are allowed to send icmp and udp traffic out of the network, a > > traceroute should show you what hops are on your network. If routing > > forces all traffic through this proxy, it'll probably be one of these > > hops. > > > > Or, they could be doing policy routing where only tcp port 80/443 > > traffic goes through the proxy, and all other traffic goes out some > > other route. In that case, you'll need to use a tcp traceroute program > > configured to probe on port 80, so it is forced through the proxy. > > How do I do that? > emerge -vp tcptraceroute :P -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On 06/04/06, Mike Owen <[EMAIL PROTECTED]> wrote: > I'm curious as to why you need the proxy info in the first place. It > sounds like you can connect out just fine, so why bother with > configuring a proxy? No I can't connect to the Internet. Also I believe that icmp traffic is blocked. No pings are returned. > > If you are allowed to send icmp and udp traffic out of the network, a > traceroute should show you what hops are on your network. If routing > forces all traffic through this proxy, it'll probably be one of these > hops. > > Or, they could be doing policy routing where only tcp port 80/443 > traffic goes through the proxy, and all other traffic goes out some > other route. In that case, you'll need to use a tcp traceroute program > configured to probe on port 80, so it is forced through the proxy. How do I do that? -- Regards, Mick -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The proxy may be on a bridged box, thus, "invisible". SOmetimes the presence of a proxy can be detected by the Via: header on the http protocol, and by some "IP show-ers" like showmyip.com (if my memory is not failing again). - -- Arturo "Buanzo" Busleiman - Consultor en Seguridad Informatica - http://www.buanzo.com.ar My Linux and Security Blog at http://linux-consulting.buanzo.com.ar/ Romper un sistema de seguridad los acerca tanto a ser hackers como encender autos puenteando los convierte en ingenieros automotrices. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFENZWAAlpOsGhXcE0RAiS2AJ4wTLrTm8RHLWHM4HVbcSkBPh6FigCeIRZc 4BriGOpTGYrAE/DbSKWsvd8= =OVMs -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On 4/5/06, Mick <[EMAIL PROTECTED]> wrote: > Hi All, > > At work there's a rather restrictive gateway in place for connecting > LAN desktops to the Internet. How would you go about finding its IP > address? > > Assume that I am booting with Knoppix for this purpose. > -- > Regards, > Mick > I'm curious as to why you need the proxy info in the first place. It sounds like you can connect out just fine, so why bother with configuring a proxy? If you are allowed to send icmp and udp traffic out of the network, a traceroute should show you what hops are on your network. If routing forces all traffic through this proxy, it'll probably be one of these hops. Or, they could be doing policy routing where only tcp port 80/443 traffic goes through the proxy, and all other traffic goes out some other route. In that case, you'll need to use a tcp traceroute program configured to probe on port 80, so it is forced through the proxy. Anyways, it sounds like that company has a few issues with their security policy if it's so easily circumvented. Mike -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On Apr 6, 2006, at 4:58 PM, Mick wrote: On 06/04/06, John Jolet <[EMAIL PROTECTED]> wrote: they locked the desktops down, but still let you boot from a cd? how moronic. He, he, they didn't lock the BIOS. ;-) you're probably dealing with a transparent proxy. the default router you see probably has a rule that says "all traffic for port 80 or 443 from this subnet, redirect over here". your box would never see that router, because by definitions, routes are one-hop only. a traceroute might find it, but unless they gave it an ip that resolves locally to "transparent proxy" or something, how would you know? that's kinda the whole point of transparent proxies. Is there perhaps a wildcard traceroute I could do? what i'm saying is, you could traceroute to say yahoo, but which of the hops is the proxy? you have no way of knowing, except it's probaby the next hop after your default router. but even knowing that won't help you avoid itunless your network guys are completely clueless...that segment should have one and only one way out, that leads to the router that forwards to the proxy -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On 06/04/06, John Jolet <[EMAIL PROTECTED]> wrote: > > they locked the desktops down, but still let you boot from a cd? how > moronic. He, he, they didn't lock the BIOS. ;-) > you're probably dealing with a transparent proxy. the default router > you see probably has a rule that says "all traffic for port 80 or 443 > from this subnet, redirect over here". your box would never see that > router, because by definitions, routes are one-hop only. a > traceroute might find it, but unless they gave it an ip that resolves > locally to "transparent proxy" or something, how would you know? > that's kinda the whole point of transparent proxies. Is there perhaps a wildcard traceroute I could do? -- Regards, Mick -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On Apr 6, 2006, at 4:36 PM, Mick wrote: On 06/04/06, evader <[EMAIL PROTECTED]> wrote: Hi, netstat -rn Your default gateway is likely to be the proxy. Sorry guys, I should have explained better: These WinXP desktops have been locked down beyond belief! Most commands have been removed from \\WINDOWS\sys32. What's left is totally restricted for plain users (which is what I am on this network). Running ipconfig /all, or netstat requires a command prompt which is not available on these machines (I know that because I used BartsPE and Knoppix to 'look around'). They are just locked down thin clients with M$Office on them. Running any network commands on Linux does not show the proxy address - I wouldn't expect it to since I don't know what it is to export it in the system env. The default gateway which is shown is not the Internet proxy (already checked that). I assume that the default gateway is the router for all the desktops on that floor. The printers are on a different router. Pointing a browser to checkip returns the external (as in Internet) IP address, not the internal (as in LAN) IP address which is what I am after. To be exact, it doesn't return anything. The proxy blacklist blocks the address along with many more 'network diagnostic' IP addresses. But I was able to find out anyway by visiting my server and checking the logs. It's really so frustrating. Anything else I may be able to try? Would something like ntop do the trick or will it just pick up all the other hundreds of routers and switches in the corporate LAN? (I can't remember if Knoppix has ntop). they locked the desktops down, but still let you boot from a cd? how moronic. you're probably dealing with a transparent proxy. the default router you see probably has a rule that says "all traffic for port 80 or 443 from this subnet, redirect over here". your box would never see that router, because by definitions, routes are one-hop only. a traceroute might find it, but unless they gave it an ip that resolves locally to "transparent proxy" or something, how would you know? that's kinda the whole point of transparent proxies. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
On 06/04/06, evader <[EMAIL PROTECTED]> wrote: > Hi, > > netstat -rn > > Your default gateway is likely to be the proxy. Sorry guys, I should have explained better: These WinXP desktops have been locked down beyond belief! Most commands have been removed from \\WINDOWS\sys32. What's left is totally restricted for plain users (which is what I am on this network). Running ipconfig /all, or netstat requires a command prompt which is not available on these machines (I know that because I used BartsPE and Knoppix to 'look around'). They are just locked down thin clients with M$Office on them. Running any network commands on Linux does not show the proxy address - I wouldn't expect it to since I don't know what it is to export it in the system env. The default gateway which is shown is not the Internet proxy (already checked that). I assume that the default gateway is the router for all the desktops on that floor. The printers are on a different router. Pointing a browser to checkip returns the external (as in Internet) IP address, not the internal (as in LAN) IP address which is what I am after. To be exact, it doesn't return anything. The proxy blacklist blocks the address along with many more 'network diagnostic' IP addresses. But I was able to find out anyway by visiting my server and checking the logs. It's really so frustrating. Anything else I may be able to try? Would something like ntop do the trick or will it just pick up all the other hundreds of routers and switches in the corporate LAN? (I can't remember if Knoppix has ntop). Thanks for all the replies, please keep them coming. -- Regards, Mick -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
Hi,
netstat -rn
Your default gateway is likely to be the proxy.
Regards,
evader.
On Thu, 06 Apr 2006 15:11:01 +1000, darren kirby
<[EMAIL PROTECTED]> wrote:
quoth the Mick:
Hi All,
At work there's a rather restrictive gateway in place for connecting
LAN desktops to the Internet. How would you go about finding its IP
address?
Assume that I am booting with Knoppix for this purpose.
--
Regards,
Mick
Point a browser to http://checkip.dyndns.org/
or run:
lynx -dump http://checkip.dyndns.org/ | awk '/Current/ {print $4}'
-d
--
gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
quoth the Mick:
> Hi All,
>
> At work there's a rather restrictive gateway in place for connecting
> LAN desktops to the Internet. How would you go about finding its IP
> address?
>
> Assume that I am booting with Knoppix for this purpose.
> --
> Regards,
> Mick
Point a browser to http://checkip.dyndns.org/
or run:
lynx -dump http://checkip.dyndns.org/ | awk '/Current/ {print $4}'
-d
--
darren kirby :: Part of the problem since 1976 :: http://badcomputer.org
"...the number of UNIX installations has grown to 10, with more expected..."
- Dennis Ritchie and Ken Thompson, June 1972
pgpOuLM8bUKjx.pgp
Description: PGP signature
Re: [gentoo-user] Find IP of proxy
On Wed, April 5, 2006 6:10 pm, Mick wrote: > Hi All, > > > At work there's a rather restrictive gateway in place for connecting > LAN desktops to the Internet. How would you go about finding its IP > address? > > Assume that I am booting with Knoppix for this purpose. > -- > Regards, > Mick Is there another computer on the LAN already connected? If so, from a command prompt in XP: ipconfig /all >From Linux: route and look for the default route. Is the network setup for DHCP? If so, just let knoppix grab an IP via DHCP and then just run route and look for the entry marked default. If none of the above apply, then you can ask some one : ) Jim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- I'm a geek, but I don't get it. 36-24-36 = -24. What's the significance? =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Florida, USA, Earth, Solar System, Milky Way -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Find IP of proxy
Mick wrote: Hi All, At work there's a rather restrictive gateway in place for connecting LAN desktops to the Internet. How would you go about finding its IP address? Assume that I am booting with Knoppix for this purpose. -- Regards, Mick Assuming DHCP works and you can access the Internet, simply type "route" at a console and look for the Default Gateway. -- gentoo-user@gentoo.org mailing list
[gentoo-user] Find IP of proxy
Hi All, At work there's a rather restrictive gateway in place for connecting LAN desktops to the Internet. How would you go about finding its IP address? Assume that I am booting with Knoppix for this purpose. -- Regards, Mick -- gentoo-user@gentoo.org mailing list
