On Tue, 27 Jul 1999 [EMAIL PROTECTED] wrote:
> >> I wish to remotely access a web server on the the PC that sits on my
> >> desk. It is behind a NAT firewall, which in turn is intermittently
> >> connected to the Internet on a dynamic IP (dialup) address. I am the
> >> administrator of the firewall, and have directed incoming http
> >> requests to the PC.
> >>
> >> I have no convenient way of locating the PC from the Internet. I
> >> cannot use an IP posting type program, since the PC does not know the
> >> current external IP address of the firewall. I know that if it is
> >> connected, it will appear on one of four class C networks. I can
> >> locate it by scanning port 80, and then loading the addresses which
> >> respond in my browser. In the process, I'm sending attempted
> >> connections to many machines that aren't running web servers, as well
> >> as loading the home page of several machines that aren't mine. In
> >> practice, the about half of the latter are servers that have been
> >> configured to display a public page, and about half are unconfigured
> >> (Microsoft IIS demo pages are very common).
> >>
> >> In theory, I could be looking for unconfigured servers in an attempt
> >> to exploit weaknesses in the default configurations. In reality, I'm
> >> just hunting for my PC.
> >>
> >> Comments? Is this, or should this be, illegal? Is it rude?
>
> >If I'm correct and you are doing this from a homesite, to your employers
> >site, then most certainly it all depends upon protocol at your employer.
> >If you have permission from the boss, then at worst you might showup on
> >some higherend users IDS logging system and be questioned about the scans.
> >I would see no reason why they should not show any interest in these
> >connection attempts, nor perhaps even find them mildly rudely intrusive,
> >but it would ultimately rest with your employers policies and whether you
> >have permission to be making the connections you are attempting.
>
> I must not have been clear.
>
> Internet
> / \
> / \
> Me @ ISP
> Home POP
> / | \
> / | \
> ISP ISP Work NAT
> User User Firewall
> |
> |
> PC @
> Work
>
> I am at home, attempting to connect to my PC at work. I am the
> sysadmin at work and have permission from there. The other machines
> that I am scanning to find my work PC are other users on the same POP
> (which contains 4 class C networks). Most of these will be individual
> machines, but there is at least one other NAT Firewall/Router
> connected.
I am confused then. Why do you have to scan the other users at your ISP
to find then machine behind your firewall? Are you saying that the
firewalls address changes? Os is it just so misconfigured in such a
fashion as to open up a dynamic address on the ISP's subnets and leave a
gaping hole that you are searching for?
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
