Getting around a firewall

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.

namit23

Member
Oct 5, 2000
29
0
0
I think his problem is because of the router and not the firewall. As the router does not give him a real ip for use on the net.
So dynip might work.
When you register for dynip you get a host name like namit.dynip.com which will direct all requests on that name to your computer. Just try running it. www.dynip.com
 

jdwright

Senior member
May 18, 2000
208
0
0
Well Ace, here is my experience with a firewall:

I taught a school that installed a firewall and private ip system (NAT) for the district. Needless to say, I had a tough time giving up several of the ports that I had become accustomed to using. Long story short, I begged the sys admin (who I knew relatively well and who was also addicted to several ports 8)) and he told me an ip that I could use that would BYPASS the firewall. This was a PUBLIC ip that was apparently left available for his use. I guess the bribery thing is my best advice...hehe.

I obviously have no way of knowing about your admin, but who knows...
 

Ace69

Senior member
Nov 26, 1999
877
0
0
I have gotten a set of old IPs that a guy that works down in the computer center had. These are the IPs that were on campus before the DHCP. I wonder if they still work and I can get around them.
 

Ace69

Senior member
Nov 26, 1999
877
0
0
OK, I have tried to use dynip and it seemed to be a pretty good idea. I think that it worked in the fact that it is broadcasting my name. BTW, it is ace.dynip.com. See if you guys can connect to it. I am simply running a FTP server on it right now to test to see if I can get any incoming TCP connections. Nothing yet though. I had some guy that I met try to get on it but he said that it would continue searcing and never find it. I tried it on my roomate's computer and it worked so I know that it is working but that damn firewall just will not let people through. Do you think I could use HTTPort that tunnels TCP traffic through port 80 and use dynip at the same time? That way, it would tunnel the traffic through and also be able to find my computer. Just an idea..
 

Fandu

Golden Member
Oct 9, 1999
1,341
0
0
Ace, when I try to connect to your ftp site, the ace.dynip.com is resolving to 10.1.100.254 which is your internal network IP, you need to give it the public IP of the firewall/router.

STATUS:> Connecting to ace.dynip.com
STATUS:> Connecting to ace.dynip.com (ip = 10.1.100.254)
 

Ace69

Senior member
Nov 26, 1999
877
0
0
OK, here is a dumb question. How do I find out the IP of my firewall router for sure? I have had a few guesses, such as I went to grc.com and they traced my IP back as some weird IP that my university doesn't even support. I will try a few things, but keep trying and see what it does.

Thanks for the help!
 

namit23

Member
Oct 5, 2000
29
0
0
Hi ace, I tried to conect to ftp://ace.dynip.com
and like it told me connecting and than I got an empty ftp root.
Have you put any files in the ftp server? and try running you http server as that will work better.
 

Ace69

Senior member
Nov 26, 1999
877
0
0
I didn't have it running there for a little bit. You can try again if you want. I have an IP in there that I 'think' is the IP of my firewall. Lemme knw what it does.

Thanks
 

pandaflux

Senior member
Mar 22, 2000
340
0
0
i looked up the ip addy for ace.dynip and i was presented with this "63.92.153.98". i then looked up the description of "63.92.153.98" and was presented with this "cable-i-98.sigecom.net"
If you reverse lookup the address "63.92.153.254" you will get the resolved address "sighp1.sigecom.net". sigecom.net is a internet provider for indiana. then i looked at your email address and found that you attend the university of southern indiana hence sigecom.net is your provider. it appears the whole subnet(?) "63.92.153.XXX" are servers running various OS, and/or? routers. however the ip lookup of http://www.usi.edu revealed its ip to be 192.206.10.36 which is a totally different network?.

so in conclusion "63.92.153.254" might be the ip of your router.?

sorry if i just went off on a wild tangent im just a young one and dont really know what im doing and have no training in networking. hope i have been some help.

 

namit23

Member
Oct 5, 2000
29
0
0
I guess this guy is absolutely right.
Now the only was is to telnet to the router whose ip is 63.92.153.254 and login as admin with the username and password (u will have to get it)
then redirect port 80 of the router to your PC's IP. And like my search shows that your network has one IP and 4 subnets with i guess 4 routers and you are part of one of the subnets. So you totally cross two routers to get to that one ip your unoversity has. usi.edu has its own ip which is not directly connected to your university network.
 

pandaflux

Senior member
Mar 22, 2000
340
0
0
im not sure on this though but i think 63.92.153.254 belongs to sigecom.net and the router controling your traffic is 63.92.153.98


when i tried to telnet to 63.92.153.254 i was presented with this:

HP-UX sighp1 B.10.20 A 9000/810 (ttyp4)

login:

So this is a HP-UX (Hewlett Packard-UNIX????) box owned by sigecom.net.

a telnet to 63.92.153.98 simply locked up my telnet program
 

Ace69

Senior member
Nov 26, 1999
877
0
0
OK, just to give you a little updated info. I work at Sigecom and we supply 4 T1s to USI. However, I do not think that we control any of the firewaal/routers. That is all done by USI. I know this because I used to work at USI in the computer center and the netowrk admin said that we control all the services. Sigecom just supplys the connection. I have changed that IP because someone told me to change it from my internal IP to the firewall IP and the only IP that I kow of to be my firewall IP is that one. The reason I say this is because whenever someone else from the "outside". They always trace my IP as that Sigecom IP. I have no idea why it traces it back as that IP because we are all on the 192.x.x.x network. I have told some of the guys that I work with and they have no idea on why the outside traces my IP to the Sigecom IP.


Weird, ain't it? ;)
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Ace, what I think everyone is missing here is the fact that you will probably NEVER be able to run a public server on an internal network unless you follow some very specific firewall setups. I'm assuming of course that the firewall admin set up proper rules.

1) You have no public address on which to run this server. If you wanted to host an application (web server, game server) on the internal network 10.x.x.x then an EXTERNAL STATIC NAT would need to be configured on the firewall. This is were a one-to-one relationship between a publically routable address maps to an internal host (ex, 63.92.153.X -> 10.0.0.254). That would handle the addressing problem you have. Next step...

2) By default a firewall does not allow inbound connection attempts to internal networks.

3) The game port is probably not allowed inbound on the firewall.

4) Any attempts to bypass security could get you into A LOT OF TROUBLE.

I'm not being facious but you really are wasting your time unless you can get the EXTERNAL STATIC NAT and inbound ports open. The class A 10.0.0.0 belongs to the RFC1918 private address space and is dropped by most internet routers or routed to NUL.

Nothing is stopping you from running a game server on the internal lan though.

Spidey
CCSE - checkpoint certified security engineer (only for some backing for my answer, I hate chumps who throw certifications around)