Previous | Table of Contents | Next |
Curse you! You know our goal is to give you the opposite of what you want! Since you want nothing we must give you everything!Mordac, The Preventer of Information Services
Scott Adams Dilbert, September 17, 1998
Lets say youve been tasked by your boss to get good at network troubleshooting. So far, shes been wonderful and has bought you this book, sent you to a class or two, and things are just great. Only problem is that nothings broken in almost forever. Its as if the network gremlins know that youre prepared for them and are waiting until your guard is downtheyre waiting until you forget the stuff youve learned before they pounce.
Well, you can foil their crafty little plans by plying your troubleshooting trade to help the masses have a little bit of fun. This hour deals with stuff youll need to know in order to play various games and use nonwork-related toys through your firewall or proxy server. And why not? Youve worked hard, you deserve it.
For those of you whove paged directly to this hourdont! This hour assumes that youve already engaged in the sweat involved in the past 19 hours and that you have a basic grasp of TCP/IP troubleshooting, particularly the concepts involved in Hour 18, In-depth Application Troubleshooting, and Hour 19, Lots of Different People in Your Neighborhood: Internet/Intranet Troubleshooting.
Seriously, learning how to use games (during your own time, of course) and toys on the Internet is a great incentive to practice your Internet and client/server troubleshooting. It teaches you how to perform these types of troubleshooting techniques on a noncritical basisin other words, youre unlikely to get stressed out helping somebody do something thats strictly optional. Whats more, youre then more of an expert at this type of troubleshooting technique when real trouble arises. Lets face it, network troubleshooters and IT (Information Technology) people, in general, have a bum rap for being sociopaths. Helping people do fun things has the following benefits:
As youll see, configuring toys for use on your network combines a knowledge of your network, the ability to dig into the network sockets in use on your PC, and the ability to use dialog boxes. With that said, lets dive straight into some common applications that people tend to need help setting up on your network. Again, if youre caught, or killed, the secretary will deny all knowledge of your actions.
First, you have to figure out whether youre using a proxy server or a packet-filtering firewall. Assuming that you have a working browser, its no problem. Fire up your browser and load a fairly complex page off of the Internet (one that takes more than a second or two to load). Then get into a DOS prompt and type the following:
netstat -a > before.txt
Then type this:
netstat -a > after.txt
However, do not hit Enter yet. Switch to the browser and refresh the page. Then quickly switch back to the DOS prompt and hit Enter. After you do this, youll have two files: before.txt and after.txt. The difference between these files will show what additional sockets have been opened when you refresh the browser screenthis will show you whether youre using a proxy server or a packet-filtering firewall. Lets say that you do this for a Web page at www.quizro.com:
C:\windows> fc before.txt after.txt Comparing files before.txt and after.txt ****** before.txt TCP duke:1071 frotz.frob.com:23 ESTABLISHED ****** after.txt TCP duke:1572 socks.frob.com:1080 ESTABLISHED TCP duke:1071 frotz.frob.com:23 ESTABLISHED
Heres the rule of thumb: If you see a hostname thats different than the hostname you were going to on the Net, youre using a proxy server. (In the preceding example, you dont see a socket established to socket 80 of www.quizro.com. Instead, you see a socket to socks.frob.com; therefore, youre using a proxy server.) The hostname you see is the name of the proxy server; the socket number is the proxy socket number. You can use this knowledge to configure your toys later.
If you see a connection directly to the outside Web site, you likely have a packet-filtering firewall. A packet-filtering firewall acts similarly to a router; it will automatically route your request for a connection to the outside, so you dont need to know the name or location. Easy!
However, you do need to know the name of a proxy server in order to configure your browser or any toys. Common names for proxy servers are proxy, socks, http, and firewall, among others. You can, of course, perform an nslookup to scan through your DNS names to see probable names for proxy servers:
$ nslookup Default server: 192.168.1.6 > ls -d mycompany.com [ns.mycompany.com] mycompany.com. SOA ns.mycompany.com postmaster.mycompany.com. (1017 10800 3600 604800 86400) mycompany.com. NS ns.mycompany.com ns A 192.168.1.6 ns A 192.168.3.6 ntserver A 192.168.1.10 mailserver CNAME ntserver.mycompany.com cotton A 192.168.3.7 socks CNAME cotton.mycompany.com
In this output, you can see that cotton is the real name of the socks server, which is at 192.168.3.7. However, its probably less effort to pick up the telephone, call corporate IT, and ask.
If youre responsible for all the networking at your shop, and youve been handed an undocumented network, see Hour 24, Reverse-Engineering Somebody Elses Network, for more tips on how to explore services on your network.
Previous | Table of Contents | Next |