discovering a service behind a nated network
From: Hayden Searle (hayden.searle_at_safecom.co.nz)
Date: 09/10/04
- Previous message: Hayden Searle: "discovering a service behind a nated network"
- Next in thread: Jason Workman: "RE: discovering a service behind a nated network"
- Maybe reply: Jason Workman: "RE: discovering a service behind a nated network"
- Maybe reply: Mike: "RE: discovering a service behind a nated network"
- Maybe reply: CHRIS GRABENSTEIN: "RE: discovering a service behind a nated network"
- Reply: Tim Hanekamp: "Re: discovering a service behind a nated network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Sep 2004 23:23:54 +1200 To: <security-basics@securityfocus.com>
I agree with Jason that Nagios is a good way to monitor the web servers,
or you could talk them into some BigIP F5's which load balance, monitor
and report on services.
As for the port forwarding, well it depends on what the gateway device
is. If it's a firewall then I would get the dept that look after it to
SSH onto the firewall and try to access the server from there, if that
works then it could be the translation on the gateway device not working
properly. Most devices should be able to tell you if the translation is
working through the logs, but in the end it really comes down to what
the device is and what logging is setup for the connections. They need
to give some more info before you could answer that. The simple way out
would be "Call the other department and have them check the gateway
device"
Regards
Hayden Searle
Network Security Specialist
-----Original Message-----
From: linux user [mailto:linuxteam@gmail.com]
Sent: Sunday, 5 September 2004 12:55 a.m.
To: security-basics@securityfocus.com
Subject: discovering a service behind a nated network
Hiya All,
I would like to discover if a service that is behind a NATed network
is still working, for
example if a web server is in a private network, Nated behind a
gateway, how could i from an external network check if the server is
down/ or there are network problems between the server and the
gateway? is there a way to use a tool such as traceroute for
NATed/Firewalled network from an external link?
The reason i am asking this is because i have been asked that
question on a job interview, and i did not know what the correct
answer was, it was related to a web cluster farm then.
another reason is howto troubleshoot a service that has been port
forwarded from
the gateway, the port forwarding works for other services, but this
specific service is not reachable, and you can not tell whether the
NATed box
was down, or the route was down, or what, you could debate that you
can use ssh to
the gateway server, but then that is run by a different dept. and you
have no access to that.
sorry if my English langauge is a bit rusty
TIA
Anst
------------------------------------------------------------------------
--- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ------------------------------------------------------------------------ ---- ##################################################################################### Important: This electronic message and attachments (if any) are confidential and may be legally privileged. If you are not the intended recipient do not copy, disclose or use the contents in any way. Please let us know by return e-mail immediately and then destroy this message. ##################################################################################### --------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
- Previous message: Hayden Searle: "discovering a service behind a nated network"
- Next in thread: Jason Workman: "RE: discovering a service behind a nated network"
- Maybe reply: Jason Workman: "RE: discovering a service behind a nated network"
- Maybe reply: Mike: "RE: discovering a service behind a nated network"
- Maybe reply: CHRIS GRABENSTEIN: "RE: discovering a service behind a nated network"
- Reply: Tim Hanekamp: "Re: discovering a service behind a nated network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
