Re: discovering a service behind a nated network
From: Tim Hanekamp (thanekamp_at_gmail.com)
Date: 09/18/04
- Previous message: Mark Teicher: "RE: Definitions"
- In reply to: Hayden Searle: "discovering a service behind a nated network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 17 Sep 2004 19:43:58 -0500 To: Hayden Searle <hayden.searle@safecom.co.nz>
To check if the service is up just attempt to telnet to the ip on
whatever port the service would be running on. Using netcat will give
you a better detailed report of what is happening during the telnet
session, but even using the normalt telnet function IF the service is
alive it will establish a connection and just sit and wait. Once you
get this connection, you now know that the problem is not whether the
service is running, but whether it is working properly.
Alternatively, you could use nmap or some other port scanning program
to scna the IP and determine what services are open on that box. Hope
that helps.
On Fri, 10 Sep 2004 23:23:54 +1200, Hayden Searle
<hayden.searle@safecom.co.nz> wrote:
>
> I agree with Jason that Nagios is a good way to monitor the web servers,
> or you could talk them into some BigIP F5's which load balance, monitor
> and report on services.
>
> As for the port forwarding, well it depends on what the gateway device
> is. If it's a firewall then I would get the dept that look after it to
> SSH onto the firewall and try to access the server from there, if that
> works then it could be the translation on the gateway device not working
> properly. Most devices should be able to tell you if the translation is
> working through the logs, but in the end it really comes down to what
> the device is and what logging is setup for the connections. They need
> to give some more info before you could answer that. The simple way out
> would be "Call the other department and have them check the gateway
> device"
>
> Regards
>
> Hayden Searle
> Network Security Specialist
>
> -----Original Message-----
> From: linux user [mailto:linuxteam@gmail.com]
> Sent: Sunday, 5 September 2004 12:55 a.m.
> To: security-basics@securityfocus.com
> Subject: discovering a service behind a nated network
>
> Hiya All,
>
> I would like to discover if a service that is behind a NATed network
> is still working, for
> example if a web server is in a private network, Nated behind a
> gateway, how could i from an external network check if the server is
> down/ or there are network problems between the server and the
> gateway? is there a way to use a tool such as traceroute for
> NATed/Firewalled network from an external link?
>
> The reason i am asking this is because i have been asked that
> question on a job interview, and i did not know what the correct
> answer was, it was related to a web cluster farm then.
>
> another reason is howto troubleshoot a service that has been port
> forwarded from
> the gateway, the port forwarding works for other services, but this
> specific service is not reachable, and you can not tell whether the
> NATed box
> was down, or the route was down, or what, you could debate that you
> can use ssh to
> the gateway server, but then that is run by a different dept. and you
> have no access to that.
>
> sorry if my English langauge is a bit rusty
>
> TIA
>
> Anst
>
> ------------------------------------------------------------------------
> ---
> Computer Forensics Training at the InfoSec Institute. All of our class
> sizes
> are guaranteed to be 12 students or less to facilitate one-on-one
> interaction with one of our expert instructors. Gain the in-demand
> skills of
> a certified computer examiner, learn to recover trace data left behind
> by
> fraud, theft, and cybercrime perpetrators. Discover the source of
> computer
> crime and abuse so that it never happens again.
>
> http://www.infosecinstitute.com/courses/computer_forensics_training.html
> ------------------------------------------------------------------------
> ----
>
> #####################################################################################
> Important: This electronic message and attachments (if any) are confidential
> and may be legally privileged. If you are not the intended recipient do not
> copy, disclose or use the contents in any way. Please let us know by return
> e-mail immediately and then destroy this message.
> #####################################################################################
>
> ---------------------------------------------------------------------------
> Computer Forensics Training at the InfoSec Institute. All of our class sizes
> are guaranteed to be 12 students or less to facilitate one-on-one
> interaction with one of our expert instructors. Gain the in-demand skills of
> a certified computer examiner, learn to recover trace data left behind by
> fraud, theft, and cybercrime perpetrators. Discover the source of computer
> crime and abuse so that it never happens again.
>
> http://www.infosecinstitute.com/courses/computer_forensics_training.html
> ----------------------------------------------------------------------------
>
>
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
- Previous message: Mark Teicher: "RE: Definitions"
- In reply to: Hayden Searle: "discovering a service behind a nated network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
