Netstat and Routers Help
Results 1 to 10 of 10

Thread: Netstat and Routers Help

  1. #1
    Junior Member
    Join Date
    Jun 2003
    Posts
    2

    Netstat and Routers Help

    Okay im using netstat to make sure my system doesnt get anything sent into it. My cable modem is set up through a router so I was wondering if netstat gives me my IP Address through the router or if it bypasses that and goes right to the Cable box before the router gives my computer its IP Address? Cause my computer gives me one IP Address then netstat gives me a different one. Thanks your help is much appreciated.

  2. #2
    Senior Member
    Join Date
    May 2003
    Location
    Area-51
    Posts
    148
    If by netstat you mean netstat the command and not some program, then it gives you your Router's IP, which should be something like 192.168.1.100.
    It is impossible to make anything foolproof because fools are so ingenious. - Murphy
    CooLL.Net

  3. #3
    Junior Member ralyks's Avatar
    Join Date
    May 2003
    Location
    Wrner Robins, GA
    Posts
    7
    THE ip YOU ARE GETTING IS PROLLY SOMETHING LIKE 192.168.1.1

    THE IP YOUR ROUTER HAS HIS PROLLY SOMETHING NOT STARTING WITH 192

    IF SO THAT IS NORMAL
    Skylar Woodell
    *******************
    In 1983 David Lightman almost
    destroyed the world with a trs-80
    Imagine what he could do today...
    *******************
    www.lanextreme.com

  4. #4
    Junior Member
    Join Date
    Oct 2001
    Posts
    20
    OK so get this....
    (bear with me, im drunk)
    If you have your router hooked up properly, then your cable modem goes into your router, and you computer then goes into your router (or hub/switch, depending how nice your router is). Anyhow, the IP for your actual computer will be a private IP (a set of reserved IP Addresses used only on LANs, and never seen by the outside 'internet') It should read something like 192.168.x.x where 'x' is some number between 1 and 254 (usually) or it could be 10.x.x.x (i dont really remember the numbers for that range of private IP addresses). Ok, anyway, you have a private IP address on your computer, and then you router itself has 2 different addresses. One of them, called something like the LAN or internal IP Address, should look life your computer's private address. The other address should be called something like the WAN, public address, or External IP Address. The internal address of your router is just used to identify the address on your own LAN, and to provide a reference point for your own computer (used for gateways and DNS and DHCP and things like that, which are assigned by your router). The external IP address is the address of your router, and basicly YOU, on the internet. That address is assigned via your ISP (internet service provider) and is your link to the outside world. Ok, after all that ****...netstat will show you your own private IP address, and the private IP address of your router, but not the external IP address of your router. Netstat is generally used to see what ports (ports are access points into your computer i.e. to connect to a web page, you generally access port 80) are open on your computer. Netstat shows the active connections, and which port they are conneted to. With the '-a' option on netstat, it will show you ALL open ports on your computer...very usefull to see if theres a trojan virus running on your computer. If you want to see if something funny is running on your computer, compare what ports are open on your computer to a list of common ports and trojan ports. You can find these lists all over the internet, just open up google.com, and search for 'port list', you'll find what you need. Port 139 is very common, while port 12345 is the default port for one of the oldest trojans, Netbus. Watch out for your open port list changing unexpectedly. A better program to replace netstat can be found over at foundstone's website (foundstone.com or .org or somethin), but i dont remember the actual name of it. Anyhow, not only will this program show open ports and connections, but it will also show you the application that opened the port in the first place. Well, anyhow, sorry about bein drunk, but i hope this helps :-)

  5. #5
    Kwiep
    Join Date
    Aug 2001
    Posts
    924
    er... why is this thread very negative ? he didn't ask something completely out of hand or lame or anything
    Double Dutch

  6. #6
    Junior Member
    Join Date
    Oct 2001
    Posts
    20
    Im as confused as neel...not to be a dick, but what the hell kinda site is this if newbies asking very valid questions are givin 'negative' points. I agree with flamin people askin 'how do i hack hotmail', but ****, netstat is a very basic, and essential, tool to anyone intrested in 'security'. Anyhow, this was just a spoof sayin, "Dont be a dick to people who are tryin to learn". Bye bye.

  7. #7
    Senior Member
    Join Date
    Jan 2002
    Posts
    244
    Agree with you neel.


    This is my profile intro,hope this gives you a bit of an answer?



    NAT Firewall Protection

    The firewall protection provided by the Broadband Router is an intrinsic side effect of NAT (Network Address Translation). All users on the LAN share a single external IP address. From the external viewpoint, there is no network, only a single device.
    For internal users, the Broadband Router acts as a "transparent proxy server", translating the multiple internal IP addresses into a single external IP address.
    For external requests, any attempt to connect to local resources are blocked. The Broadband Router will not "reverse translate" from a global IP address to a local IP address.
    This type of "natural" firewall provides an impregnable barrier against malicious attacks

    You still need a software firewall against form html code and trojans(the verry new ones who slip through the anti virus)since they aren t stopped by NAT!
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

  8. #8
    Senior Member
    Join Date
    May 2003
    Posts
    115
    djbeeker - to answer your question. let say you're using generic soho router, and you connected your wan port "from" the cable modem, then you would be receiving your ip lease from your router.

    well, try running netstat with "-l (this is small L)" switch. this way you could see what port/proc it's listening to. another nice tool you could use is something like fport from www.foundstone.com.

    if you run ipconfig /all, you could get a better idea of what your ip lease is and if it's familiar with your isp's ip block. if you're running a router, mostly likely you'll see a default gw address (you could do this by running netstat -r).

    command line is fun either in nix or ms

    -w0rm3y

  9. #9
    Junior Member ralyks's Avatar
    Join Date
    May 2003
    Location
    Wrner Robins, GA
    Posts
    7
    I am new to this forum where do you guys see negative?
    Skylar Woodell
    *******************
    In 1983 David Lightman almost
    destroyed the world with a trs-80
    Imagine what he could do today...
    *******************
    www.lanextreme.com

  10. #10
    Senior Member
    Join Date
    May 2003
    Location
    Area-51
    Posts
    148
    Its not negative anymore, but you can keep track of your points on the left side of the screen, the third option down "Antipoint Center"
    It is impossible to make anything foolproof because fools are so ingenious. - Murphy
    CooLL.Net

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides