January 22nd, 2004, 02:07 AM
How Do I????
Hey All Antionline members I have a question?where can i find out what kind of firewall my school server is running?I am trying to get my school system to change the server becuz i find exploits in it. Iasked my computer teacher,she doesnt know[blur]and she calls herself a computer teacher[/blur]So if you can tell me ways that I can find the firewall name,I'd be very grateful.
January 22nd, 2004, 02:17 AM
Easiest way is to ask the Administrator or support guy. I am not surprised the teacher doesn't know....she doesn't need to?
I am guessing that you won't have the authority to find out any other way.
January 22nd, 2004, 02:44 AM
Use nmap and scan your schools website ip address. Or you could access the router by tracing some website and use the 10.x.x.x you see as the 2nd hop. My school has many flaws in its network, they leave the telnet port open and the username and password are admin admin duh. Or you could ask your campus administrator in which he will probably tell you. I dont see why you would want to tell them I think its funny how that flaw i mentioned i found when i was in 8th grade and 2 years later its still there.
January 22nd, 2004, 08:22 AM
To mikem0327:Can you find the firewall 's name by nmapping? How can you do that ( imean what option do you use?)?
To MasterOfAll: What will you expect to do if you find the firewall name and version? I mean do you have sth in mind? But if you want to ensure that your school server is safe (and nobody else cares or helps you) you 'd better do it alone.....get admin and then pach it....but that should be illegal to my opinion....
Is that the place where I am supposed to say sth clever and brilliant so that everybody understands how clever nice guy I am????
Screw you guys I am going home!-Kartman
January 22nd, 2004, 09:26 AM
Firstly, don't scan the schools website ip address.
Originally posted here by mikem0327
Use nmap and scan your schools website ip address. Or you could access the router by tracing some website and use the 10.x.x.x you see as the 2nd hop.....
It might be constituted as breaking the law or against your ISPs acceptable use policy. It is also likely that your school doesn't host its own website, so scanning will revelal nothing about the firewall at school.
It is highly likely that by doing a traceroute from inside your school network that the firewall won't even show. Even if you knew what the IP address was you would have to install & use scanning software - Which would no doubt be easily detected and bring the wrath of the school down upon you.
You say that you know the firewall has vunerabilities, how do you know this?
Why don't you express your concerns by documenting them and passing them to your computer teacher, along with an explanation of how you found out about them.
Should get you a merit award.
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
January 22nd, 2004, 12:57 PM
Tyfon you can use the -O option in Nmap to try and attempt to ascertain the OS in use, you can also use a couple of the scan times to at least determine if its one of a couple of OS's.
I agree with steve.milner, don`t go scanning your firewall as you will most likely end up in trouble which you probably don`t want.
Don`t any of the vulnerabilities you are aware of hint at the OS?
Also, as your teacher is unaware of the firewall maybe you should chat to her and find out who manages the firewall and try and talk to them?
Quis custodiet ipsos custodes
January 22nd, 2004, 08:39 PM
Could u tell us of how u know that ur server has vulnerabilities.....
I am trying to get my school system to change the server becuz i find exploits in it
Suggest you speak to security co-ordinator for ur organization and share ur findings with him.... and see if he can help u with firewall version.....
****** Any man who knows all the answers most likely misunderstood the questions *****
January 22nd, 2004, 10:26 PM
Try post in a more coherent way, the use of shaded text is very hard to decipher.
January 22nd, 2004, 10:51 PM
First off, it's the guys first post. I don't know why someone got all neg happy on him. (well he was negative when I replied to this post) Secondly, the question may be a legit one even if it appears to seem a prerequisite to malicious intentions. I mean the guy may have easily found exploits just by simply Googling for known exploits on his network server's OS (he said the server has exploits, not the firewall).
one possibility is that he could just be looking for the name of the current firewall to help his school's faculty better protect the server (being that they won't get a new server?).
I don't assume anything though. I'm waiting for a more detailed reply from Master in order to figure out what his exact intentions are.
The object of war is not to die for your country but to make the other bastard die for his - George Patton
January 23rd, 2004, 12:23 AM
As been said before your best bet is to ask the admin, if you know who he/she is, what firewall they use. More than likely they will tell you, especially if they feel comfortable it is patched and configured properly. On the other hand, the admin may be hip to folks asking questions about outer perimeter devices and will shoot you the bird and tell you to go lick a firewall.
I am trying to get my school system to change the server becuz i find exploits in it.
Are you referring to changing the firewall or another server within the school's network? I'm a little unclear about that. Why would they replace or change the server when all they need to do is patch it to fix the exploitable areas?