Thanks all for your help - I'd never even heard of red pill before - although it really is just a couple of (four) lines of code

But, let me approach this from another angle. Let's say you're hired by a small company, and you're taking a black box approach; you will eventually find out that all the network is is a router and several computers behind it, which are all workgrouped together. The router has a DMZ on port 80 to one of the computers (which is a webserver). In this hypothetical situation, what tools do you think you would have used to draw up this conclusion, and then to find holes in the network?

Thanks for all your contributions so far - especially TH13.

-jk