#1
  1. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95

    possible ways to discover your NAT'ed ip address


    this was brought up in a different thread, and im determined to figure out if this is possible.

    the problem: we are on a computer that is behind a router doing NAT for it. we want to obtain the router's external ip address w/o any outside help.(i.e. scripts on a server).

    -my thoughts were:
    a) is there a way to query a router for an interface list?
    b) send out a packet with a ttl of 2 so that the next hop after the router responds with a icmp exceeded. this packet should contain the ip header of the original datagram which would contain the address of our router. but actually this 'original' datagram is the one that came from our computer and has our ip address not the router.
    c) to use the IP RecordRoute option. unfortunately i cant even find a router that supports this so that's a nogo.

    so can one query a router for an interface list? or
    can someone else think of another possible solution? its just driving me nuts trying to figure out some way of accomplishing this, no matter how ugly it is :D
  2. #2
  3. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    sorry for the bump mods but i dont think anyone will notice this. threads move fast in here ;)
  4. #3
  5. Contributing User
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jan 2003
    Location
    USA
    Posts
    7,228
    Rep Power
    2222

    Re: possible ways to discover your NAT'ed ip address


    Originally posted by infamous41md
    so can one query a router for an interface list? or
    can someone else think of another possible solution? its just driving me nuts trying to figure out some way of accomplishing this, no matter how ugly it is :D
    In our TCP/IP class, we played around with some lower-end Cisco routers setting up subnets and NT servers for DHCP and DNS. In that case, we had to connect a serial cable from a PC to the router, log into the router as an authorized user (very standard and simple user-name/password setup), and enter commands through the command line. The commands allowed us to set the IP addresses of the two ethernet ports, set up and view routing tables, enable broadcasts through specific ports (in our exercise, allowing DHCP clients on one subnet to broadcast their requests to a DHCP server on another subnet), etc. However, we didn't do any practical exercises with NAT.

    Most routers should offer a similar interface, albeit GUI, through HTTP. Point your web browser at your router's internal IP address (ie, the LAN side, as opposed to the WAN side that we want to discover) and a web page should come up. Somewhere and somehow, it should display the WAN and LAN IP addresses and other settings. You may need to log in as its administrator first.

    BTW, one of the first things you should have done with your router was to change that password and username. The default username and password it was shipped with is very well known and could leave your router open to attack. I remember one caller on TechTV's ScreenSavers whose router IP address was repeatedly getting changed out from under him. It turned out that he had not changed his password.

    BTW, I cannot play with a router at home because I don't have one. AOL has whacked out their DSL service so that only a specially programmed router will work with it. However, the special programming also broke the ability to configure it, so I returned it immediately. Turns out that since the modem also acts as a DHCP server, all I need is a hub to put multiple hosts online.
    Last edited by dwise1_aol; August 25th, 2003 at 10:42 AM.
  6. #4
  7. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    yea its too funny; all netgear routers ship with default username/pw: admin:password , and all linksys are just :admin . and really, i swear i only know that b/c i have them:D i actually knew about the router config screen GUI. i want to be able to do this thru a C program though. now logic would say that if you can do it via a webrowser, then it should be possible via telnet, but automating that process doesnt seem very easy.
  8. #5
  9. Contributing User
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jan 2003
    Location
    USA
    Posts
    7,228
    Rep Power
    2222
    Actually, I have a small database file of default passwords on my Palm Pilot. Just in case I need to help someone.

    In general, it would seem that if you can get the router information from its web page, then telnet should work too. But how much HTTP would you have to slog through? Plus, since the page formats would be different for different routers, it would be difficult to come up with a general solution.

    My UNIX instructor did show us a shell script for pulling a specific string off of a specific page (eg, the stock quote for IBM from Yahool), but I can't claim to understand all of it. Also, O'Reilly used to publish "Web Client Programming with Perl", which makes use of the LWP perl module for HTTP. Even though it's out of print now, I believe they have it online. Plus, O'Reilly now has another book on the subject, "Perl & LWP".

    It ain't C/C++, but it should at least offer some ideas. Unfortunately, a lot of those ideas involve regular expressions.
  10. #6
  11. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    i actually think regular expressions are very cool and interesting. i wrote a couple of perl scripts that 'screen scrape' as Ctb from the perl forum called it, here's a sample of a stock quote one:
    Code:
    sub quote       ##get a quote
    {
            my $quote = shift();    ##example URL query: http://finance.yahoo.com/q?s=chtr&d=v1
            my $url = "http://finance.yahoo.com/q?s=" . $quote . "&d=v1";
            my $agent = new LWP::UserAgent();
            my $request = new HTTP::Request( 'GET' => $url);
            my $response = $agent->request($request);
            die("Request error") unless( $response->is_success());
            my $string = $response->content();
    
            $_ = $string;
            die("Symbol not found") if(m/No\ssuch\sticker\ssymbol\./);      ##make sure symbol is valid
            #match: the last price, $ movement,       %movement
            m/<b>(\d+\.\d+)<\/b>.*?((\+|-)\d+\.\d+).*?((\+|-)\d+\.\d+%)/;
            $stock{'name'} = $quote;        $stock{'last'} = $1;    $stock{'move'} = $2;    $stock{'perc'} = $4;
            print "$quote last trade was $1.  It has moved $2, which is $4\n" if(shift() eq "qq");
    }
    my next thought was to mess around with some nameserver options. i'll have to reread the DNS chapter in tcp/ip and mess around with dig/nslookup a bit. i m convinced there is a way to do this.
  12. #7
  13. Contributing User
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jan 2003
    Location
    USA
    Posts
    7,228
    Rep Power
    2222
    Oh, I like regular expression too. I think there was a running joke about me at work, that for every problem I was ready to write a perl script to solve it.

    It's just that if we're looking for a C solution, there's no built-in support. We'd have to turn to an add-on library, which I haven't played with yet.
  14. #8
  15. not a fan of fascism (n00b)
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Feb 2003
    Location
    ct
    Posts
    2,756
    Rep Power
    95
    yes i was actually about to bring that up, the pcre library. i have it installed but have yet to try it as well. i think im going to give it a try now i'll let you know how it turns out.

IMN logo majestic logo threadwatch logo seochat tools logo