From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.54) id 1FRcJk-0008Eo-3L for garchives@archives.gentoo.org; Thu, 06 Apr 2006 21:47:04 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.6/8.13.5) with SMTP id k36Ljx8E002729; Thu, 6 Apr 2006 21:45:59 GMT Received: from flower.jolet.net (cpe-24-27-31-221.austin.res.rr.com [24.27.31.221]) by robin.gentoo.org (8.13.6/8.13.5) with ESMTP id k36LfUjq012705 for ; Thu, 6 Apr 2006 21:41:31 GMT Received: from localhost (localhost.localdomain [127.0.0.1]) by flower.jolet.net (Postfix) with ESMTP id 236ED18039 for ; Thu, 6 Apr 2006 16:41:30 -0500 (CDT) Received: from flower.jolet.net ([127.0.0.1]) by localhost (flower.jolet.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 06338-05 for ; Thu, 6 Apr 2006 16:41:24 -0500 (CDT) Received: from [192.168.1.51] (unknown [192.168.1.1]) by flower.jolet.net (Postfix) with ESMTP id 7B8D218037 for ; Thu, 6 Apr 2006 16:41:24 -0500 (CDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 (Apple Message framework v746.3) In-Reply-To: <358eca8f0604061436u1746d046kc94acc1d4351215c@mail.gmail.com> References: <358eca8f0604051510n3eb91622i3c968ecfa05f361f@mail.gmail.com> <200604052211.06903.bulliver@badcomputer.org> <358eca8f0604061436u1746d046kc94acc1d4351215c@mail.gmail.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <09F518C8-49FE-4164-B3DF-CDCD2F1D9EEE@jolet.net> Content-Transfer-Encoding: 7bit From: John Jolet Subject: Re: [gentoo-user] Find IP of proxy Date: Thu, 6 Apr 2006 16:41:25 -0500 To: gentoo-user@lists.gentoo.org X-Mailer: Apple Mail (2.746.3) X-Virus-Scanned: amavisd-new at jolet.net X-Archives-Salt: 01d18365-6702-41d8-b53b-7fdb6774eb06 X-Archives-Hash: 0c0b42f296ef36609ecd81a7fa2e54d6 On Apr 6, 2006, at 4:36 PM, Mick wrote: > On 06/04/06, evader wrote: >> Hi, >> >> netstat -rn >> >> Your default gateway is likely to be the proxy. > > Sorry guys, I should have explained better: > > These WinXP desktops have been locked down beyond belief! Most > commands have been removed from \\WINDOWS\sys32. What's left is > totally restricted for plain users (which is what I am on this > network). Running ipconfig /all, or netstat requires a command prompt > which is not available on these machines (I know that because I used > BartsPE and Knoppix to 'look around'). They are just locked down thin > clients with M$Office on them. > > Running any network commands on Linux does not show the proxy address > - I wouldn't expect it to since I don't know what it is to export it > in the system env. The default gateway which is shown is not the > Internet proxy (already checked that). I assume that the default > gateway is the router for all the desktops on that floor. The > printers are on a different router. > > Pointing a browser to checkip returns the external (as in Internet) IP > address, not the internal (as in LAN) IP address which is what I am > after. To be exact, it doesn't return anything. The proxy blacklist > blocks the address along with many more 'network diagnostic' IP > addresses. But I was able to find out anyway by visiting my server > and checking the logs. > > It's really so frustrating. Anything else I may be able to try? > Would something like ntop do the trick or will it just pick up all the > other hundreds of routers and switches in the corporate LAN? (I can't > remember if Knoppix has ntop). they locked the desktops down, but still let you boot from a cd? how moronic. you're probably dealing with a transparent proxy. the default router you see probably has a rule that says "all traffic for port 80 or 443 from this subnet, redirect over here". your box would never see that router, because by definitions, routes are one-hop only. a traceroute might find it, but unless they gave it an ip that resolves locally to "transparent proxy" or something, how would you know? that's kinda the whole point of transparent proxies. -- gentoo-user@gentoo.org mailing list