Hello,
everyone ...... i am looking for a script which might be useful & helpful to others too.... actually i need that script to be run under our Internet Cable Network where many peoples are running firewall & we can't see/ping them via any IP Scanner tool.
Is that could be possible that if a client sends any requests to it's gateway so the gateway machine (Linux) pings that client from where the request came & if Linux (gateway machine) gets the proper replies so it redirect it's requests further otherwise that client get any error page or simply it's internet won't work at all.
can this could be done via iptables/squid/or any other tool or anybody who knows any Network IP Scanner which also scans the clients who'r running firewall so please inform me ....... Thanks
Regards,
zAm (Lyarianz Internet Cable Network)
Looking For A Script
Looking For A Script
Proud To Be Lyarianz !
why do u want this it mean that u want your users wide open to internet security issues while if thay do not use windows builtin firewall its better that thay are using firewall so why u want taht to block such user surf internet ?
secondly are u giveing any gatway side protaction ? ios yes then u can use that method
any how
its a bad idea to prevent those who is secure!
your basic problem is that u want to see are users who is using or surfing internet ? its very simple like 2+2=4
use
i.e arp -n
it will list all ipaddess and hardware address of clients
secondly are u giveing any gatway side protaction ? ios yes then u can use that method
any how
its a bad idea to prevent those who is secure!
your basic problem is that u want to see are users who is using or surfing internet ? its very simple like 2+2=4
use
i.e arp -n
it will list all ipaddess and hardware address of clients
yes , it's a gateway end problem
Hello,
Thanks kbukhari for your reply , yes we'r giving our clients a gateway end security ... & i know that way 'arp -n' through Linux distros , but i wanted to ping them from a Windows client....anyway out to ping them using any special LAN IP Scanner or avoid them to use any firewall under their machines , it could be done with Linux like Linux ping the user first when a request comes from their end & then if it get replies so it'll redirect the requests. Thanks
Regards,
zAm (Lyarianz Internet Cable Network)
Thanks kbukhari for your reply , yes we'r giving our clients a gateway end security ... & i know that way 'arp -n' through Linux distros , but i wanted to ping them from a Windows client....anyway out to ping them using any special LAN IP Scanner or avoid them to use any firewall under their machines , it could be done with Linux like Linux ping the user first when a request comes from their end & then if it get replies so it'll redirect the requests. Thanks
Regards,
zAm (Lyarianz Internet Cable Network)
Proud To Be Lyarianz !
-
- Lieutenant Colonel
- Posts: 660
- Joined: Sat Jul 06, 2002 12:35 pm
- Location: Islamabad
- Contact:
Ping i.e. icmp ping is never a security issue. Opening it is a part of standard network practices.kbukhari wrote:why do u want this it mean that u want your users wide open to internet security issues while if thay do not use windows builtin firewall its better that thay are using firewall so why u want taht to block such user surf internet ?
Regards
~Zaeem
how could ping a hole regarding secuirty purpose ?
Hello,
yes zaeemarshad is right , ping is not a secuity issue or a hole for security purpose , infact it helps out Network Administrators to test the connectivity & many other things ... like we've around 250+ clients in our network , & if everbody starting using firewalls with icmp ping blocks so how would we scan them & trace-out the problems .. actually we trace out our problems with IP Scanners ... we've sorted out our clients with each switcher/hub based Workgroup names , & if somebody complaint us that his/her internet is not working so we trace-out with IP-Scanners that whethere the other clients & forward uplinks are online or not ... & this could help us know that whether the problem is from the client end or from our switcher/hub end. you'r wellcome kbukhari to visit our network any idea about any LAN Scanner which pings the firewall clients or any kinda script like of which i stated in my first post of this thread. Thanks
Regards,
zAm (Lyarianz Internet Cable Network)
yes zaeemarshad is right , ping is not a secuity issue or a hole for security purpose , infact it helps out Network Administrators to test the connectivity & many other things ... like we've around 250+ clients in our network , & if everbody starting using firewalls with icmp ping blocks so how would we scan them & trace-out the problems .. actually we trace out our problems with IP Scanners ... we've sorted out our clients with each switcher/hub based Workgroup names , & if somebody complaint us that his/her internet is not working so we trace-out with IP-Scanners that whethere the other clients & forward uplinks are online or not ... & this could help us know that whether the problem is from the client end or from our switcher/hub end. you'r wellcome kbukhari to visit our network any idea about any LAN Scanner which pings the firewall clients or any kinda script like of which i stated in my first post of this thread. Thanks
Regards,
zAm (Lyarianz Internet Cable Network)
Proud To Be Lyarianz !
Re: Looking For A Script
the gateway machine doesn't need to ping to get their ip address. if the client machine is on the same network ("lan"), and it sends traffic to the gateway, or through the gateway, the linux machine will get its mac address and ip. run arpwatch to log these addresses.zAm wrote:Is that could be possible that if a client sends any requests to it's gateway so the gateway machine (Linux) pings that client from where the request came & if Linux (gateway machine) gets the proper replies so it redirect it's requests further otherwise that client get any error page or simply it's internet won't work at all.
you can write a script that watches arpwatch's logs, and adds/removes acl rules from a file that squid, or some other web proxy, reads. that proxy can redirect the appropriate users to a web page.
download and examine how nocatauth works.
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
i don't know perl scripting
Hello,
lambda ......... hmm well might that 'nocatauth' meet my needs... but the problem is that that's written in perl script & i am null in it :p any other way out ? LinuxFreak , can you write a script for me hehe , Thanks anyway's.......
Regards,
zAm (Lyarianz Internet Cable Network)
lambda ......... hmm well might that 'nocatauth' meet my needs... but the problem is that that's written in perl script & i am null in it :p any other way out ? LinuxFreak , can you write a script for me hehe , Thanks anyway's.......
Regards,
zAm (Lyarianz Internet Cable Network)
Proud To Be Lyarianz !