Previous Table of Contents Next Hour 20 Network Troubleshooters Just Wanna Have Fun Curse you! You know our goal is to give you the opposite of what you want! Since you want nothing we must give you everything! -Mordac, "The Preventer of Information Services" Scott Adams' Dilbert, September 17, 1998 Let's say you've been tasked by your boss to get good at network troubleshooting. So far, she's been wonderful and has bought you this book, sent you to a class or two, and things are just great. Only problem is that nothing's broken in almost forever. It's as if the network gremlins know that you're prepared for them and are waiting until your guard is down-they're waiting until you forget the stuff you've learned before they pounce. Well, you can foil their crafty little plans by plying your troubleshooting trade to help the masses have a little bit of fun. This hour deals with stuff you'll need to know in order to play various games and use non-work-related toys through your firewall or proxy server. And why not? You've worked hard, you deserve it. For those of you who've paged directly to this hour-don't! This hour assumes that you've already engaged in the sweat involved in the past 19 hours and that you have a basic grasp of TCP/IP troubleshooting, particularly the concepts involved in Hour 18, "In-depth Application Troubleshooting," and Hour 19, "'Lots of Different People in Your Neighborhood': Internet/Intranet Troubleshooting." Seriously, learning how to use games (during your own time, of course) and toys on the Internet is a great incentive to practice your Internet and client/server troubleshooting. It teaches you how to perform these types of troubleshooting techniques on a noncritical basis-in other words, you're unlikely to get stressed out helping somebody do something that's strictly optional. What's more, you're then more of an expert at this type of troubleshooting technique when real trouble arises. Let's face it, network troubleshooters and IT (Information Technology) people, in general, have a bum rap for being sociopaths. Helping people do fun things has the following benefits: o It's enjoyable. o It's a good learning experience. o It's helpful in establishing a rapport with users. o It's a way to avoid a Dilbert-like work environment. As you'll see, configuring toys for use on your network combines a knowledge of your network, the ability to dig into the network sockets in use on your PC, and the ability to use dialog boxes. With that said, let's dive straight into some common applications that people tend to need help setting up on your network. Again, if you're caught, or killed, the secretary will deny all knowledge of your actions. Finding Your Firewall First, you have to figure out whether you're using a proxy server or a packet-filtering firewall. Assuming that you have a working browser, it's no problem. Fire up your browser and load a fairly complex page off of the Internet (one that takes more than a second or two to load). Then get into a DOS prompt and type the following: netstat -a > before.txt Then type this: netstat -a > after.txt However, do not hit Enter yet. Switch to the browser and refresh the page. Then quickly switch back to the DOS prompt and hit Enter. After you do this, you'll have two files: before.txt and after.txt. The difference between these files will show what additional sockets have been opened when you refresh the browser screen-this will show you whether you're using a proxy server or a packet-filtering firewall. Let's say that you do this for a Web page at www.quizro.com: C:\windows> fc before.txt after.txt Comparing files before.txt and after.txt ****** before.txt TCP duke:1071 frotz.frob.com:23 ESTABLISHED ****** after.txt TCP duke:1572 socks.frob.com:1080 ESTABLISHED TCP duke:1071 frotz.frob.com:23 ESTABLISHED Here's the rule of thumb: If you see a hostname that's different than the hostname you were going to on the Net, you're using a proxy server. (In the preceding example, you don't see a socket established to socket 80 of www.quizro.com. Instead, you see a socket to socks.frob.com; therefore, you're using a proxy server.) The hostname you see is the name of the proxy server; the socket number is the proxy socket number. You can use this knowledge to configure your toys later. If you see a connection directly to the outside Web site, you likely have a packet-filtering firewall. A packet-filtering firewall acts similarly to a router; it will automatically route your request for a connection to the outside, so you don't need to know the name or location. Easy! However, you do need to know the name of a proxy server in order to configure your browser or any toys. Common names for proxy servers are "proxy," "socks," "http," and "firewall," among others. You can, of course, perform an nslookup to scan through your DNS names to see probable names for proxy servers: $ nslookup Default server: 192.168.1.6 > ls -d mycompany.com [ns.mycompany.com] mycompany.com. SOA ns.mycompany.com postmaster.mycompany.com. (1017 10800 3600 604800 86400) mycompany.com. NS ns.mycompany.com ns A 192.168.1.6 ns A 192.168.3.6 ntserver A 192.168.1.10 mailserver CNAME ntserver.mycompany.com cotton A 192.168.3.7 socks CNAME cotton.mycompany.com In this output, you can see that "cotton" is the real name of the "socks" server, which is at 192.168.3.7. However, it's probably less effort to pick up the telephone, call corporate IT, and ask. If you're responsible for all the networking at your shop, and you've been handed an undocumented network, see Hour 24, "Reverse-Engineering Somebody Else's Network," for more tips on how to explore services on your network. Previous Table of Contents Next