i installed proxy server in our school, and i was so shocked this workgroup that suddenly joined our network. I think that there are four groups that joined the network including our sister company also joined. But they are not connected physically to this network this thing gives us headache of, where the problem start. I tried to install mcafee firewall but the same problem occurs.

What do you think guys, is there a problem with the isp?
This case i've already reported to our isp, they told me to scan their ip addresses. I downloaded ip scanner but unsuccesful....

HOPE YOU CAN GIVE ME MORE EXPLAINATION.......

Well since we don't have much to go on I'll have to say it could be just about anything.... mis-configured proxy servers can work both ways (that is what Lamo usually exploits). That could be one problem, there could also be other ways into your network that you are unaware of.

My advice: Find a professional in the area that will do a network and vulnerability analysis for you for cheap. Most of us folk like to do vulnerabilty tests and might do one for very discounted or even free for a school. If you PM me with your location I might be able to find someone in your area I know that could help.

Oh, and unless the ISP is providing security services it is almost never their problem. If someone is able to connect to you and hack into your system the ISP is doing their job by providing connectivity.

--P>G>>

Can you give a better explanation as to whats goin on? What are the workgroup names? How is the proxy server configured? I am assuming there are two nic cards. How is the proxy server connected to the router?

Your question and description is very confusing.

Are you seeing these new workgroups when you connect the proxy server to the external 8 port hub?

THere are probably other computers set up to that 8 port or the other hubs that are connected that hub, that are part of these workgroups.

Remember, once you plug the secondary ethernet into the external network, that server will see all the workgroups that are connected through those hubs.

i have a bit of advice

running a network that is not behind a router is extremely dangerous.. even though you are going through a proxy server.. that proxy server can easily be exploited and access to the rest of the network is a few clicks away...

something you might think about... routers are cheap.. even if you just get a 1-4 port router


also.. as long as the other workgroups are on the same subnet (192.168.x.x) as the proxy server.. (IE. the proxy server is 192.168.3.40.. and machine with the internal IP of 192.168.3.x will show up no matter what workgroup they are on IIRC)

Kuun

p.s. please correct me if i am wrong

edit: horrible horrible typos

Grinler,

Only the proxy server can connect/access the ff. workgroups mentioned, while the workstations can't. Actually I am sure that they are not belong to this workgroup cuz I unplugged the cable for the workstations, the cable used in distributing local ip addresses. And that's the big Q to my mind, why is it that only the proxy server can see that workgroups. The funny thing their, I can delete their files from my proxy server.
KuunLB, thanks for your VERY GOOD advice but sad to say that my boss refuses to give the budget for that device. Btw is there any programs their that we can substitute the router's functions?If yes, where can we found it, i mean where to download it for free? THANKS...

You should have two nics in your proxy server. Once attached to your internal network, one attached to the external network. When you plug the proxy server into the external network, it can see other workgroups, yet your workstations on the internal network cannot.

If thats the scenario, it is most likely that those workgroups that you are seeing from your proxy server, are connected to the proxy server through the hubs on the external network.

Your machines on the internal network, should not be able to see those other workgroups, as they are in front of the proxy and the proxy is not a router.

Grinler,
you mean, that this computers are also connected to our internet provider, am i right? So we can say that they are not hackers?cuz as i understand HACKERS, they cant be seen by our naked eyes except of using toolz.

I am saying thats its possible they are hooked up to the same hubs that you are using to connect to the internet provider. As for hackers never being seen, well thats not always true


Trace how your network is configured and see what is hooked to what. Its the only way to determine whats going on.

I am only giving suggestions, and would suggest you research how your network is setup before making a determination.

mr quick

know anything about linux?

well.. you can create a router by using an old 386 machine with 32mb of ram

there are plenty of "floppy distro's" out there that can be used for NAT/Firewalling/Routing

FreeSCO
Coyote

those are the only two i remember off the top of my head

Kuun

p.s. a boss who refuses to spend $50 on a router for network security.. is a very STUPID boss......

THANK YOU very much guyz for giving me the attention about this problem. Well, Grinler I'll make a research about the network configuration. And also the term hooked, i've heard this word from my friend say that "I can hook up your network anytime".

You are right, Windows is very easy to work with, Hey, not talking about normal guys, It is easy for HaXors..!!. 1000 days in a year you have to install the patches, Well, admins have always good job... Gr8.. Widows make people work hard..!! SOUNDS COOL

YES THX for the info manu...

why is it sad that you are just starting?
better late than never!!

linux is not that hard.. it just depends on the GUI you use

KDE is a great GUI.. looks alot like windows. the transistion isn't that hard with KDE

but if you get something like blackbox it gets a lil more complicated

just install redhat9 with KDE and play around with it

i've got a linux box that i mess with occasionally

i mostly use windows because it's the os most network admins work with.. and im trying to learn as much about NT and networking with NT/2K/XP

good luck mate

hee...hee...he... thanx for for great advice kunn it makes me stronger to learn that..I also want to know how to configure window NT family.How about novell netware?You don't like this one?

I am able to configure a DHCP server using the winroute. Recently, configured DHCP in Windows NT, but unsuccesful. Clients can obtain an ip address but can't run an internet. So most often I used winroute in configuring a DHCP server. I don't know if we are going to use to nic in configuring DCHP server in winNT.
I have also a book in winNT vol. 2 but incomplete...Configuring a Remoteboot service is also very useful for me in a laboratory like in our school...

There are lots of things that I want to learn but lack of time, no.1 problem is the budget to buy referrences. Owning of books is more advantage than to borrow, and I had my experience beforE.

mr quick

mr_quick

thing about using a DHCP server is it does not allways assign the correct gateway IP

i learned this using my router as a dhcp server

i prefer to turn dhcp off and assign IP's manually (of course a small network it isn't that hard) i also find it easier to troubleshoot.. specially when you know al lthe ip's of every specific machine.. chasing dynamic ip's to a particular machine can be frustrating at times when you need to know which machine has what IP on a nework of say.. 200 computers

Make sure one acouple of the dhcp clients that the proper gateway is set..

also.. in order to use the gateway.. the clients have to be on the same subnet as the server

also.. the gateway should be 192.168.1.1 and all the clients should use 192.168.1.x

if you try to use 192.168.0.x with a 192.168.1.1 gateway server.. it will not work

i learned that from personal experience

Kuun