My ISP is also the f*cking one-and-big phone company around here (CANTV) who also owns the whole network infrastructure that goes into every home... but besides this pissing situation this is what i do to know who i am:
on my machine i do a netstat -r to check my eth0 device:
# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.xxx.xxx.112 * 255.255.255.240 U 40 0 0 eth0
127.0.0.0 * 255.0.0.0 U 40 0 0 lo
default dhcp-0.dslxx-05 0.0.0.0 UG 40 0 0 eth0
so to check i do
# ssh 10.xxx.xxx.112
Secure connection to 10.xxx.xxx.112 refused.
but there's more fun yet: if i traceroute to it i get:
# traceroute 10.xxx.xxx.112
socket: Permission denied
ouch! then i check and do
# ssh 10.xxx.xxx.114
root@10.xxx.xxx.114's password: (my password)
Last login: Sun Apr 21 15:52:56 2002 from dhcp-1.dslxx-0x-0y-0z-w-k.cao.dsl.cantv.net
/usr/X11R6/bin/xauth: (stdin):1: bad display name "dhcp-1.dslxx-0x-0y-0z-w-k.cao.dsl.cantv.net:10.0" in "add" command
Caution - you already had IA32ROOT set - your PATH could become excessively long
#
I have login! its my own machine! ...So im 10.xxx.xxx.114, at least locally, to figured out who i am seen from outside, i log to a remote machine im my university:
#ssh
hano@159.xxx.yyy.zzz
hano@159.xxx.yyy.zzz's password: (my password)
when logged, i try to log back to my machine
[hano@159.xxx.yyy.zzz]# ssh 10.xxx.xxx.114
Secure connection to 10.xxx.xxx.114 refused.
i doesnt let me log on my machine!!
what is going on here?? so i do a traceroute to my machine to check what are the steps to my machine:
[hano@159.xxx.yyy.zzz]# traceroute 10.xxx.xxx.114
traceroute to 10.xxx.xxx.114 (10.xxx.xxx.114), 30 hops max, 38 byte packets
1 159.xxx.yyy.1 (159.xxx.yyy.1) 1.280 ms 1.125 ms 1.104 ms
2 159.xxx.yyy.1 (159.xxx.yyy.1) 1.549 ms 1.374 ms 1.334 ms
3 159.xxx.yyy.1 (159.xxx.yyy.1) 1.262 ms !H * 1.346 ms !H
so it doesn't help much. apparently 10.xxx.xxx.114 is not a real IP, so, to figure out what are my "real" IP, i supposed that this remote machine must know from whom he is listening my ssh!
that's the reason for me to do a netstat on this remote machine:
[hano@159.xxx.yyy.zzz]# netstat | more
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 40 159.xxx.yyy.zzz:ssh 200.aaa.bbb.6:2456 ESTABLISHED
Active UNIX domain sockets (w/o servers)
Proto RefCnt Flags Type State I-Node Path
unix 1 [ ] STREAM CONNECTED 41986 @0000026a
unix 1 [ ] STREAM CONNECTED 41993 @0000026c
unix 1 [ ] STREAM CONNECTED 41983 @00000269
unix 1 [ ] DGRAM 49140 /dev/log
unix 0 [ ] STREAM CONNECTED 21926 @000000f2
unix 0 [ ] DGRAM 51307
... other irrelevant stuff
but the relevant stuff is the listening ssh connection from 200.aaa.bbb.6 on port 2456 (every time i log the port its different, but always from 200.aaa.bbb.6)
but who is this 200.aaa.bbb.6? just to check out i logout and get back to my home machine, then i traceroute from here to this weird server...
# traceroute 200.aaa.bbb.6
traceroute to 200.aaa.bbb.6 (200.aaa.bbb.6), 30 hops max, 38 byte packets
1 dhcp-0 (10.xxx.xxx.113) 0.849 ms 0.791 ms 0.765 ms
2 lo0.lac00-nrp2.cnt.dsl.cantv.net (172.17.1.62) 67.239 ms 65.914 ms 66.128 ms
3 fe1-0-0.core-00.cnt.dsl.cantv.net (172.16.1.3) 67.713 ms 67.625 ms 67.863 ms
4 fe0-0-0.lac00-nrp2.cnt.dsl.cantv.net (172.16.1.62) 65.761 ms 67.586 ms 66.107 ms
5 fe1-0-0.core-00.cnt.dsl.cantv.net (172.16.1.3) 67.724 ms 67.681 ms 67.879 ms
6 fe0-0-0.lac00-nrp2.cnt.dsl.cantv.net (172.16.1.62) 65.961 ms 69.413 ms 64.387 ms
7 fe1-0-0.core-00.cnt.dsl.cantv.net (172.16.1.3) 67.715 ms 69.372 ms 66.129 ms
8 fe0-0-0.lac00-nrp2.cnt.dsl.cantv.net (172.16.1.62) 64.235 ms 67.666 ms 66.190 ms
9 fe1-0-0.core-00.cnt.dsl.cantv.net (172.16.1.3) 67.622 ms 99.199 ms 69.313 ms
10 fe0-0-0.lac00-nrp2.cnt.dsl.cantv.net (172.16.1.62) 66.005 ms 67.663 ms 67.846 ms
and it goes and goes... after a while of this ping-pong, it just stops. So, my ISP wanna mess with my mind,
actually the ISP want to bribe people making you pay a LOT more to get off your back these problems, and they assure you you have a dynamic IP assigned by the DHCP, but i have checked it out and locally im ALWAYS 10.xxx.xxx.114 !! and when i log to a remote host, im always listened from 200.aaa.bbb.6!!
please, help me figure out!
Hano