I have a very strange question.I have a router installed By My ISP.That connects to my Remote branch office.Suddenly since two days My Network is getting hung.So i Discovered that once that Router is plugged in to the network then my whole network is down(I could not sleep the whole night).But just to be sure i wanted to be conformed if the flooding is from the router or from my remote branch.
But i don;t know the IPadress and the Netmask of the router.
So if there was a way to know that.

The folowwing is my topology
A dlink switch.The linux box Ethernet,the router's Etherenet is connected to it.In my linux i have installed an application that shows me who is uploading too much.So if i could know my Router's IPaddress and netmask i would know what is happening,
Is there any free utilities that can show me this one.Becuase My linux is in a different Net and router in a different Net.So if i know the router's net then i i will move my Linux also to the sme net.(Don't tell me to ask My ISP.My ISP is Useless.Most of the times they ask me about their assigned IP Address)
Than you and regards

If I understand this can you do a traceroute to say googles ip and see the IPs that are seen along the route. Only tools I know of that are simply like iptraf if set to view the linux ethernet port should show outside IPs that are coming and going.

Just to make sense of your setup. A router provided by your ISP. Then you have a cable going from the router to a dlink switch. Now from the Dlink switch you are connecting to the Linux box.

As far as the Linux IP is it a non-routable IP like 192.168.x.x or real world internet IP with a partial netmask seen directly from the outside world?

Now if it is non-routable IP then you can use a scan tool that can scan for ports or your IP. http://www.hackerwatch.org/probe/ or for just IP seen from the Internet http://www.whatismyip.com/

If the IP seen from the internet is it the same as the Linux box IP or maybe the lan side of the router IP.

Also what is the make and model of the router.

Brian

your default gateway is your router. so type
look for an entry with the flag UG. The flags mean the interface is up and it is your gateway.

[EDIT]
if it was installed by your isp, i would port scan it to see what ports they have open.

nmap urgatewayip

to sniff the traffic on the link place a hub on the inside network of the router and hook up a linux box with ethereal, place your nic in promiscious mode. This should scan all traffic on the link without any interruption. Ethereal will give you source and desitnation address, which will allow you to find out where your attack is comming from, what type of attack.