1

First a little background. My company is renting some servers at the Terremark cloud. As we want to connect our servers to the infrastructure of a mobile carrier in order to restrict our end users to only be able to access our service, the carrier proposed to use the "GRE over Internet" solution, and we are almost set, but one thing. For some reason the carrier wants to know the router make and model, because it's important for some configuration on their end. We asked the Terremark support of course, but apparently it requires some sort of managerial authorization to let us know the information that we need. And this authorization just doesn't want to come out!

So, here's the real question. First off, is it possible for us to figure out somehow what is the make/model of the router where our public IP is assigned? Secondly, because it's in the cloud, I assume the physical router might change at any time without our knowledge; how much can it affect the GRE over Internet solution?

Ilya Saunkin
  • 165
  • 1
  • 8

2 Answers2

4

Forget the technicalities for a moment, if you have the sort of relationship with Terremark where they're not telling you what hardware they use then almost certainly they won't commit to that hardware being in place over any set period of time. GRE is a Cisco-originated mechanism and I'd be worried that even if Terremark are using "GRE-happy" kit such as Cisco routers they could change this at any time and your link may not survive the change. I'd suggest you speak to the mobile carrier and explain this lack of forthcoming information from Terremark and ask them if they have a more vendor-gnostic option that would be more capable of surviving the uncertainties of this part of the environment.

Oh and to answer the actual question - sometimes it's possible to find out what hardware and software is being used, the better the security setup the less chance there is. I think you've a better chance of explaining this scenario to Terremark than you have of electronically finding out the router make/model/software-version etc. at this stage.

Hope this helps.

Chopper3
  • 101,299
  • 9
  • 108
  • 239
2

The technical answer to your question is yes, sometimes; the tool nmap supports OS fingerprinting, where it uses various characteristics of the TCP connection to narrow down or even positively identify the OS type and version that lives at a specific IP address.

It's even possible to tweak a Linux kernel to make it appear to be a Sega Dreamcast game console to defeat such scanning.

Handyman5
  • 5,257
  • 26
  • 30
  • wow, impressive! even though I was mostly interested in the make/model of the hardware router. – Ilya Saunkin Jul 10 '11 at 14:08
  • nmap supports identifying routers, switches, printers, game consoles; just about anything somebody's submitted as OS fingerprint for. Routers are often a little more difficult to fingerprint because they tend to have access controlled or firewalled ports, but sometimes it can be done. – Handyman5 Jul 10 '11 at 18:05
  • but i see why you keep saying "sometimes":) i checked my windows server in the cloud and it told me `(JUST GUESSING) Linux 2.6.x` lol – Ilya Saunkin Jul 10 '11 at 19:08