RE: Weird trace route output

["David Gillett" <gillettdavid () fhda edu>]

  Exactly.  Those who maintain "this shows how the network is
misconfigured" should explain what better solution they have 
in mind. 

David Gillett


> -----Original Message-----
> From: listbounce () securityfocus com 
> [mailto:listbounce () securityfocus com] On Behalf Of Max Vohra
> Sent: Tuesday, April 17, 2007 12:08 AM
> To: security-basics () securityfocus com
> Cc: warl0ck () metaeye org
> Subject: Re: Weird trace route output
>
> On Mon, 16 Apr 2007 11:42:44 +0530
> Pranay Kanwar <warl0ck () metaeye org> wrote:
>
> > Appearance of private addresses in `traceroute` just shows 
> how system 
> > administrators have mis configured their system. The route 
> will work 
> > perfectly fine but might be difficult to troubleshoot.
> >
> > For example here on my system i receive no response from
> > 192.168.107.133 cause our firewall blocks any packet that comes in 
> > from private address space.
> >
> >
> > Regards,
> >
> > warl0ck // MSG
> > http://www.metaeye.org
>
> Showing all of the IP addresses along the way, regardless of 
> if their private or not is much better than blocking them, 
> for the purpose of network diagnostics (which is the intent 
> of traceroute, right?). If you see a public IP hop, three 
> lines of stars, then a another public IP, then you can tell 
> that it likely went through 3 machines good luck finding out 
> which ones were increasing the latency (Maybe use 0trace?), 
> and the Sysadmins on the other line would be more likely to 
> tell you to FOAD. If you told them that 192.168.123.31 in 
> their network had an increased latency, it helps both the SA 
> and the user find out what's going on and fix the problem.
>
> --
> Max Vohra <RandomMan.List () gmail com>