Full Disclosure mailing list archives
hiding routers
From: "Kristian Hermansen" <kristian.hermansen () gmail com>
Date: Wed, 18 Apr 2007 04:24:37 -0400
I brought this question up on another mailing list, but didn't get any good answers... How common is it that a router does not decrement the TTL of packets, such that it is unable to be identified using traceroute? Choosing not to decrement the TTL causes the next router to appear as the hop, but the current router to remain hidden. How does one commonly identify such hidden routers in an automated fashion? And is it policy for any organizations to actually do this, or only with certain packet types? The responses I got were along the lines of "don't do that, it breaks tcp/ip and error conditions". However, I am still interested in how likely an organization is to try something like this for both legitimate and illegitimate purposes. -- Kristian Hermansen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- hiding routers Kristian Hermansen (Apr 18)
- Re: hiding routers Sebastian Krahmer (Apr 18)
- Re: hiding routers Felix Lindner (Apr 18)
- Re: hiding routers Maxime Ducharme (Apr 19)