Re: Traceroute

[mc <mclists () optushome com au>]

Chris wrote:

> Hi,
>
> I've just got a little question which isn't really linked to
> pen-testing: do you know any alternative to the normal UDP/TCP/ICMP
> traceroute to trace the route of a packet? I'm already aware of the IP
> Record Route option, but is there any other hack that you guys would be
> aware of?
>
> Thanks.
>
> Christian Vincenot
>
>  

Paratrace? (Part of the Paketto package from http://www.doxpara.com/)

To quote the release information of it..


 Paratrace traces the path between a client and a server, much like
 "traceroute", but with a major twist: Rather than iterate the TTLs of UDP,
 ICMP, or even TCP SYN packets, paratrace attaches itself to an existing,
 stateful- firewall-approved TCP flow, statelessly releasing as many TCP
 Keepalive messages as the software estimates the remote host is
 hop-distant. The resultant ICMP Time Exceeded replies are analyzed, with
 their original hopcount "tattooed" in the IPID field copied into the
 returned packets by so many helpful routers. Through this process,
 paratrace can trace a route without modulating a single byte of TCP/Layer
 4, and thus delivers fully valid (if occasionally redundant) segments at
 Layer 4 -- segments generated by another process entirely.




--
mc