Penetration Testing mailing list archives
Re: Traceroute
From: mc <mclists () optushome com au>
Date: Fri, 25 Feb 2005 10:38:10 +1100
Chris wrote:
Hi, I've just got a little question which isn't really linked to pen-testing: do you know any alternative to the normal UDP/TCP/ICMP traceroute to trace the route of a packet? I'm already aware of the IP Record Route option, but is there any other hack that you guys would be aware of? Thanks. Christian Vincenot
Paratrace? (Part of the Paketto package from http://www.doxpara.com/) To quote the release information of it.. Paratrace traces the path between a client and a server, much like "traceroute", but with a major twist: Rather than iterate the TTLs of UDP, ICMP, or even TCP SYN packets, paratrace attaches itself to an existing, stateful- firewall-approved TCP flow, statelessly releasing as many TCP Keepalive messages as the software estimates the remote host is hop-distant. The resultant ICMP Time Exceeded replies are analyzed, with their original hopcount "tattooed" in the IPID field copied into the returned packets by so many helpful routers. Through this process, paratrace can trace a route without modulating a single byte of TCP/Layer 4, and thus delivers fully valid (if occasionally redundant) segments at Layer 4 -- segments generated by another process entirely. -- mc
Current thread:
- Traceroute Chris (Feb 24)
- RE: Traceroute rzaluski (Feb 25)
- Re: Traceroute mc (Feb 25)
- Re: Traceroute Chris (Feb 25)
- RE: Traceroute Omar Herrera (Feb 25)
- Re: Traceroute John Galt (Feb 25)
- RE: Traceroute dwarkeeper (Feb 26)