Security Basics mailing list archives

RE: traceroute-like tool for UDP or TCP packet

From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 21 Aug 2003 16:07:57 -0700

Linux uses UDP packets to traceroute, not ICMP packets like 
windows does.


Not really.... an ICMP packet is a type of UDP packet.


  Nope.  ICMP and UDP are different protocols on top of IP.

Basicly traceroute works by sending a series of ICMP ECHO 
requests with increacing TTLs (time to live - how many hops 
the packet can travel before it dies and aPacket
Timeout error is sent).


  What kind of packet traceroute sends depends on what the
author chose to use.  The two most common are UDP echo-request
and ICMP echo-request, because the target host should reply
with a UDP echo or ICMP echo (respectively) instead of the 
ICMP time-exceeded which intermediate routers will send when
TTL expires.

A ping is also just a ICMP ECHO message, just with
a defualt TTL, rather than a series of increasing TTLs.


  ICMP echo-request, actually; ICMP echo is the answer coming
back.

David Gillett



---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Re: traceroute-like tool for UDP or TCP packets some guy (Aug 21)
- Re: traceroute-like tool for UDP or TCP packet Edward Rustin (Aug 21)
  - Re: traceroute-like tool for UDP or TCP packet Ranjeet Shetye (Aug 21)
    - Re: traceroute-like tool for UDP or TCP packet Ranjeet Shetye (Aug 21)
  - RE: traceroute-like tool for UDP or TCP packet David Gillett (Aug 21)
- <Possible follow-ups>
- Re: traceroute-like tool for UDP or TCP packets A.C. Speelman (Aug 21)