Security Basics mailing list archives

RE: traceroute-like tool for UDP or TCP packet

From: "K sPecial" <xzziroz () linuxmail org>
Date: Fri, 22 Aug 2003 12:29:58 +0800


----- Original Message -----
From: "Brian Austin" <baustin () ableinc com>
Date: Thu, 21 Aug 2003 15:23:26 -0700
To: <security-basics () securityfocus com> 
Subject: RE: traceroute-like tool for UDP or TCP packet

-----Original Message-----
From: Edward Rustin [mailto:ed () well com] 
On Thu, 21 Aug 2003, some guy wrote:

Linux uses UDP packets to traceroute, not ICMP packets like windows 
does. Hope that helps, -Scott


Not really.... an ICMP packet is a type of UDP packet. 
Basicly traceroute
works by sending a series of ICMP ECHO requests with 
increacing TTLs (time
to live - how many hops the packet can travel before it dies 
and aPacket
Timeout error is sent). A ping is also just a ICMP ECHO 
message, just with
a defualt TTL, rather than a series of increasing TTLs.


Traceroute implementations vary across OS platforms.  ICMP is used for
Windows but not *nix OS's, usually.  UDP is commonly used across
Unix/Linux platforms.  More here:
http://www.freesoft.org/CIE/Topics/54.htm


Make sure that the IS isn't blocking traffic coming back from 
a port 53,
or too a port 53 (make sure both UDP and TCP is open since a large DNS
relpy (over 1500 bytes I =think=) will get replied to oever TCP

Edward Rustin
Directory of Security, OnlineGuardians.org


All DNS client requests/replies are UDP, regardless of size (they're
rarely, if ever, big).  DNS zone transfers, however, are TCP
communications.

BA

---------------------------------------------------------------------------
----------------------------------------------------------------------------


-- 
______________________________________________
http://www.linuxmail.org/
Now with e-mail forwarding for only US$5.95/yr

Powered by Outblaze

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

RE: traceroute-like tool for UDP or TCP packet Brian Austin (Aug 21)
- Re: traceroute-like tool for UDP or TCP packet James Fields (Aug 22)
- <Possible follow-ups>
- RE: traceroute-like tool for UDP or TCP packet K sPecial (Aug 22)
- RE: traceroute-like tool for UDP or TCP packet Meidinger Chris (Aug 22)
  - RE: traceroute-like tool for UDP or TCP packet David Gillett (Aug 25)
- Re: traceroute-like tool for UDP or TCP packet K sPecial (Aug 22)