Re: RotoRouter 1.0 - Traceroute log & fake

[vadim () TVERSU RU (Vadim Kolontsov)]

Hi,

On Tue, Aug 11, 1998 at 08:48:09PM -0400, #include <gerbil.h> wrote:

[RotoRouter]

 Some time ago I've wrote a similar utility.
 From http://sb.123.org/tdetect.html

--------------------------- cut here ----------------------
Traceroute Detector

  If you're interested to detect all attempts to make "traceroute your-host"
or "traceroute host.your-network", you can try to use this simple program.
The idea is simple - to detect UDP (Unix traceroute) or ICMP ECHO (Windows
traceroute) packets with TTL fields == 1.

  Program was developed under FreeBSD 2.2.2 using Berekeley Packet Filter
library, currently supports only loopback and ethernet interfaces (it's
easy to add SLIP/FDDI). It's possible to port it to other systems (don't
forget to send me diffs ;). Remember - it's not a completed product, just a
couple of C-files to demonstrate the idea.

  An example of output:

  Traceroute Detector active on fxp0
  UDP-based traceroute attempt to 10.0.0.20 from 10.10.30.45
  ICMP-based traceroute attempt to 10.0.0.1 from 10.10.30.48

  First one is probably UNIX box, and the second one is Windows (or Unix
traceroute with "-I" option)
--------------------------- cut here ----------------------

  You can download it from that page.

Regards,
V.
--
Vadim Kolontsov
Tver Internet Center NOC