Penetration Testing mailing list archives

Traceroutes to Cisco Routers

From: "Dieter Sarrazyn" <dsr () ascure com>
Date: Sat, 5 Jun 2004 12:55:10 +0200

Hi all,

While performing pentests, I noticed some (strange) behaviour with
tracerouting to cisco routers.

Performing the trace with udp packets (default on linux), the router
answers with it's ip address of the interface closest to you (external
interface of the router).
Performing traces with icmp (-I flag in linux, default in windows), the
router answers with it's ip address that you are tracing to (mostlikely
the internal interface of the router).

Anybody noticed this behaviour as well?
Has somebody an explanation for this?

Regards,
Dieter

Current thread:

Traceroutes to Cisco Routers Dieter Sarrazyn (Jun 07)
- Re: Traceroutes to Cisco Routers Ranjeet Shetye (Jun 09)
- Re: Traceroutes to Cisco Routers James Fields (Jun 10)
- Re: Traceroutes to Cisco Routers Frank Knobbe (Jun 10)
- <Possible follow-ups>
- Re: Traceroutes to Cisco Routers juan . losada (Jun 10)