Penetration Testing mailing list archives
Re: getting different ttl values for the same IP
From: Pieter Danhieux <opr () bsdaemon be>
Date: Wed, 28 Dec 2005 23:55:25 +0100 (CET)
Could be that port 401 and/or 400 are portforwarded to another box. Thus your TTL value in the reply will be dependant of which OS is running on the box where the portforward is arriving.
greets On Wed, 28 Dec 2005 aqua.le0 () gmail com wrote:
Hi all While performing a TCP traceroute using cain&able i got different ttl values for the same ip, can anyone explain about this 10.10.10.10;401 ms (TTL=230) - TTL exceeded;411 ms (TTL=230) - TTL exceeded;500 ms (TTL=230) - TTL exceeded;(Unknown) 10.10.10.10;400 ms (TTL=106) - Echo Reply;401 ms (TTL=102) - Echo Reply;400 ms (TTL=102) - Echo Reply;(Unknown); Rgds Aqua ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- getting different ttl values for the same IP aqua . le0 (Dec 28)
- Re: getting different ttl values for the same IP Tim (Dec 28)
- Re: getting different ttl values for the same IP Maciek Dudek (Dec 28)
- Re: getting different ttl values for the same IP Maciek Dudek (Dec 28)
- Re: getting different ttl values for the same IP ilaiy (Dec 28)
- Re: getting different ttl values for the same IP Joachim Schipper (Dec 28)
- RE: getting different ttl values for the same IP Sahir Hidayatullah (Dec 28)
- Re: getting different ttl values for the same IP Pieter Danhieux (Dec 28)
- RE: getting different ttl values for the same IP berg (Dec 29)
- Re: getting different ttl values for the same IP Thierry Zoller (Dec 29)
- Re: getting different ttl values for the same IP Paul Robertson (Dec 29)
- Re: getting different ttl values for the same IP Technica Forensis (Dec 31)
- <Possible follow-ups>
- Re: getting different ttl values for the same IP pentest (Dec 29)
- Re: getting different ttl values for the same IP Tim (Dec 28)