Penetration Testing mailing list archives
Re: Using TTL to Locate Hosts
From: Joe <bitshield () gmail com>
Date: Thu, 30 Mar 2006 22:17:37 +0200
Hi Chris Not sure what you mean with "locate hosts". I know that you can watch the TTL's of packets to make assumptions on how many hopts they passed. For example if you want to find out hosts that are behind a NATing device packets you will see that the IP packets from the device behind the NATing device will have a TTL which is one less than the TTL of packets comming directly from the NAT device. regards Joe On 3/29/06, Chris Hammer <CHammer () fcbnm com> wrote:
Hello everyone, I had an interesting question posed to me earlier. The question was "Could you use only the TTL of a packet to locate hosts and verify they are up?" I know playing around with Tracert this could be possible, or a crafted packet using HPING. Any other ideas or thoughts? Thanks! Chris ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/forms/ec.php?pubid=10025 And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com ------------------------------------------------------------------------------
Current thread:
- Using TTL to Locate Hosts Chris Hammer (Mar 29)
- Re: Using TTL to Locate Hosts Pete Herzog (Mar 30)
- Re: Using TTL to Locate Hosts Joe (Mar 30)