[TOOL] TraceProto - Traceroute Replacement

From: SecuriTeam (support_at_securiteam.com)
Date: 08/12/04

  • Next message: SecuriTeam: "[UNIX] libPNG Stack-Based Buffer Overflow and Other Code Concerns (Exploit)" 
    To: list@securiteam.com
Date: 12 Aug 2004 09:48:46 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      TraceProto - Traceroute Replacement
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    Traceproto is a traceroute replacement written in c that allows the user
    to specify the protocol and port to trace to. It currently supports TCP,
    UDP, and ICMP traces with the possibility of others in the future.

    How it works:
    TraceProto operates by sending out packets with a modified time-to-live
    field. As the packets are routed toward the destination, each hop along
    the way decrements the time-to-live (also known as the TTL). If the TTL
    reaches 0 before the packet reaches its destination, the hop that did the
    final decrement sends back an ICMP packet informing the source that the
    packet expired before reaching its destination. Normal network traffic
    uses a large TTL and it is unusual for the TTL to reach 0 before the
    packet reaches it destination. TraceProto deliberately uses a series of
    packets with smaller TTL values to cause each hop between the source and
    the destination to respond. TraceProto also measured the time that it
    takes for each hop to respond, potentially showing network congestion or
    overstressed routers along the way.

    Up to this point, TraceProto operates much like the original traceroute
    did. What TraceProto does differently is that it allows the user to
    specify which protocol and port to use. The original traceroute was
    written before most firewalls and transparent redirection and often fails
    when tracing today's networks.

    ADDITIONAL INFORMATION

    The tool can be downloaded from:
    <http://traceproto.sourceforge.net/index.php>
    http://traceproto.sourceforge.net/index.php
    The information has been provided by
    <mailto:skippysaurus@users.sourceforge.net> Eric Hope.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[UNIX] libPNG Stack-Based Buffer Overflow and Other Code Concerns (Exploit)"

    Relevant Pages