Re: traceroute-like tool for UDP or TCP packets

From: shawnmer (shawnmer_at_io.com)
Date: 08/22/03

  • Next message: McGill, Lachlan: "RE: Account logon failed" 
    Date: Thu, 21 Aug 2003 17:26:26 -0500 (CDT)
To: Kent James <kent1@caspia.com>

    Hi,

    Have a look at tcptraceroute <http://michael.toren.net/code/tcptraceroute>.

    <snip>

    Description

    tcptraceroute is a traceroute implementation using TCP packets.

    The more traditional traceroute(8) sends out either UDP or ICMP ECHO
    packets with a TTL of one, and increments the TTL until the destination
    has been reached. By printing the gateways that generate ICMP time
    exceeded messages along the way, it is able to determine the path packets
    are taking to reach the destination.

    The problem is that with the widespread use of firewalls on the modern
    Internet, many of the packets that traceroute(8) sends out end up being
    filtered, making it impossible to completely trace the path to the
    destination. However, in many cases, these firewalls will permit inbound
    TCP packets to specific ports that hosts sitting behind the firewall are
    listening for connections on. By sending out TCP SYN packets instead of
    UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common
    firewall filters.

    </snip>

    Thanks,

    -scm

    KJ:Kent James

    KJ>One of the local ISPs is having trouble getting DNS information from
    KJ>Easydns. I suspect they have a misconfigured firewall or other security
    KJ>block in their system. I can ping and traceroute the DNS servers but get no
    KJ>response from UDP or TCP packets.
    KJ>
    KJ>Is there a tool that works like traceroute, only shows the route for TCP or
    KJ>UDP packets instead of the ICMP packets that traceroute uses?
    KJ>
    KJ>+----------------+
    KJ> Kent James, Ph.D, MCSE
    KJ> Computer network support in Baku, Azerbaijan
    KJ>+----------------+
    KJ>
    KJ>
    KJ>---------------------------------------------------------------------------
    KJ>----------------------------------------------------------------------------
    KJ>

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: McGill, Lachlan: "RE: Account logon failed"

    Relevant Pages

    • Re: icmp type 11 not go via nat POSTROUTING table
      ... everthing is working as it "should", there is no reason for a "ICMP ... I generated two test icmp packets ... This is how traceroute knows the IP of the ... If x.y.z.t is a private IP address, it cannot be tracerouted anyway, so ...
      (comp.os.linux.networking)
    • Why some hosts in Internet not prefer to be traceroute-d ?
      ... i.e. not to send a TTL exceeded ICMP packet back to the host. ... like dropping TTL exceeded ICMP packets (dropping such packets in ... I used to traceroute in unprivileged user mode, ... What's the difference between a router and a endpoint host from ...
      (comp.os.linux.networking)
    • Re: tracert from A to B dies just before reaching B -- and vice versa?
      ... traceroute died just before reaching 67.43.158.218. ... the default is to use UDP packets. ... come as a surprise to you, but neither ICMP or UDP is used for SSH ... Dozens of explanations - most probably is the fact that firewall rules ...
      (comp.os.linux.networking)
    • RE: strange traceroute output
      ... traceroutes as opposed to using ICMP packets like windows. ... # traceroute replies with an icmp "time-exceeded". ... # packet coming from the outside with destination your servers. ...
      (Security-Basics)
    • Re: How can traceroute fail, yet the site still open in a web browser?
      ... yet load in a web browser almost instantly? ... Some network hops along the path may not transmit ICMP requests/replies. ... The web sites transmit TCP packets and so connect properly. ... Broadly correct but UNIX/Linux traceroute sends its probes using UDP ...
      (comp.os.linux.networking)