RE: Weird trace route output



Has anyone seen a Class C private Address when running a
trace route outside of their own network or domain?

Sure. There's nothing saying ISPs can't use RFC1918 private
addresses for their internal routers, as long as they don't
need to be the destination of a connection beyond the ISP's
perimeter.

Of course, if your antispoofing ingress rules block such
sources ahead of allowing the ICMP types that a trace uses,
you'll just see no response from those hops. But that's on
your end, not theirs.

David Gillett


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Jody Riding
Sent: Friday, April 13, 2007 3:39 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Weird trace route output


Has anyone seen a Class C private Address when running a
trace route outside of their own network or domain?

Notice the 15th hop address.
Some stuff has been *** for my protection ;-)

Tracing route to ***.com [216.159.234.11] over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms ***.***.***.***
2 <1 ms <1 ms <1 ms ***.***.***.***
3 1 ms 1 ms 2 ms ***.***.*** [**.***.***.***]
4 4 ms 4 ms 4 ms 500.MFR14.GW4.KCY4.ALTER.NET
[157.130.161.253]
5 5 ms 5 ms 11 ms 181.at-5-0-0.cl1.kcy4.alter.net
[152.63.88.210]
6 20 ms 21 ms 23 ms 0.so-7-0-0.XL1.CHI2.ALTER.NET
[152.63.68.81]
7 16 ms 19 ms 17 ms 0.so-7-0-0.BR6.CHI2.ALTER.NET
[152.63.71.94]
8 22 ms 24 ms 29 ms p4-0.core01.ord03.atlas.cogentco.com
[154.54.13.109]
9 23 ms 50 ms 21 ms v3491.mpd01.ord03.atlas.cogentco.com
[154.54.3.238]
10 39 ms 17 ms 17 ms v3488.mpd01.ord01.atlas.cogentco.com
[154.54.5.25]
11 48 ms 19 ms 17 ms g2-0-0.core01.ord01.atlas.cogentco.com
[154.54.1.205]
12 17 ms 17 ms 37 ms
vl3523.na01.b002332-1.ord01.atlas.cogentco.com [66.250.9.90]
13 28 ms 18 ms 18 ms globalcom-inc.demarc.cogentco.com
[38.99.221.26]
14 37 ms 28 ms 19 ms chi-dist3-fa13-1.networkgci.net
[216.146.70.11]
15 22 ms 30 ms 43 ms 192.168.107.133
16 * ^C





Relevant Pages

  • Re: tracking down connectivity problem
    ... network routing issue, but I need to do due diligence from my end. ... We have a suite of applications built using Oracle Forms 9i. ... the only problems reported are with connections to our OAS server, ... check logs everywhere as well as the IP's) you can also ping and trace route ...
    (comp.unix.admin)
  • Re: Weird trace route output
    ... Has anyone seen a Class C private Address when running a trace route ... outside of their own network or domain? ... Basically, traceroute uses specially crafted ... of whatever organization the packets are traversing. ...
    (Security-Basics)
  • Re: Monitoring
    ... Trace route will give you some insight ... in the network latency. ... It is the simplest tool, ... I would ask ISP if they could help and find ...
    (microsoft.public.isa)
  • Weird trace route output
    ... Has anyone seen a Class C private Address when running a trace route ... outside of their own network or domain? ... Notice the 15th hop address. ...
    (Security-Basics)
  • Re: ANN: RealThinClient SDK v1.8t > Web-based Forum in Delphi
    ... Here is a trace route from the www.realthinclient.de Server ... Tracing route to dsl.static81213151254.ttnet.net.tr ... over a maximum of 30 hops: ...
    (borland.public.delphi.thirdpartytools.general)