Re: traceroute problem

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 01/19/05

Next message: Vash The Stampede: "Re: Using USB connection with DSL to FTP installation"
Previous message: Jeff Arch: "Re: KDE 3.2 to 3.3 Knotify crash"
In reply to: mjt: "Re: traceroute problem"
Next in thread: mjt: "Re: traceroute problem"
Reply: mjt: "Re: traceroute problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 18 Jan 2005 18:24:44 -0600

In article <352rnnF4hsdibU3@individual.net>, mjt wrote:

>Dave M wrote:
>
>>> ... use the "-I" switch and let us know how it works
>>
>> The SuSE included version of traceroute uses -I to specify the interface. I
>> think you're thinking of versions of traceroute where -I tells traceroute
>> to use ICMP instead of UDP (which is the reason traceroute doesn't work
>> behind NAT in almost every situation with many Linux distributions).
>
>... exactly (-I == use ICMP)

I just ran into that problem with someone in comp.os.linux.networking
earlier this month (thread "Kppp, peer not responding (Suse9.2)"). I
suggested the user try 'traceroute -ni ppp0 some.ip.add.ress' and he
reported back:

-------------------
>/usr/sbin/traceroute -ni ppp0 213.140.6.96
>/usr/sbin/traceroute: invalid option -- i
>usage: traceroute [-nFV] [-f first_ttl] [-m max_hops] [-p port]
>[-S source_addr] [-I interface]

[compton ~]$ /usr/sbin/traceroute --version
Version 1.4a12
Usage: traceroute [-dFInrvx] [-g gateway] [-i iface] [-f first_ttl]
[-m max_ttl] [ -p port] [-q nqueries] [-s src_addr] [-t tos]
[-w waittime] host [packetlen]
[compton ~$

Now who changed that? -I here causes traceroute to use ICMP echo rather
than UDP.
-------------------

This is as bad as BSD vs SysV!!! Sheesh! Idiots should not change
options without changing the application name so people know it's different.

By the way, you may be interested in

[compton ~]$ whatis tcptraceroute
tcptraceroute (8) - A traceroute implementation using TCP packets
[compton ~]$

http://michael.toren.net/code/tcptraceroute/

Old guy

Next message: Vash The Stampede: "Re: Using USB connection with DSL to FTP installation"
Previous message: Jeff Arch: "Re: KDE 3.2 to 3.3 Knotify crash"
In reply to: mjt: "Re: traceroute problem"
Next in thread: mjt: "Re: traceroute problem"
Reply: mjt: "Re: traceroute problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages

Re: Distributed ICMP/UDP scan or attack?
... Looks to me like a ping followed by a UDP connect. ... configured to ping first and use ten decoys. ... icmp at your firewall is a good way mitigate blind ... and tracking system please see: http://aris.securityfocus.com ...
(Incidents)
Re: G8 vs. G4C chess Match
... ICMP type 8, usually answered with a "pong" or ICMP echo reply, ICMP ... It's nothing to do with UDP. ... contain a destination port, UDP headers do. ... if you've no connection with the machine being scanned. ...
(uk.radio.amateur)
Re: Problem while setting DF bit ON
... >> smaller than the packet size, ... may be in form of ICMP message. ... >> UDP ...
(microsoft.public.win32.programmer.networks)
RE: Simple Scan
... Your analogy is good, except that ICMP is a layer 3 protocol, TCP & UDP ... ping!= information about a particular port. ...
(Security-Basics)
Re: port=1026&reason=ICMPsent
... > Actually ICMP is a layered protocol the UDP protocol in question is a ... in the payload of an ICMP ... with a payload indicating it was in response to a UDP packet? ...
(alt.computer.security)