>
> If I understand correctly, traceroute works by sending pings with ttl=1,
> ttl=2,ttl=3 etc and records the names of the routers where the ttl reaches
> zero.
No, traceroute send UDP messages by default.
Doing a traceroute with TCP (it has an option, -P tcp) can
be really useful if you can use a fixed port. I made a trivial change
to traceroute that allows you to specify a fixed port by using a
negative number. For example, traceroute -P tcp -p -80 will do
a "TCP SYN traceroute" for port 80. Comparing this output with
a normal traceroute to the same destination (or a traceroute for a
different TCP port) you can detect HTTP transparent proxies,
man-in-the-middle attacks, policy routing, etc.
I sent a patch to the traceroute development team but received
no answer :-(.
Perhaps it could be committed to FreeBSD? I work for an ISP
and the feature has proved to be really useful!
Borja.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
