At 12:52 PM 10/26/2004 +0200, Thomas Springer wrote:
hi,
nessus does a traceroute, it says its an udp-trace.
isn't this really an icmp-trace?
and is there a chance make nessus do a tcp-traceroute like michael torens
tcptraceroute (see http://michael.toren.net/code/tcptraceroute/ )does?
Thomas Springer
TUEV ICS - IT-Security
The traceroute script for Nessus starts with a TCP packet
as a probe, then uses UDP then uses ICMP if no responses
are returned.
The issue is much more complex than firewalls blocking
TCP packets. For example, a firewall will likely block a
TCP packet with a destination port that is being filtered
just as likely as it will block a UDP packet. In the
examples they showed, one had to specific the destination
port to traceroute on and in most cases that was port 80.
You should be getting similar results to the tcptraceroute
tool (sans DNS lookups) with the Nessus traceroute plugin,
however, the destination port is chosen at random, so if
port 80, 25, 53, .etc is the magic port which will let you
bypass a firewall to do TTL knocking, the Nessus script
will give you slightly less accurate results.
Ron Gula, CTO
Tenable Network Security
http://www.tenablesecurity.com
_______________________________________________
Nessus mailing list
[EMAIL PROTECTED]
http://mail.nessus.org/mailman/listinfo/nessus
