On Mon, 3 Jun 2002, RT wrote: :Here's the PERL script:
Handy script, but can be limited by aggregation, which is pretty common at exchange points. A more thorough method is to use hping or traceroute with the ttl set within 1 or two hops of the destination, and sample address ranges using the beginnings of CIDR blocks from /24 to /29's. This should flush out the routers, and then you will generally find clusters of contiguous address space around each router. Hping is handy b/c you can use udp/53 and be mostly innocuous, as few people ever corelate icmp unreachable alerts from their IDS, even though it is the best way to catch someone firewalking. -- batz ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
