Re: [tcptra-dev] Where to get libnet?

Michael C. Toren on 21 Oct 2005 18:16:50 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [tcptra-dev] Where to get libnet?

From: "Michael C. Toren" <mct@toren.net>

To: tcptraceroute development list <tcptraceroute-dev@netisland.net>

Subject: Re: [tcptra-dev] Where to get libnet?

Date: Fri, 21 Oct 2005 14:16:48 -0400

List-archive: </archives>

Reply-to: tcptraceroute development list <tcptraceroute-dev@netisland.net>

Sender: tcptraceroute-dev-bounces@netisland.net

On Thu, Oct 20, 2005 at 08:33:50PM -0600, Brian Hawkins wrote: > Hopefully this is not quite as dumb of a question. If you do get an ack > back from your syn packet what does tcptraceroute do? As Jon said, this indicates to tcptraceroute both that the port is open, and also that the TTL of the probe packet was large enough such that our probe made it all the way to the destination. Outside of tcptraceroute, the kernel of the machine tcptraceroute is running on will see a seemingly random ACK which does not match an existing entry in its state table, and will in turn respond with an RST. But, this largely doesn't concern us. > Secondly have there been any security issues brought up about using tcp > for trace routes? I'm not entirely sure what it is you're asking. Are you asking if there have there been any security concerns using the traceroute technique that tcptraceroute implements? Not that I'm aware of, other than the fact that by using TCP probe packets tcptraceroute is able to trace through many common firewalls. Or, are you asking if there have been any security problems in tcptraceroute itself, given that it runs SUID root? The only item which has been brought to my attention is that previous versions of tcptraceroute did not drop root privileges properly after the raw socket was opened, which could have have been a problem if an additional bug was discovered at a point later in the code, but to my knowledge none has been found. -mct -- perl -e'$u="\4\5\6";sub H{8*($_[1]%79)+($_[0]%8)}sub G{vec$u,H(@_),1}sub S{vec ($n,H(@_),1)=$_[2]}$_=q^{P`clear`;for$iX){PG($iY)?"O":" "forX8);P"\n"}for$iX){ forX8){$c=scalar grep{G@$_}[$i-1Y-1Z-1YZ-1Y+1ZY-1ZY+1Z+1Y-1Z+1YZ+1Y+1];S$iY,G( $iY)?$c=~/[23]/?1:0:$c==3?1:0}}$u=$n;select$M,$C,$T,.2;redo}^;s/Z/],[\$i/g;s/Y /,\$_/xg;s/X/(0..7/g;s/P/print+/g;eval' # Michael C. Toren <mct@toren.net> _______________________________________________ tcptraceroute-dev mailing list tcptraceroute-dev@netisland.net http://lists.netisland.net/mailman/listinfo/tcptraceroute-dev

Follow-Ups:

Re: [tcptra-dev] Where to get libnet?
From: Brian Hawkins <brianhks@activeclickweb.com>

References:

[tcptra-dev] Where to get libnet?
From: Brian Hawkins <brianhks@activeclickweb.com>

Re: [tcptra-dev] Where to get libnet?
From: Brian Hawkins <brianhks@activeclickweb.com>

Re: [tcptra-dev] Where to get libnet?
From: "Michael C. Toren" <mct@toren.net>

Re: [tcptra-dev] Where to get libnet?
From: Brian Hawkins <brianhks@activeclickweb.com>

Prev by Date: Re: [tcptra-dev] Where to get libnet?

Next by Date: Re: [tcptra-dev] Where to get libnet?

Previous by thread: Re: [tcptra-dev] Where to get libnet?

Next by thread: Re: [tcptra-dev] Where to get libnet?

Index(es):

Date

Thread