Richard van den Berg on 24 Oct 2005 14:28:41 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [tcptra-dev] Where to get libnet?

Brian Hawkins wrote:
> I'm intending on using tcptraceroute to do some mapping of the internet
> for a class I'm taking and I don't want my activity to be seen as an
> attack on a server.

Why use tcptraceroute for this? Scanrand from the Paketto Keiretsu
package is much better equiped for such tasks.

> There are a few known SYN attacks were the attacker
> tries to fill up the servers connections, but if what you say is true
> and the computer running tcptraceroute sends back an RST this should
> not be a problem.

That's simply a feature of your OS TCP/IP stack. Unless other scanners
take extra special care in not letting the OS see the SYN ACK, a RST
will be sent simply because the OS does not know anything about the SYN
that it is responding to.


Richard van den Berg
tcptraceroute-dev mailing list