Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: printer problem
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Thu, 10 May 2001 11:31:23 -0400 (EDT)

On Wed, 9 May 2001, [iso-8859-1] m p wrote:

traceroute works on a lower level of the TCP/IP protocol hierachie
than the ports are.

you can trace a route with any protocol you so desire: ICMP, UDP, TCP,
ESP, GRE, whatever. (useful in determining protocol level ACLs, by the
way, and looking for 'leaks' in your firewall.) craft packet with TTL of
1, send out, expect ICMP_TTL_EXCEEDED; increase TTL, send, expect ..
lather, rinse, repeat. some protos just require a port argument, easily
supplied.

i had pointed out to me some time about this very topic a tool, named
tcptroute (thanks to darren reed). Tracer-X has yet to be finished from
what i can tell, though any decently skilled lib(nat|pcap) hacker could
finish it with some time.

http://coombs.anu.edu.au/~avalon/tcptroute.tgz
http://www.packetfactory.net/Projects/tracerx/

hope this helps.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault