Re: hopfake question.

From: Murali Raju (protocoljunkie@gmail.com)
Date: Sun Sep 18 2005 - 15:34:33 EDT

• Next message: Craig Wright: "RE: Whitespace in passwords"
• Previous message: frank boldewin: "Re: SAM user dump"
• In reply to: Paul Robertson: "Re: hopfake question."
• Next in thread: Paul Robertson: "Re: hopfake question."
• Reply: Paul Robertson: "Re: hopfake question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Doesn't windows uses ICMP for traceroute (tracert)?

On 9/17/05, Paul Robertson <compuwar@gmail.com> wrote:
> On 9/16/05, Jorge Alfredo Garcia <frederix@gmail.com> wrote:
> > im trying hopkake by xenion to do some testings about traceroute.
> > Im having some problem testing the code from different locations for
> > example a traceroute from my own country against an ip on my conutry
> > works fine:
> >
> > C:\>tracert 200.125.36.216
>
> [snip]
>
> > [root@ns20303 dark]# traceroute 200.125.34.234
>
> > As you can see the fake hops not appear in the attackers host.
> > I tested a lot and in the majority of the case its seems it doesnt works.
> > Please, i want to know why this problem and if it is there a
> > posibility to fix it.
>
> You're using two different commands from two different operating
> systems. Linux/Unix uses UDP for traceroute, Windows uses TCP for
> tracert. If you used tcptraceroute, you'd see the same results, since
> you'd be doing the same thing.
>
> The fix is to extend the software to fake UDP as well.
>
> Paul
> --
> www.compuwar.net
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>

-- 
May the packets be with you.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Craig Wright: "RE: Whitespace in passwords"
• Previous message: frank boldewin: "Re: SAM user dump"
• In reply to: Paul Robertson: "Re: hopfake question."
• Next in thread: Paul Robertson: "Re: hopfake question."
• Reply: Paul Robertson: "Re: hopfake question."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:55 EDT