> >Hello people,
> > I am trying to traceroute a host , but here is a firewall that filters
> >the icmp packets I send . Is there any way to trick the remote host by
> Traceroute doesn't send ICMP packets, it sends UDP packets (however,
> Microsoft TRACERT does send ICMP packets). Traceroute *receives* ICMP
> packets from the routers along the way: they send TTL Exceeded error
> >sending icmp packets at port 53 as they where dns queries ?
> Your question makes no sense. DNS queries use UDP, not ICMP. There's no
> way to get routers to send the error packets in DNS queries -- why would a
> router designer even consider such a weird thing? ICMP and DNS are totally
> unrelated to each other.
Yes. You can tell traceroute to use port 53 which will let it slip
through firewalls with port 53 commonly open. Outgoing traceroute
probes can be configured to start with a certain port number but
unfortunately, traceroute increments the port numbers of each probe as
a way to determine which hop sent back a timeout. Otherwise
traceroute -p 53 10.2.1.2
for example. Would work.
I suppose you could try -p 49, -p 48, -p 47 etc until you got through
I hear there is a patch out there by a Michael Schiffman that makes
traceroute work without port incrementing.
Strangers in your computer? Don't be the last one to find out.
Security Link of the Hour: