lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <OFD14CB626.05CA412D-ON88257364.006413DB-88257364.0064A5E0@us.ibm.com>
Date: Fri, 28 Sep 2007 11:19:20 -0700
From: Tony Rall <trall@...aden.ibm.com>
To: bugtraq@...urityfocus.com
Subject: Re: 0trace - traceroute on established connections

On Friday, 2007-09-28 at 11:43 GMT, tyter9@...il.com wrote:
> I think it would be interesting to enumerate incoming connections.
> 
> user (192.168.0.2) --> router (192.168.0.1) --> gateway/masquarade --> 
~~~~ --> 
> server (0trace).
> What do you think about it? is it possible to enumerate internal "user" 
user 
> network?

Remember that the route traffic takes is dynamically determined with each 
packet - and most of those decisions are made outside your own machine. 
The path taken by one packet may differ markedly from that of the previous 
packet to the same destination.

And, in trying do what you suggest, you run into all of the shortcomings 
of traceroute - including:

1. Some nodes won't respond to you.
2. Some nodes may even lie to you.
3. There is no reasonable way to determine the path of the return traffic 
(asymmetric routing).

--
Tony Rall

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ