| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 Sep 2007 11:19:20 -0700 From: Tony Rall <trall@...aden.ibm.com> To: bugtraq@...urityfocus.com Subject: Re: 0trace - traceroute on established connections On Friday, 2007-09-28 at 11:43 GMT, tyter9@...il.com wrote: > I think it would be interesting to enumerate incoming connections. > > user (192.168.0.2) --> router (192.168.0.1) --> gateway/masquarade --> ~~~~ --> > server (0trace). > What do you think about it? is it possible to enumerate internal "user" user > network? Remember that the route traffic takes is dynamically determined with each packet - and most of those decisions are made outside your own machine. The path taken by one packet may differ markedly from that of the previous packet to the same destination. And, in trying do what you suggest, you run into all of the shortcomings of traceroute - including: 1. Some nodes won't respond to you. 2. Some nodes may even lie to you. 3. There is no reasonable way to determine the path of the return traffic (asymmetric routing). -- Tony Rall
Powered by blists - more mailing lists