Tuesday, April 14, 2009

traceroute

varsayılan traceroute ateşduvarlarına takılabildiği için portlarda oynam yapabiliriz.

If some filters are present in the network path, then most probably any "unlikely" udp ports (as for default
method) or even icmp echoes (as for icmp) are filtered, and whole tracerouting will just stop at such a firewall.
To bypass a network filter, we have to use only allowed protocol/port combinations. If we trace for some, say,
mailserver, then more likely -T -p 25 can reach it, even when -I can not.

posta:~/ozan# traceroute -T -n posta.eczakoop.org.tr -p 53 --sport=54
traceroute to posta.eczakoop.org.tr (81.8.50.40), 30 hops max, 40 byte packets
1 192.168.101.1 1.031 ms 2.289 ms 2.286 ms
2 85.105.188.1 13.358 ms 7.485 ms 12.415 ms

17:17:16.821634 IP 192.168.101.3.54 > 81.8.50.40.53: S 1675035062:1675035062(0) win 5808
17:17:16.822907 IP 192.168.101.3.54 > 81.8.50.40.53: S 2570820173:2570820173(0) win 5808

posta:~/ozan# traceroute -U -n posta.eczakoop.org.tr -p 53 --sport=54
traceroute to posta.eczakoop.org.tr (81.8.50.40), 30 hops max, 40 byte packets
1 192.168.101.1 1.125 ms 3.242 ms 1.296 ms

17:28:38.529383 IP 192.168.101.3.54 > 81.8.50.40.53: 16449 op8 [b2&3=0x4243] [17991a] [17477q] [18505n] [19019au][|domain]
17:28:38.530949 IP 192.168.101.3.54 > 81.8.50.40.53: 16449 op8 [b2&3=0x4243] [17991a] [17477q] [18505n] [19019au][|domain]



posta:~/ozan# traceroute -T -n posta.eczakoop.org.tr -p 25 --sport=23
traceroute to posta.eczakoop.org.tr (81.8.50.40), 30 hops max, 40 byte packets
1 192.168.101.1 1.791 ms 1.755 ms 1.567 ms
2 85.105.188.1 11.410 ms 7.264 ms 8.758 ms
3 81.212.74.205 9.229 ms 7.820 ms 8.960 ms
4 81.212.29.209 869.315 ms 749.567 ms 615.930 ms
5 212.156.120.13 8.619 ms 10.303 ms 7.848 ms
6 212.156.120.25 18.301 ms 20.469 ms 19.133 ms
7 81.212.26.130 20.181 ms 21.239 ms 18.471 ms
8 212.156.120.69 21.455 ms 19.850 ms 18.854 ms
9 212.156.37.26 17.532 ms 17.741 ms 17.526 ms
10 212.115.0.243 18.460 ms 18.341 ms 18.850 ms
11 81.8.43.213 28.275 ms 27.246 ms 27.470 ms
12 81.8.43.214 189.297 ms 153.613 ms 157.299 ms
13 81.8.50.40 159.746 ms 199.889 ms 199.562 ms
14 81.8.50.40 180.720 ms 179.884 ms 180.930 ms
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)