|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Traceroutes to Cisco Routers
From: Ranjeet Shetye (ranjeet.shetye2
zultys.com)
Date: Tue Jun 08 2004 - 14:49:32 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
* Dieter Sarrazyn (dsrascure.com) wrote:
> Hi all,
>
> While performing pentests, I noticed some (strange) behaviour with
> tracerouting to cisco routers.
>
> Performing the trace with udp packets (default on linux), the router
> answers with it's ip address of the interface closest to you (external
> interface of the router).
> Performing traces with icmp (-I flag in linux, default in windows), the
> router answers with it's ip address that you are tracing to (mostlikely
> the internal interface of the router).
>
> Anybody noticed this behaviour as well?
> Has somebody an explanation for this?
>
> Regards,
> Dieter
>
never tried it or noticed it but it sounds like the udp ping is being routed
in a standard manner, while the icmp response code path is short-circuited
and "switched" rather than routed, if you get my meaning.
--
Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
Ranjeet dot Shetye at Zultys dot com
http://www.zultys.com/
The views, opinions, and judgements expressed in this message are solely those of
the author. The message contents have not been reviewed or approved by Zultys.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]