Traceroutes to Cisco Routers

From: Dieter Sarrazyn (dsr@ascure.com)
Date: Sat Jun 05 2004 - 06:55:10 EDT

• Next message: Brian Taylor: "RE: USB delivered attacks"
• Previous message: Peter Harmsen: "Re:USB delivered attacks"
• Next in thread: Ranjeet Shetye: "Re: Traceroutes to Cisco Routers"
• Reply: Ranjeet Shetye: "Re: Traceroutes to Cisco Routers"
• Reply: James Fields: "Re: Traceroutes to Cisco Routers"
• Maybe reply: juan.losada@empresas.telefonica.es: "Re: Traceroutes to Cisco Routers"
• Reply: Frank Knobbe: "Re: Traceroutes to Cisco Routers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi all,

While performing pentests, I noticed some (strange) behaviour with
tracerouting to cisco routers.

Performing the trace with udp packets (default on linux), the router
answers with it's ip address of the interface closest to you (external
interface of the router).
Performing traces with icmp (-I flag in linux, default in windows), the
router answers with it's ip address that you are tracing to (mostlikely
the internal interface of the router).

Anybody noticed this behaviour as well?
Has somebody an explanation for this?

Regards,
Dieter

• Next message: Brian Taylor: "RE: USB delivered attacks"
• Previous message: Peter Harmsen: "Re:USB delivered attacks"
• Next in thread: Ranjeet Shetye: "Re: Traceroutes to Cisco Routers"
• Reply: Ranjeet Shetye: "Re: Traceroutes to Cisco Routers"
• Reply: James Fields: "Re: Traceroutes to Cisco Routers"
• Maybe reply: juan.losada@empresas.telefonica.es: "Re: Traceroutes to Cisco Routers"
• Reply: Frank Knobbe: "Re: Traceroutes to Cisco Routers"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT