From: Ranjeet Shetye (ranjeet.shetye2@zultys.com)
Date: Tue Jun 08 2004 - 15:49:32 EDT
* Dieter Sarrazyn (dsr@ascure.com) wrote:
> Hi all,
>
> While performing pentests, I noticed some (strange) behaviour with
> tracerouting to cisco routers.
>
> Performing the trace with udp packets (default on linux), the router
> answers with it's ip address of the interface closest to you (external
> interface of the router).
> Performing traces with icmp (-I flag in linux, default in windows), the
> router answers with it's ip address that you are tracing to (mostlikely
> the internal interface of the router).
>
> Anybody noticed this behaviour as well?
> Has somebody an explanation for this?
>
> Regards,
> Dieter
>
never tried it or noticed it but it sounds like the udp ping is being routed
in a standard manner, while the icmp response code path is short-circuited
and "switched" rather than routed, if you get my meaning.
-- Ranjeet Shetye Senior Software Engineer Zultys Technologies Ranjeet dot Shetye at Zultys dot com http://www.zultys.com/ The views, opinions, and judgements expressed in this message are solely those of the author. The message contents have not been reviewed or approved by Zultys.
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT