Re: Using TTL to Locate Hosts

From: Joe (bitshield@gmail.com)
Date: Thu Mar 30 2006 - 15:17:37 EST

• Next message: Peter: "Víagra To Jump Start Your Love Lífe __ %junk"
• Previous message: Hayes, Ian: "RE: Wireless Audit Reports"
• In reply to: Chris Hammer: "Using TTL to Locate Hosts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Chris

Not sure what you mean with "locate hosts". I know that you can watch
the TTL's of packets to make assumptions on how many hopts they
passed. For example if you want to find out hosts that are behind a
NATing device packets you will see that the IP packets from the device
behind the NATing device will have a TTL which is one less than the
TTL of packets comming directly from the NAT device.

regards Joe

On 3/29/06, Chris Hammer <CHammer@fcbnm.com> wrote:
>
> Hello everyone, I had an interesting question posed to me earlier. The
> question was "Could you use only the TTL of a packet to locate hosts and
> verify they are up?" I know playing around with Tracert this could be
> possible, or a crafted packet using HPING. Any other ideas or thoughts?
>
> Thanks!
> Chris
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> As attacks through web applications continue to rise, you need to proactively
> protect your applications from hackers. Cenzic has the most comprehensive
> solutions to meet your application security penetration testing and
> vulnerability management needs. You have an option to go with a managed
> service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
> Download FREE whitepaper on how a managed service can help you:
> http://www.cenzic.com/forms/ec.php?pubid=10025
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com
> ------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to proactively
protect your applications from hackers. Cenzic has the most comprehensive
solutions to meet your application security penetration testing and
vulnerability management needs. You have an option to go with a managed
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm).
Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/forms/ec.php?pubid=10025
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com
------------------------------------------------------------------------------

• Next message: Peter: "Víagra To Jump Start Your Love Lífe __ %junk"
• Previous message: Hayes, Ian: "RE: Wireless Audit Reports"
• In reply to: Chris Hammer: "Using TTL to Locate Hosts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:46 EDT