tcptraceroute

March 28, 2006: tcptraceroute-1.5beta7 is now available on the tcptraceroute development page. Changes include checks to ensure pcap_fd is within the range of select(2) to avoid any potential FD_SET overflows by Shaun Colley, rebuildong of the autoconf with a more recent version from Debian Sarge, and an updated man page and examples.txt files to document the new --dnat detection features. Detailed information can be found in the changelog, or you can view the diff from the previous beta. Older News

Description

tcptraceroute is a traceroute implementation using TCP packets. The more traditional traceroute(8) sends out either UDP or ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path packets are taking to reach the destination. The problem is that with the widespread use of firewalls on the modern Internet, many of the packets that traceroute(8) sends out end up being filtered, making it impossible to completely trace the path to the destination. However, in many cases, these firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall are listening for connections on. By sending out TCP SYN packets instead of UDP or ICMP ECHO packets, tcptraceroute is able to bypass the most common firewall filters.

Documentation

tcptraceroute.8.html HTMLized manual page examples.txt Real world examples ChangeLog ChangeLog from the latest release

Download

tcptraceroute is free software, distributed under the terms of the GNU General Public License. Source code, Debian binary packages, and RedHat RPM packages are available for the current release. Special thanks to Kevin D. McAllister <kevin@mcallister.ws> for creating the RPM packages. Beta releases and archived production releases can be found on the tcptraceroute development page. Source:   tcptraceroute-1.4.tar.gz tcptraceroute-1.4, released 2002-07-30     Binary Packages:   tcptraceroute_1.4-0woody1_i386.deb Debian Woody i386 binary package tcptraceroute_1.4-0woody1_sparc.deb Debian Woody SPARC binary package tcptraceroute-1.4-1.i386.rpm RedHat 7.3 i386 binary package tcptraceroute-1.4-1_static.i386.rpm RedHat 7.3 i386 binary package, staticly linked     Signatures and Checksums   checksums MD5 checksums, clearsigned with GPG.

Mailing Lists

tcptraceroute-announce Moderated, announcement only mailing list. tcptraceroute-dev Development mailing list.

Related Links

Other software similar to tcptraceroute: tracerx looks like a promising traceroute implementation, but at the moment development appears to have been put on hold indefinitely, according it's website. hping2 is an arbitrary packet assembler with support for incrementing the TTL with each packet sent, similar to traceroute. Projects which make use of tcptraceroute: The ECN Hall of Shame maintains a list of hosts which are believed to be non-RFC-complaint, dropping packets which make use of previously reserved portions of the TCP flags header. As a result, these hosts cannot be reached by TCP stacks which attempt to use ECN (Explicit Congestion Notification, RFC248). Probes testing for non-compliance use tcptraceroute, as described in the project's notes area. tcpping is a shell script wrapper for tcptraceroute, written by Richard van den Berg, which emulates the ping command using TCP packets. Similar output can also be archived by using hping2, linked above.

Feedback

Questions? Comments? Gripes? Patches? I'm interested in hearing from you, either way. Please feel free to drop me a line at mct@toren.net.

Sitemap Work Home Public Key Code Resume Links

Last Updated: Tuesday, 28-Mar-2006 21:31:31 PST.   Valid HTML 4.01
© 2000 - 2008 Michael C. Toren <mct@toren.net>
Schrodinger's cat is not dead.