| |
|
March 28, 2006:
tcptraceroute-1.5beta7 is
now available on the tcptraceroute development
page. Changes include checks to ensure pcap_fd is within the range
of select(2) to avoid any potential FD_SET overflows by Shaun Colley,
rebuildong of the autoconf with a more recent version from Debian
Sarge, and an updated man page and examples.txt files to document the
new --dnat detection features. Detailed information can be found in
the changelog, or you can view the diff
from the previous beta.
January 3, 2005:
tcptraceroute-1.5beta6 is
now available on the tcptraceroute development
page. The first beta release in some time, most notably this
version includes preliminary support for Destination NAT (DNAT)
detection. See the announcement
on the mailing list
for an example.
June 29, 2003:
A bug in tcptraceroute through version 1.5beta3 has been discovered by
Matt Zimmerman, such that
tcptraceroute did not properly drop root privileges after opening a raw
socket. The bug has been corrected in tcptraceroute-1.5beta4,
available on the
tcptraceroute development website.
As there are currently no known exploitable portions of tcptraceroute,
versions through tcptraceroute-1.5beta3 are still believed to be safe
even without fully dropping privileges, however users are encouraged to
upgrade to provide a measure of containment in the event that an
exploitable flaw is discovered in the future. Users of
tcptraceroute-1.4 who do not wish to upgrade to a beta version may apply the one line
patch
The bug was first announced in Debian Security
Advisory DSA 330-1 on June 23rd, and on June 27th also appears to
have been assigned an ID of CAN-2003-0489
by the Common Vulnerability and
Exposures list.
June 1, 2003:
The latest beta version, tcptraceroute-1.5beta3,
was released on June 1, 2003. Minor changes from 1.5beta1
include improved autoconf support under Solaris and MacOS X,
and elimination of a few non-gcc compiler type warnings. Beta
testers are strongly encouraged to report their experiences to
the
development mailing list.
May 24, 2003:
The latest beta version, tcptraceroute-1.5beta1 was
released on May 24, 2003, incorporating a number of patches received
during the past year. Most notably, tcptraceroute is now compatible
with libnet-1.1, and utilizes GNU autoconf for improved portability.
Beta testers are strongly encouraged to report their experiences to
the
development mailing list.
July 30, 2002:
tcptraceroute-1.4 was released on July
30, 2002, and contains two bug fixes from 1.3 -- tcptraceroute
now functions properly on both Synchronous and Asynchronous
PPP interfaces. Detailed information can be found in the
changelog, or you can view the
diff
from 1.3 on the development page.
May 19, 2002:
tcptraceroute-1.3 was released on May
19, 2002. Major changes include greatly improved command line
handling, properly aligning packet data for architectures
which don't allow non-aligned memory access, the ability to
traceroute to a local IP address, the ability to probe with
TCP ACK packets, making it possible to traceroute through
stateless firewalls that permit hosts sitting behind the
firewall to establish outbound connections, and the ability to
track probes by source port numbers instead of IP ID's, making
it possible for tcptraceroute to function properly on Solaris.
Detailed information can be found in the
changelog, or you can view the
diff
from 1.2 on the development page.
November 12, 2001:
tcptraceroute was mentioned in the November, 2001 issue of the
Linux Journal, in an article
by David A. Bandel, titled
"Focus
on Software, Applications for Your Enterprise":
Ever had a problem where you needed to trace all the way to a
server but that server was behind a firewall that dropped standard
traceroute packets? Well, if that server is running services
accessible from the Internet, you can use tcptraceroute to go right
through the firewall to the server. Just specify the port (by
default, tcptraceroute uses port 80), and the firewall won't know
the difference. Requires: libpcap, libnet, glibc.
Thanks to Michael Leone
and Darxus for bringing
the article to my attention.
July 31, 2001:
tcptraceroute-1.2 was released on July 31,
2001. Many new features have been introduced, including the ability
to send more than one probe to each hop, to send probes with the ECN
bits set, to send probes of an arbitrary length, and more. Detailed
information can be found in the changelog.
June 30, 2001:
tcptraceroute-1.1 was released on June 30,
2001. As noted in the changelog, root privileges
are now dropped after sockets have been initialized, and access to the
-s and -p command line arguments is restricted to root.
|
|
Last Updated: Tuesday, 28-Mar-2006 21:30:36 PST.
Valid
HTML 4.01
© 2000 - 2008
Michael C. Toren
<mct@toren.net>
Schrodinger's cat is dead.
|
|