On Tue, 25 Nov 2003, Craig White wrote:
> traceroute would allow you to see if it breaks before it reaches the
> destination...
>
> traceroute -n -p high_port xxx.xxx.xxx.xxx
This method could be very misleading. Traceroute uses either ICMP or UDP
packets. However, the original post was about finding the availability of
an email server, which would be using a TCP port. Thus, while the results
of the traceroute may give you a 'general idea' of availability, it will
not show that a particular TCP port is open or not.
There is, however, a version of traceroute that uses TCP packets. Search
freshmeat for 'tcptraceroute' - this would likely be a better choice in
this case.
One other point... traceroute specifically looks for a PORT_UNREACHABLE
response from each hop. If you are tracerouting to a target that is
actually listening on the port specified with the '-p' flag, then it may
not get the PORT_UNREACHABLE response it is looking for and may cause
inaccurate results.
A good method is the recommended 'telnet' option for testing
availability of a TCP port. Of course, the best bet would be good ole'
nmap.
~Jay
..
.. Jay Jacobson
.. Edgeos, Inc. - 480.961.5996 -
http://www.edgeos.com
..
.. Managed Vulnerability Assessment
.. Services for Information Security Professionals
..
(text/plain)