Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- ICMP Traceroute
- TCP Traceroute
- UDP Traceroute
|
57
Tracing the Location You would need to know the IP address of the webserver in order to trace the exact location. There are several methods to figure it out. We will use the simplest one, that is, the ping command. Ping command sends icmp echo requests to check if the website is up. It’s used for network trouble- shooting purposes. From your command line, type the following: ping www.techlotips.com The output would be as follows: C:\Users\ Rafay Baloch>ping www.techlotips.com Pinging techlotips.com [50.22.81.62] with 32 bytes of data: Reply from 50.22.81.62: bytes = 32 time = 304ms TTL = 47 Reply from 50.22.81.62: bytes = 32 time = 282ms TTL = 47 Reply from 50.22.81.62: bytes = 32 time = 291ms TTL = 47 Reply from 50.22.81.62: bytes = 32 time = 297ms TTL = 47 So we now know that the IP address of our target is 50.22.81.62. After determining the web- server’s IP, we can use some online tools to track the exact location of the webserver. One such tool is IPTracer that is available at http://www.ip-adress.com/ip_tracer/yourip Just replace your IP with your target’s IP, and it will show you the exact location of the web- server via Google Maps. From “www.ip-address.com/ip_tracer/50.22.81.62” Traceroute Traceroute is a very popular utility available in both Windows and Linux. It is used for network orientation. By network orientation I don’t mean scanning a host for open ports or scanning for services running on a port. It means to figure out how the network topology, firewalls, load bal- ancers, and control points, etc. are implemented on the network. 58 ◾ Ethical Hacking and Penetration Testing Guide A traceroute uses a TTL (time to live) field from the IP header, and it increments the IP packet in order to determine where the system is. The time to live value decreases every time it reaches a hop on the network (i.e. router to server is one hop). There are three different types of traceroutes: 1. ICMP traceroute (which is used in Windows by default) 2. TCP traceroute 3. UDP traceroute ICMP Traceroute Microsoft Windows by default uses ICMP traceroute; however, after a few hops, you will get a timeout, which indicates that there might be a device like IDS or firewall that is blocking ICMP echo requests. From this image you can see that the ICMP echo requests are timed out after seven requests. TCP Traceroute Many devices are configured to block ICMP traceroutes. This is where we try TCP or UDP trac- eroutes, also known as layer 4 traceroutes. TCP traceroute is by default available in BackTrack. If you can’t find it, just use the following command: apt-get install tcptraceroute Usage From the command line, you would need to issue the following command: tcptraceroute www.google.com UDP Traceroute Linux also has a traceroute utility, but unlike Windows, it uses UDP protocol for the traceroute. In Windows, the command for traceroute is “tracrt”. In, Linux, it’s “tracroute”. Usage traceroute www.target.com |