Layer Four Traceroute

Layer Four Traceroute (LFT) is a fast, multi-protocol traceroute variant that implements numerous other features, such as B. AS number search through regional Internet registries and other reliable sources, loose source routing , firewall and load balancer detection etc. LFT is best known for its use to find a route to the destination host through various packet filters or Track firewalls to identify connection, performance, or latency issues.

functionality

LFT sends various TCP SYN and FIN packets (in contrast to Van Jacobson's UDP- based method ) or UDP packets that use the IP protocol 'time to live' (TTL) field and tries an ICMP TIME_EXCEEDED response from every gateway along the path to the To get hold of target host. LFT also processes various TCP, UDP and ICMP packets in order to determine protocol-based routing statistics. LFT can query various information about the networks it traverses. The LFT functions are described in detail in a number of major security books.

origin

LFT was released as 'fft' in 1998. It was because of confusion with the fast Fourier transform (English: Fast Fourier Transform) renamed. LFT stands for 'layer four traceroute', but is often abbreviated as 'layer four trace'.

Web links

Layer Four Traceroute Project

Individual evidence

↑ Extreme Exploits: Advanced Defenses Against Hardcore Hacks (2005) McGraw-Hill ISBN 0-07-225955-8
^ The Tao of Network Security Monitoring (2004) Addison-Wesley ISBN 0-32-124677-2

[1] Extreme Exploits: Advanced Defenses Against Hardcore Hacks (2005) McGraw-Hill ISBN 0-07-225955-8

[2] The Tao of Network Security Monitoring (2004) Addison-Wesley ISBN 0-32-124677-2