Tcptraceroute

Tcptraceroute is a free traceroute implementation by Michal C. Toren that works with TCP packets. Tcptraceroute can be compiled under Windows and most Unix-like operating systems ; binary packages are also provided for the Linux distributions Debian and Red Hat (a quasi-equivalent for Windows exists under the name tracetcp ).

The traceroute programs common under Microsoft Windows and Unix send ICMP echo or UDP packets. The problem with this is that many routers and firewalls meanwhile block or discard incoming UDP and ICMP packets before the actual destination is reached. TCP packets to an open port , such as port 80 on a web server, on the other hand, cannot be blocked because they represent "legal" communication for routers and firewalls.

Tcptraceroute takes into account load distribution systems, i.e. H. if packets sent multiple times come back from different hosts, Tcptraceroute indicates this. Tcptraceroute still offers the option to detect DNAT .

The results of Tcptraceroute are therefore often more meaningful than those of a “conventional” traceroute.

A program with a similar range of functions is Layer Four Traceroute (LFT).

example

root@xxx:~$ tcptraceroute --track-port --dnat www.wissen.de

Selected device eth0, address 192.168.192.168 for outgoing packets
Tracing the path to www.wissen.de (195.71.125.85) on TCP port 80 (www), 30 hops max
 1  85.214.16.1  0.442 ms  0.291 ms  0.285 ms
 2  81.169.160.197  0.550 ms  0.308 ms  0.301 ms
 3  81.169.160.37  0.660 ms  0.445 ms  0.369 ms
 4  PC1.bln2-g.mcbone.net (194.97.172.145)  0.379 ms  0.349 ms  0.284 ms
 5  lo0-0.lpz2-j2.mcbone.net (62.104.191.208)  4.415 ms  4.335 ms  4.393 ms
 6  ge-2-0-0-0.ffm4-j2.mcbone.net (62.104.191.199)  12.419 ms  12.384 ms  12.396 ms
 7  L0.ffm5-g.mcbone.net (62.104.191.150)  12.554 ms  12.502 ms  12.666 ms
 8  rmws-frnk-de16.nw.telefonica.de (80.81.193.89)  12.604 ms  12.557 ms  12.524 ms
 9  rmwc-frnk-de02-pos-1-2.nw.mediaways.net (213.20.249.197)  12.982 ms  12.942 ms  12.889 ms
10  rmwc-frnk-de01-pos-7-0.nw.mediaways.net (195.71.254.105)  19.635 ms  19.623 ms  19.548 ms
11  rmwc-gtso-de01-pos-1-0.nw.mediaways.net (195.71.254.121)  19.472 ms  19.431 ms  19.377 ms
12  217.188.58.204  19.617 ms  19.730 ms  19.593 ms
      Detected DNAT to 10.231.5.142:81
13  195.71.125.68  19.541 ms
      Detected DNAT to 10.228.16.37:81
    195.71.125.68  19.570 ms  19.621 ms
14  195.71.125.85 [open]  19.636 ms  19.672 ms  21.889 ms

Web links

• michael.toren.net
• Online interface for Tcptraceroute

Individual evidence

1. ↑ tracetcp (Windows implementation)