How do I find out what hop is not forwarding traffic on a specific port?

Looking for a way to find out who or what device is blocking traffic
on a specific port.  Sort of like a trace route tool where you could
designate the port to test with (UDP/TCP).  I realize that UDP may be
hard to do since it is a connectionsless protocol.

Anybody?  Thanks in advanced.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

I'm not totally sure, but I believe your looking for a tool like Netcat.

http://netcat.sourceforge.net/

-Outbound and inbound connections, TCP or UDP, to or from any ports.
-Built-in port-scanning capabilities, with randomizer.

Basically you need to setup Netcat like tracert/route and specify UDP/TCP
and the port.

Hope this helps
 
Philippe Rivest - CEH, Network+, Server+, A+
TransForce Inc.
Internal auditor - Information security
Verificateur interne - Securite de l'information

8585 Trans-Canada Highway, Suite 300
Saint-Laurent (Quebec) H4S 1Z6
Tel.: 514-331-4417  
Fax: 514-856-7541

http://www.transforce.ca/


-----Message d'origine-----
De : listbounce@... [mailto:listbounce@...] De
la part de Phunkodelic
Envoyé : 5 novembre 2009 13:01
À : security-basics@...
Objet : How do I find out what hop is not forwarding traffic on a specific
port?

Looking for a way to find out who or what device is blocking traffic
on a specific port.  Sort of like a trace route tool where you could
designate the port to test with (UDP/TCP).  I realize that UDP may be
hard to do since it is a connectionsless protocol.

Anybody?  Thanks in advanced.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------

On 2009-11-05 Phunkodelic wrote:
> Looking for a way to find out who or what device is blocking traffic
> on a specific port.  Sort of like a trace route tool where you could
> designate the port to test with (UDP/TCP).  I realize that UDP may be
> hard to do since it is a connectionsless protocol.

On Unix-like systems use tcptraceroute for TCP and the normal traceroute
for UDP packets (option -p). On Windows you can use tracetcp [1] for TCP
packets, but I don't know a tool for tracing UDP packets (tracert does
not support this).

[1] http://tracetcp.sourceforge.net/

Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

  Most versions of traceroute use either ICMP or UDP, both of which are
connectionless.  The
methods used by traceroute don't depend on using a connection-oriented
protocol, and it should
be possible to adapt the mechanisms used by traceroute to this purpose --
odds are that someone
has already done so and it's just a case of finding their tool.

David Gillett

-----Original Message-----
From: Phunkodelic [mailto:phunkodelic@...]
Sent: Thursday, November 05, 2009 10:01
To: security-basics@...
Subject: How do I find out what hop is not forwarding traffic on a specific
port?

Looking for a way to find out who or what device is blocking traffic on a
specific port.  Sort of like a trace route tool where you could designate
the port to test with (UDP/TCP).  I realize that UDP may be hard to do since
it is a connectionsless protocol.

Anybody?  Thanks in advanced.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate.  We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727
d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Perhaps firewalk will solve that question? I'm not sure I completely
understood the problem, but if you're having a firewall/router in
front of a network and wants to map the firewall's rulebase than
perhaps firewalk could help.
But you will have to know a host on the inside network of the filtering devices.
The method will only work at level 3 firewalls/filtering devices.
You let firewalk calculate the TTL so that TTL is 1 when you get to
the firewall/router/filtering device. If the firewall is letting the
traffic through, the TTL will reach 0 and a ICMP message is returned.
If the fw is not letting the traffic through, the packet is simply
dropped.

/ Alex

2009/11/5 Phunkodelic <phunkodelic@...>:
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Phunkodelic wrote:
> Looking for a way to find out who or what device is blocking traffic
> on a specific port.  Sort of like a trace route tool where you could
> designate the port to test with (UDP/TCP).  I realize that UDP may be
> hard to do since it is a connectionsless protocol.
>

What you want is hping:
        http://www.hping.org/

Use something like:
        hping --traceroute [--udp] -p DESTPORT DESTIP


I think Fyodor's new nping utility has similar capabilities, too.

Hope this helps!

Jon K
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-813-2924
s: 843-564-4224
s: JonRKibler
e: Jon.Kibler@...
e: Jon.R.Kibler@...
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAksF4b4ACgkQUVxQRc85QlMu7QCgoahH4AVguqN4yA1EfV1affD1
91AAn2Y4SV7ZGO8iSMeWCUKIlOq/xQOS
=YIr+
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

From Linux you can do this.

traceroute -T -p 80 www.google.com
traceroute -U -p 53 a.root-servers.net.

Note that the DNS one above seems to fail when it actually gets to the DNS server as it's not a valid packet and therefore discarded by the server.

Good Luck

-----Original Message-----
From: listbounce@... [mailto:listbounce@...] On Behalf Of Alex Fiuvertiz
Sent: Wednesday, November 18, 2009 3:11 PM
To: Phunkodelic
Cc: security-basics@...
Subject: Re: How do I find out what hop is not forwarding traffic on a specific port?

Perhaps firewalk will solve that question? I'm not sure I completely
understood the problem, but if you're having a firewall/router in
front of a network and wants to map the firewall's rulebase than
perhaps firewalk could help.
But you will have to know a host on the inside network of the filtering devices.
The method will only work at level 3 firewalls/filtering devices.
You let firewalk calculate the TTL so that TTL is 1 when you get to
the firewall/router/filtering device. If the firewall is letting the
traffic through, the TTL will reach 0 and a ICMP message is returned.
If the fw is not letting the traffic through, the packet is simply
dropped.

/ Alex

2009/11/5 Phunkodelic <phunkodelic@...>:
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


Confidentiality Note: This e-mail message and any attachments may contain
confidential or privileged information. If you are not the intended recipient,
please notify me immediately by replying to this message and destroy all
copies of this message and any attachments. Thank you.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

On Wed, 2009-11-18 at 21:10 +0100, Alex Fiuvertiz wrote:
>
> Perhaps firewalk will solve that question?

Agreed. Last host responding is usually the culprit. A little loose
source route trickery may also be helpful. I did a write up on both
techniques a while back located here:
http://www.chrisbrenton.org/2009/08/network-mapping-through-a-firewall-part-1/

HTH,
Chris
--
www.chrisbrenton.org


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------