On Tue Oct 26 2004 at 16:37, Thomas Springer wrote: > TCP-Traceroute is different!
No. traceroute.nasl starts with TCP traceroute. > tcptraceroute pages.ebay.de 80 > 2 217.5.209.2 (217.5.209.2) 0.413 ms 0.482 ms 0.391 ms > 3 m-ea1.m.de.net.dtag.de (62.154.10.157) 0.462 ms 0.476 ms 0.577 > ms > 4 paix-gw12.SFO.US.net.DTAG.DE (62.154.5.245) 174.570 ms 173.888 > ms 173.887 ms > 5 62.159.124.58 (62.159.124.58) 175.358 ms 175.000 ms 176.118 ms > 6 66.135.207.54 (66.135.207.54) 176.008 ms 177.131 ms 180.360 ms > 7 10.6.1.30 (10.6.1.30) 179.083 ms 173.245 ms 175.367 ms > 8 10.8.1.106 (10.8.1.106) 173.462 ms 173.378 ms 173.474 ms > 9 * * * > 10 pages.ebay.de (66.135.208.85) [open] 173.799 ms 175.331 ms > 173.942 ms Same result with nasl -t pages.ebay.de traceroute.nasl: [snip] 62.154.5.245 62.159.124.58 66.135.207.234 10.6.1.74 ? 66.135.192.85 > Besides implementing a TCP-Trace as plugin I'm not happy with the > behaviour of traceroute.nasl (plugin #10287). The current plugin is _much_ better than the older one, and much more efficient that all traceroute commands I know. > It does tcp, udp and icmp, but > it stops after the first successful trace Precisely: It runs a TCP traceroute. If it starts dropping packets it switches to UDP. If it works it goes on with UDP. If it starts dropping packets again it switches to ICMP Ping and keeps ICMP as long as it works. If packets are dropped, it switches back to TCP (then UDP, then ICMP, etc.) When all three protocols fail in a row, it stops. > it doesn't tell wich trace was successful Because it can be all of them. > it has no port-management for tcptrace. It has. > Or did I get the nasl-code wrong? I'm afraid so. > 4) finally a notification if the traces differ What would be the use of this? _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
