Tcptraceroute：基于TCP数据包的路由跟踪器

现代网络广泛使用防火墙，导致传统路由跟踪工具发出的（ICMP应答（ICMP echo）或UDP）数据包都被过滤掉了，所以无法进行完整的路由跟踪。尽管如此，许多情况下，防火墙会准许反向（inbound）TCP数据包通过防火墙到达指定端口，这些端口是主机内防火墙背后的一些程序和外界连接用的。通过发送TCP SYN数据包来代替UDP或者ICMP应答数据包，tcptraceroute可以穿透大多数防火墙。

下载链接：http://down.51cto.com/data/161567

>>去网络安全工具百宝箱看看其它安全工具

一、LIBPCAP:

下载：libpcap

http://down.51cto.com/data/161564 下载 libpcap-0.8.3.tar.gz

安装：

tarzxvf~lonen/Testing-pt/libpcap-0.8.3.tar.gz 

./configure--without-flex--without-bison--prefix=/usr/local/libpcap

二、LIBNET:

下载：libnet

http://down.51cto.com/data/161565 下载libnet-1.0.2a.tar.gz

安装：

tarzxvf~lonen/Testing-pt/libnet-1.0.2a.tar.gz 
ln-sLibnet-1.0.2a/libnet 
cdlibnet/ 
./configure--prefix=/usr/local/libnet 
make 
moreREADME 
makeinstall;makesupp;makeutil 
makeinstall 
makesupp

三、TCPTRACEROUTE:

下载：tcptraceroute

http://down.51cto.com/data/161567 下载1.5.tar.gz

阅读安装帮助，牢记，养成阅读英文的习惯，工作效率也能够提高很多。真正的心得。

[root@softtcptraceroute-1.5beta7]#./configure--prefix=/usr/local/tcptraceroute\ 
>--with-libpcap=/usr/local/libpcap\ 
>--with-libnet=/usr/local/libnet\ 
>--enable-static 
make;makeinstall 
[root@softbin]#cptcptraceroute/bin/ 
[root@softbin]#tcptraceroute--help 

tcptraceroute1.5beta7 
Copyright(c)2001-2006MichaelC.Toren<mct@toren.net>
Updatesareavailablefromhttp://michael.toren.net/code/tcptraceroute/ 

Usage:tcptraceroute[-nNFSAE][-i<interface>][-f<firstttl>] 
[-l<packetlength>][-q<numberofqueries>][-t<tos>] 
[-m<maxttl>][-pP]<sourceport>][-s<sourceaddress>] 
[-w<waittime>]<host>[destinationport][packetlength]

-n 
Displaynumericoutput,ratherthandoingareverseDNSlookupforeachhop.Bydefault,reverselookupsareneverattemptedonRFC1918 

addressspace,regardlessofthe-nflag. 
-N 
PerformareverseDNSlookupforeachhop,includingRFC1918addresses. 
-f 
SettheinitialTTLusedinthefirstoutgoingpacket.Thedefaultis1. 
-m 
SetthemaximumTTLusedinoutgoingpackets.Thedefaultis30. 
-p 
UsethespecifiedlocalTCPportinoutgoingpackets.Thedefaultistoobtainafreeportfromthekernelusingbind(2).Unlikewithtraditional 

traceroute(8),thisnumberwillnotincreasewitheachhop. 
-s 
Setthesourceaddressforoutgoingpackets.Seealsothe-iflag. 
-i 
Usethespecifiedinterfaceforoutgoingpackets. 
-q 
Setthenumberofprobestobesenttoeachhop.Thedefaultis3. 
-w 
Setthetimeout,inseconds,towaitforaresponseforeachprobe.Thedefaultis3. 
-S 
SettheTCPSYNflaginoutgoingpackets.Thisisthedefault,ifneither-Sor-Aisspecified. 
-A 
SettheTCPACKflaginoutgoingpackets.Bydoingso,itispossibletotracethroughstatelessfirewallswhichpermitoutgoingTCPconnections. 
-E 
SendECNSYNpackets,asdescribedinRFC2481. 
-t 
SettheIPTOS(typeofservice)tobeusedinoutgoingpackets.ThedefaultisnottosetanyTOS. 
-F 
SettheIP"don'tfragment"bitinoutgoingpackets. 
-l 
Setthetotalpacketlengthtobeusedinoutgoingpackets.Ifthelengthisgreaterthantheminimumsizerequiredtoassemblethenecessaryprobe 

packetheaders,thisvalueisautomaticallyincreased. 
-d 
Enabledebugging,whichmayormaynotbeuseful. 

-i指定接口，网络接口 
-f起初第几条开始，比如5,开始显示第5跳的结果 
-ltraceroute包的长度 
-q查询的数字号 
-ttos 
-m***的TTL 
-s源地址，如果服务器有两块网卡，就可以采用指定-s的源地址路由，在所有的tracert/traceroute都有这样的基本功能 
-w等待的时间 
host指定要TRACEROUTE的一个IP或者是域名www.bloghacker.cn

#p#

四、真是有效的测试记录对比：

[root@soft~]#traceroute-w2-q1-f5www.singtel.com.sg 
traceroutetowww.singtel.com.sg(203.208.248.10),30hopsmax,38bytepackets 
5219.158.4.66(219.158.4.66)27.322ms 
6219.158.3.198(219.158.3.198)27.664ms 
7203.208.151.17(203.208.151.17)92.729ms 
8GigabitEthernet6-0.sngtp-ar2.ix.singtel.com(203.208.183.19)108.016ms 
9202.160.250.226(202.160.250.226)83.829ms 
10203.208.232.50(203.208.232.50)91.525ms 
11203.208.232.57(203.208.232.57)83.972ms 
12* 
13* 
14* 
15* 
16* 
17* 
18* 
19* 
20* 
21* 
22* 
23* 
24* 
25* 
26* 
27* 
28* 
29* 
30*

现在看看tcptraceroute:

[root@soft~]#tcptraceroute-f1www.singtel.com.sg 
Selecteddeviceeth0,address61.51.18.130,port34733foroutgoingpackets 
Tracingthepathtowww.singtel.com.sg(203.208.248.10)onTCPport80(http),30hopsmax 
161.51.18.12.512ms1.543ms1.783ms 
2202.96.13.1691.548ms11.025ms6.981ms 
3202.106.192.1577.470ms8.355ms4.358ms 
4219.158.4.654.590ms5.006ms2.284ms 
5219.158.4.6626.886ms30.142ms25.995ms 
6219.158.3.19828.820ms26.171ms28.981ms 
7203.208.151.1792.619ms92.521ms96.665ms 
8GigabitEthernet6-0.sngtp-ar2.ix.singtel.com(203.208.183.19)98.351ms97.487ms97.133ms 
9202.160.250.22683.047ms83.592ms83.252ms 
10203.208.232.5091.092ms90.978ms91.000ms 
11203.208.232.5783.049ms82.607ms82.000ms 
12203.208.248.10[open]83.971ms82.609ms84.863ms 
_____________________________________完成TRACEROUTE

五、补充：route的配置静态路由表Linux

route命令主要用于手动配置静态路由表

#routeaddnetremote_net_ipgateway_ip1 

例：增加一条通过网关到达令一子网的路由

其中add代表要增加路由，net表示路由到达的是一个网络而不是一台主机，1代表远端网络需通过网关才能到达

(直接通过网络接口相连时，该参数用0)

命令格式：

#routeadd-netremote_net_ipgateway_ip-netmasknetmask 
#routeadd-hosthost_iplocal_interface_ip-interface

六、HPING

1、下载hping 源代码包

wget http://www.hping.org/hping3-20051105.tar.gz

2、安装帮助文档，仔细看看，在LINUX./BSD的环境下完成；

Linux 
----- 

please,followsthissteps: 

$./configure(firsttry./configure--help) 
$viMakefile(optional) 
$make 
$su 
#makeinstall 

FreeBSD,OpenBSD,NetBSD 
------------------------ 

Youwillneedthelibpcapandthegmakeutilityinstalledonyoursystem. 

$./configure 
$gmake 
$su(orcalife) 
#gmakeinstall 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
NOTE:Youshouldtakecareaboutyournet/bpf.hfileinstallingon 
BSDsystems(speciallywithOpenBSD).Ifyouroriginalbpf.hwas 
overwrittenwiththelibpcaponeprobablyhpingwillnotwork 
withoversomeinterface. 

Forexampleifyouusethelibpcapbpf.honOpenBSDhpingwill 
notworkoverPPPinterfaces. 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3、正式完成，加载LIBPCAP

[root@softhping3-20051105]#./configure--prefix=/usr/local/hping--with-libpcap=/usr/local/libpcap 

make;makeinstall

七、其他