The traditional traceroute sends out ICMP ECHO packets with a TTL of one, and increments the
TTL until the destination has been reached. By printing the gateways that generate ICMP time
exceeded messages along the way, it is able to determine the path packets take to reach the
destination.
The problem is that with the widespread use of firewalls on the Internet today, many of the packets
that traceroute sends out end up being filtered, making it impossible to completely trace the path
to the destination.
How would you overcome the Firewall restriction on ICMP ECHO packets?
A.
Firewalls will permit inbound TCP packets to specific ports that hosts sitting behind the firewall
are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO
packets,traceroute can bypass the most common firewall filters.
B.
Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall
are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO
packets,traceroute can bypass the most common firewall filters.
C.
Firewalls will permit inbound UDP packets to specific ports that hosts sitting behind the firewall
are listening for connections. By sending out TCP SYN packets instead of ICMP ECHO
packets,traceroute can bypass the most common firewall filters.
D.
Do not use traceroute command to determine the path packets take to reach the destination
instead use the custom hacking tool JOHNTHETRACER and run with the command
E.
\> JOHNTHETRACER www.eccouncil.org -F -evade
Explanation: