See TCP/IP Illustrated volume2, page 223 as well as RFC 1122 (section 3.2.2.2) On Mon, Jun 18, 2001 at 04:29:35PM -0400, batz wrote: > On Sun, 17 Jun 2001, paul miles wrote: > > :Does anyone know of methods that can be used to identify systems on a > :network that will forward IP traffic? > : > :Whether they be routers or an NT or Linux system that is set up to route > :traffic with a few static routes set up. > > There are a few different ways to do this, which amount to playing > Find The Router. > > Netmask style: ICMP type 17 (netmask request) to see if it is a part > of a smaller subnet than other hosts on the network. > > Firewalk style: Get the range of IP addresses, choose a reasonable TTL > for your packets that is >= the number of hops you are away from the network > address of the netblock you are scanning, use port 25 or 80 or udp 53 and > watch for TTL exceeded messages from routers. If somthing doesn't respond > at all, increate the TTL by 1 until you either find the host, or it is > totally improbable that there are that many routers that are supressing > icmp unreachable messages. > > SNMP style: Check for ip.ipForward=1 on the interface. > > Routed style: Routed runs on udp/520. > > Zebra style: port 2601 for vty access, along with 179 for BGP and 2605 for > zebra's BGPd. Just check /etc/services for various ports for > routing protocols. There is no garuntee the host is routing, > but if these services are running, it's probably a safe bet. > > > There are some easier ways if you are close to the network, or on it > using source routing, arp information, sniffing etc, but these should > confirm it in most situations. > > -- > batz > Reluctant Ninja > Defective Technologies
This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 10:48:05 PDT