[c-nsp] Hiding a Cisco Router from a Traceroute
John Kristoff
jtk at northwestern.edu
Fri Oct 21 20:32:43 EDT 2005
On Thu, 20 Oct 2005 17:12:37 +0000
Kristofer Sigurdsson <kristo at ipf.is> wrote:
> Here's how traceroute is done:
>
> The host sends a UDP packet on port 33435 to the host he's
> traceroute'ing to, with a TTL of 1.
You can effectively do a traceroute using any IP protocol and Windows
by default uses ICMP echoes.
I thought someone pointing out that MPLS can hide the topology was
interesting. That would have to be one of the most peculiar reasons
for implementing MPLS though. :-)
I agree with the sentiment expressed in the note I'm replying to that
blocking it is of dubious merit. Hoewver, if you insist, rather than
a router ACL you probably want to look at a more sophisticated firewall
solution.
John
More information about the cisco-nsp
mailing list