[c-nsp] Hidiing a traceroute

techtalm at gmail.com techtalm at gmail.com
Sat Oct 10 16:32:35 EDT 2009


Not so accurate, in an MPLS network you can disable the process which copies
the IP TTL from the header to the label and vice verse. By doing that you
are "hiding" the MPLS core routers from a traceroute operation.

As for an IP network you can either discard or drop an ICMP type 8 (echo
request)
And by that block the traceroute operation, The user will get asterisks
marks instead of the IP of the router. 

MTC.

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Hector Herrera
Sent: Saturday, October 10, 2009 9:55 PM
To: Jason Alex
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Hidiing a traceroute

On Sat, Oct 10, 2009 at 12:21 PM, Jason Alex <amr.ccie at gmail.com> wrote:
> Dear All,
>             I want to hide a traceroute hops inside my network
> i know you can hide the traceroute inside an MPLS network
>
> can we hide also the traceroute inside an IP network
>
> Thanks In advance
>
> Regards
> Jason
> CCIE#24775

An MPLS network hides the network hops because as far as the packet is
concerned, the MPLS network is a tunnel with no router hops.

To hide a traceroute inside a L3 network, you need to block ICMP
TTL-expired messages from the hops you want to hide.  However, the
hops will still be visible since every router decrements the TTL by
one, and the traceroute source will notice it is missing TTL-expired
messages from your hidden hops.

Hector
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
No virus found in this incoming message.
Checked by AVG - www.avg.com 
Version: 8.5.421 / Virus Database: 270.14.9/2427 - Release Date: 10/10/09
06:39:00



More information about the cisco-nsp mailing list