LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-26-2012, 01:48 PM   #1
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Rep: Reputation: 115Reputation: 115
nmap --traceroute ... how to force it to do a specific protocol?


The nmap man page describes:

Code:
   --traceroute (Trace path to host) .
       Traceroutes are performed post-scan using information from the scan results to determine the port and
       protocol most likely to reach the target. It works with all scan types except connect scans (-sT) and
       idle scans (-sI). All traces use Nmap's dynamic timing model and are performed in parallel.
I want to specifically do the traceroute in the SCTP protocol. The objective is NOT to reveal the full route to the host (I have that), but to reveal where along the route that SCTP is being filtered.

Or is there a better tool available to do the trace in the SCTP protocol?
 
Old 02-27-2012, 07:01 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,386

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
looks like you want the -sY flag according to the manpage. The combined request for a traceroute AND an SCTP INIT scan suggests it will do what you want.
 
Old 02-27-2012, 11:24 AM   #3
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Original Poster
Rep: Reputation: 115Reputation: 115
Quote:
Originally Posted by acid_kewpie View Post
looks like you want the -sY flag according to the manpage. The combined request for a traceroute AND an SCTP INIT scan suggests it will do what you want.
I did use -sY and also -sZ. It apparently did scans in SCTP. It could not reach the target in SCTP (blocked in or out I do not know). So when it came to the step to do a traceroute, it did it in TCP, instead, and even stated that it was doing it in TCP because that was more likely to reach the target. That design seems to be intended to answer "What is the path to my target by whatever means that can work" whereas my question is "Where along the path to my target does a specific protocol fail".

And the man page section even says this, so I suspect Nmap may not be able to do what I want. ... "using information from the scan results to determine the port and protocol most likely to reach the target" ... not what I want. I want to specify the port and protocol.

I don't even need to do the scans Nmap does. I just need to do traceroute alone. But I need to do it specifically in SCTP. Apparently the -s options only specify what the scans are done in.

Last edited by Skaperen; 02-27-2012 at 11:27 AM.
 
Old 02-27-2012, 11:32 AM   #4
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Original Poster
Rep: Reputation: 115Reputation: 115
With IP address redacted ...
Code:
marconi/root/x0 /root 63# nmap -sY -p 9900 --traceroute XX.XX.XX.XX

Starting Nmap 5.00 ( http://nmap.org ) at 2012-02-27 12:28 EST
Interesting ports on XX.XX.XX.XX:
PORT      STATE    SERVICE
9900/sctp filtered iua

TRACEROUTE (using port 80/tcp)
HOP RTT   ADDRESS
Then it did a traceroute to the target and got there in TCP.
 
Old 02-27-2012, 11:36 AM   #5
Skaperen
Senior Member
 
Registered: May 2009
Location: WV, USA
Distribution: Slackware, CentOS, Ubuntu, Fedora, Timesys, Linux From Scratch
Posts: 1,777
Blog Entries: 20

Original Poster
Rep: Reputation: 115Reputation: 115
Another annoyance about Nmap is it does not always do the same thing, even though executed with the same exact options. A 2nd run of the above didn't even do a traceroute. Previous runs have chosen other ports in TCP.

Clearly I need another program.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to force specific domain or user specific emails to proces in sendmail 8.13.5 FC5 peanutsa Linux - Newbie 1 03-22-2009 05:33 AM
Force specific refresh for specific resolution miner49er Linux - General 2 03-20-2009 02:36 AM
Linux traceroute/Nmap config help mike160 Linux - Networking 3 09-27-2008 04:40 PM
Force packets to a specific interface glowe Linux - Networking 1 06-13-2007 03:43 PM
nmap and traceroute donot work rsnfunky Linux - Security 3 11-17-2003 09:59 AM


All times are GMT -5. The time now is 05:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration