Tracing behind the firewall
Posted Jan 12, 2007 23:27 UTC (Fri) by rise
Parent article: Tracing behind the firewall
As Zalewski acknowledges in the full-disclosure thread,
0trace is very similar to Dan Kaminski's paratrace (parasitic traceroute) from a few years ago. The primary difference seems to be that it's sacrificing the original connection for a better success rate. I suspect that this is a tradeoff based on when the tools were written, paratrace always worked very well for me. In fact it's very unfortunate that the paketto keiretsu suite doesn't compile on anything modern, there are some great tools for any admin in there. The scanrand stateless port and address scanner makes enumerating all the hosts in a large block and verifying they're not running anything they shouldn't be much faster than using traditional port scanners.
All in all, 0trace still looks like a very useful tool on rare occasions.
to post comments)