Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Paratrace

  1. #1
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default Paratrace

    Has anyone got Paratrace to work in BT2?
    dd if=/dev/swc666 of=/dev/wyze

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I haven't tried. I usually use trace route in windows but Ill give it a go tomorrow. Always love a challenge. What kind of compile errors if any did you get?

  3. #3
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by purehate View Post
    I haven't tried. I usually use trace route in windows but Ill give it a go tomorrow. Always love a challenge. What kind of compile errors if any did you get?
    It comes compiled in BT2.... but I'm not sure if I hosed the libraries it needs by upgrading some of the packages in BT; I'll have to try a fresh ISO to see if it works out of the box.

    I'm getting a ton of nasty errors. The package from Paketto includes a readme that mentions a backwards compatibility issue with libnet 1.1.1 > and that 1.0.2 has to be used, so tomorrow I may install / symlink the older libnet and see where that gets me.

    I've been itching to try paratrace out ever since I read about it in a new book I have. The source gzip comes with another cool tool (that I haven't been able to get to work outside of my subnet) called scanrand, which supposively has been noted in scanning an entire class B network (65K+ hosts) for web servers with 8000 hits in 4 seconds (achieves this by firing off syn packets making no effort to retain session state).

    I'm too beat to attempt to get it compiled tonight; tomorrow is another day to play
    dd if=/dev/swc666 of=/dev/wyze

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I cant seem to get scanrad to work on the out side either. the command completes but with no type of output. I got paratrace to work though. It was weird though I issued the command and it hung forever but then I opened a new shell and pinged google and then I got the out put.......

    pureh@te ~ # paratrace -b100k www.google.com
    Waiting to detect attachable TCP connection to host/net: www.google.com
    209.85.165.104:80/32 1-16
    UP: 209.85.165.104:80 [12] 23.554s
    001 = 192.168.1.1|80 [01] 23.565s( 192.168.1.102 -> 209.85.165.104 )
    002 = 75.138.184.1|80 [01] 23.576s( 192.168.1.102 -> 209.85.165.104 )
    003 = 75.128.22.17|80 [03] 23.599s( 192.168.1.102 -> 209.85.165.104 )
    005 = 144.232.212.249|80 [05] 23.625s( 192.168.1.102 -> 209.85.165.104 )
    006 = 144.232.22.13|80 [06] 23.633s( 192.168.1.102 -> 209.85.165.104 )
    008 = 144.232.20.115|80 [08] 23.664s( 192.168.1.102 -> 209.85.165.104 )
    009 = 144.223.47.234|80 [10] 23.672s( 192.168.1.102 -> 209.85.165.104 )
    007 = 144.232.12.30|80 [07] 23.681s( 192.168.1.102 -> 209.85.165.104 )
    010 = 72.14.136.12|80 [11] 23.681s( 192.168.1.102 -> 209.85.165.104 )
    012 = 216.239.43.142|80 [12] 23.712s( 192.168.1.102 -> 209.85.165.104 )
    011 = 72.14.139.21|80 [12] 23.720s( 192.168.1.102 -> 209.85.165.104 )

    I of course changed a few numbers to protect the innocent.

  5. #5
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by purehate View Post
    I cant seem to get scanrad to work on the out side either. the command completes but with no type of output. I got paratrace to work though. It was weird though I issued the command and it hung forever but then I opened a new shell and pinged google and then I got the out put.......
    VERY COOL! ... I'm going to try that method when I get home this evening; hopefully the fix will be just as simple for me (I've probably spent a total of 4 hours trying to get it to work over the last few days)...
    dd if=/dev/swc666 of=/dev/wyze

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    I got paratrace to work though. It was weird though I issued the command and it hung forever but then I opened a new shell and pinged google and then I got the out put.......
    This makes sense based on the description of the tool:
    Paratrace traces the path between a client and a server, much like "traceroute", but with a major twist: Rather than iterate the TTLs of UDP, ICMP, or even TCP SYN packets, paratrace attaches itself to an existing, stateful-firewall-approved TCP flow, statelessly releasing as many TCP Keepalive messages as the software estimates the remote host is hop-distant. The resultant ICMP Time Exceeded replies are analyzed, with their original hopcount "tattooed" in the IPID field copied into the returned packets by so many helpful routers. Through this process, paratrace can trace a route without modulating a single byte of TCP/Layer 4, and thus delivers fully valid (if occasionally redundant) segments at Layer 4 -- segments generated by another process entirely.
    Unless the traffic is originating from you or you were dual homed and it was flowing 'through' you I don't see how you could "attach" to it.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  7. #7
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by thorin View Post
    paratrace attaches itself to an existing, stateful-firewall-approved TCP flow
    My hampster wheel is finally squeaking ...thanks for outlining that Thorin
    dd if=/dev/swc666 of=/dev/wyze

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by thorin View Post
    This makes sense based on the description of the tool:
    Unless the traffic is originating from you or you were dual homed and it was flowwing 'through' you I don't see how you could "attach" to it.
    So thats why we're supposed to RTFM!!!!!!!!

  9. #9
    Just burned his ISO
    Join Date
    Jun 2007
    Posts
    14

    Default

    after reading up and seeing this tool in action it seems far more powerful in mapping external and internal networks...I just don't know how to use it! haha

    it seems to work in BT2, but it sits waiting to detect attachable TCP connection..

    hopefully i'll figure this badboy out!

    **scanrand and paratrace seem to hang, i wonder if its a BT2 issue or me, anyone confirm?

  10. #10
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    2

    Default

    Has anyone managed to get this working?

    I've been trying to get it working on BT3 beta but I just get errors trying to install.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •