Deep dive on traceroute, Firewallking, TCP traceroute and scanning
Вставка
- Опубліковано 7 вер 2024
- This is a session from my CEH class at Stormwind. The class runs over 3 weeks, and we explore various hacking technologies. In this particular session we go over various packet stunts used by attackers for reconnaissance.
I have to say, I am new to the network industry. Going for my CCNP in routing and switching now, however, I learn something new every time I watch one of your video.
Thank you very much. Hopefully one day the entire class can be uploaded. Really valuable stuff!
Thanks a lot, the class material is copy written, I'm working on a new approach but need to start publishing, thanks for the nudge MJ.
Almost wish TTL had an option like sending it with a -1 so it generates the ICMP message on each hop but still continues towards destination.
This video blow my mind. Thanks
Great stuff sir.
absolutely fabulous sir, you are awesome
What is name of the python book you mentioned in the video ?
Great job man
im very new to this, however is firewalking really done by trace routing and then using ping ttl to be dead on arrival but still knock on the door so to speak? or am i completely off the mark?
when PC send packet with TTL1 then which router send error msg local or router2?
Wherever the packet arrives with a TTL of 1, it shouldn't go any further. HTH!
@@RyanLindfield pc1 -r1 - r2 - pc2, so r1 will send ttl expire message first when it see ttl zero after decrementing?
@@nadimpathan7912 That's correct, the router tries to decrement, and when hop limit it hits zero, must drop the packet and return a ICMP TTL expired.
Maybe in networking industry everything works in light speed. But, behind the scenes, for e.g. 200 router hops in path, ICMP makes 200 checking (200 ping-pongs). 200 ping-pongs means 200 x 2 = 400 paths, which from beginning comes longer and longer (increased by one every time). Isn't that a great waste of time? Maybe we humans, do not understand this, but in the background, it really happens. Thank you.
GPON network you only see where its terminated (ISP)
Wikipedia says that ICMP works at L3.
Wikipedia also says the Hunter Biden laptop is Russian disinformation.
@@RyanLindfield haha, true. Well, wouldn’t Wireshark tell us by looking at the structure of the packet?
@@gareginasatryan6761 You bet, if you change the view to "diagram mode" you'll see it in order from the ethernet header carrying IP which carries ICMP header as it's payload.
zenmap, nmap and visualtraceroute are very useful tools that can be used to have resources to deflect a lot of these hacking technologies that are out there. zenmap / nmap can help "map" out on how certain services may work through the internet and how they interconnected. visualtraceroute will assists on locating on where the service may be hosting at geographically and studies on how the communication works with delay if there is.
we just knew
lol