Re: Prevent traceroutes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In fact you can do it partially - windows tracert tool is based on ICMP and is easily preventable and routable. *nix traceroute and mtr are based on udp and all you can do is redirect all yer traffic over the other network, which is purely incorrect. The trick is that the user can point any port for udp connection and it still will work and trace. Sorry 4 the disappointment.



On Fri, 20 May 2005 00:07:11 +0200, Kenneth Kalmer <kenneth.kalmer@xxxxxxxxx> wrote:

Guys

How can I prevent users from doing a traceroute through my box using
iptables? Better still, how can I route a traceroute through a
different network than the default one?

Kind regards.




--
www.supportivo.org

I can't stop myself checking for pigs in the outlets. Everybody thinks i'm a punk, cause of the hairstyle(220V).
end


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux