- About the Author
- About the Technical Editor
- Credits
- Acknowledgments
- Foreword
- Introduction
- CHAPTER 1 Fundamental Networking and Security Tools
- CHAPTER 2 Troubleshooting Microsoft Windows
- CHAPTER 3 Nmap—The Network Mapper
- CHAPTER 4 Vulnerability Management
- CHAPTER 5 Monitoring with OSSEC
- CHAPTER 6 Protecting Wireless Communication
- CHAPTER 7 Wireshark
- CHAPTER 8 Access Management
- CHAPTER 9 Managing Logs
- CHAPTER 10 Metasploit
- CHAPTER 11 Web Application Security
- CHAPTER 12 Patch and Configuration Management
- CHAPTER 13 Securing OSI Layer 8
- CHAPTER 14 Kali Linux
- CHAPTER 15 CISv7 Controls and Best Practices
Tracert
So, now you know that all machines that are on a network need to have an IP address. I live in Denver, Colorado, and one of my best friends, Ryan, lives in Albuquerque, New Mexico. When I send him a message, it does not travel from my house through the wires directly to his house. It goes through “hops” (and not the beer kind, unfortunately for him). These hops are the routers between us.
Tracert is a cool diagnostic utility. It will determine the route the message takes from Denver to Albuquerque by using ICMP echo packets sent to the destination. You've seen ICMP in action before—with the ping command.
ICMP is one of the Internet's original protocols used by network devices to send operational information or error messages. ICMP is not usually used to send data between computers, with the exception of ping and traceroute . It is used to report errors in the processing of datagrams.
Each router along the path subtracts the packets TTL value by 1 and forwards the packet, giving you the time and the intermediate routers between you and the destination. Tracert will print the trace of the packet's travels.
Why is this an important part of your toolkit? This is how you find out where a packet gets stopped or blocked on the enterprise network. There may be a router with a configuration issue. Firewalls can be configured to filter packets. Perhaps your website is responding slowly. If packets are being dropped, this will be displayed in the tracert as an asterisk.
This is a good tool when you have many paths that lead to the same destination but several intermediary routers are involved.
One caveat before Lab 1.4 : As I mentioned previously, most of my strengths lie in Windows machines. If you are on a Linux or Mac/Unix‐type operating system (OS), then you will want to use the tool traceroute . The commands tracert and traceroute are basically the same thing. The difference lies in which OS you are troubleshooting. If you want to get supremely technical, in Linux the command sends a UDP packet. In Windows, it sends an ICMP echo request.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论