Tool 59: Traceroute TCP

Description:

  This tool lists routers on the path to a computer. To achieve this,
  packets have their TTL (Time To Live) slowly increased. If TTL reaches
  0 in transit, the corresponding router sends back an ICMP error.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
   

Synonyms:

  tcptraceroute

Usage:

  netwox 59 -i ip [-p port] [-s spoofip] [-t uint32] [-m uint32]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-p|--dst-port port destination port number 80
-s|--spoofip spoofip IP spoof initialization type best
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 0

Examples:

  netwox 59 -i "5.6.7.8"

  netwox 59 --dst-ip "5.6.7.8"