GeekInterview.com
  I am new, Sign me up!
 
GeekInterview.com  >  Interview Questions  >  Networking  >  Networks and Security
Go To First  |  Previous Question  |  Next Question 
 Networks and Security  |  Question 39 of 57    Print  
Can traceout command work across the firewall? If No then why? If Yes then why?

  
Total Answers and Comments: 2 Last Update: December 09, 2007     Asked by: arun ahuja 
  
 Sponsored Links

 
 Best Rated Answer

No best answer available. Please pick the good answer available or submit your answer.
December 09, 2007 02:39:34   #1  
bdragomir Member Since: December 2007   Contribution: 3    
RE: Can traceout command work across the firewall? If No then why? If Yes then why?
Short question ...long answer...
Traceroute is using ICMP(type 30) under Windows and UDP under *NIX. To be able to use traceroute via a firewall the firewall needs to allow echo replies/requests. The way traceroute works is by sending packets toward the final destination and incrementing ttl with each packet sent. As such the first packet will have a ttl set to 1 and will target the final destination the first device in the path (the gateway) will send back an echo replay packet 2 will target the same final destination but will have ttl set to 2 ... when a firewall will be hit in the path to final destination if properly configured this should drop the packet and not answer back. Going further the source will send a ICMP-type-30-traceroute packet to the final destination with a ttl with previous ttl (the one dropped by the firewall) + 1; the device behind the firewall will answer IF the firewall is allowing ICMP(type 30) to pass-though and similarly the source will receive the reply IF the firewall is allowing echo reply to pass-through.
 
Is this answer useful? Yes | No
December 09, 2007 02:54:18   #2  
bdragomir Member Since: December 2007   Contribution: 3    
RE: Can traceout command work across the firewall? If No then why? If Yes then why?
Traceroute is based on ICMP type 30 under Windows and UDP under *NIX; traceroute pacjets that would hit the firewall should be dropped similarly any echo replay coming from inside the firewall should be restricted outbound. The answer: traceroute can work via a firewall is firewall is allowing inbound ICMP type 30 and outbound echo reply. !! this should be allowed via internal firewalls ONLY!!
a seconde case is allowing traceroute via firewall outbound with this I do not see any real problem as it can not be used for any device discovery or facilitate any malicious activity unless being used for an attack coming from inside...

 
Is this answer useful? Yes | No

 Related Questions

Latest Answer : ARP stands for Address Resolution Protocol. Application working at the Application Layer uses IP address (Logical Address) for communication and at the Datalink layer the addressing is based on MAC address (Physical address, which is a permanant address ...
How does traceroute work? Now how does traceroute make sure that the packet follows the same path that a previous (with ttl - 1) probe packet went in?
What is difference between ARP & RARP ? How both of these protocols will work, and where will it be used ?
Read Answers (2) | Asked by : ravi
What is the command that is used to identify/list the port no.s used by various applications in Unix/Windows?
Read Answers (3) | Asked by : singh
Latest Answer : Fundamental purpose: 1)Routers are designed to route traffic, not stop it.2)Firewalls are designed to examine and accept/reject traffic. But the both ACL are do the same job. Depending upon our requirments we do our ACL configuration on it. ...
Read Answers (1) | Asked by : shyam
Tags : Firewall
Latest Answer : Traceroute is based on ICMP type 30 under Windows and UDP under *NIX; traceroute pacjets that would hit the firewall should be dropped similarly any echo replay coming from inside the firewall should be restricted outbound. The answer: traceroute can ...
Read Answers (2) | Asked by : arun ahuja
Tags : Firewall
What is Pix Firewall Security? How does it differ from a firewall? 
Latest Answer : CISCO pix firewall security is statefull firewall. It uses ASA Technology ...

 Sponsored Links

 
Related Articles

Linux Thin Client Networks Design and Deployment Review

Linux Thin Client Networks Design and Deployment Review Introduction This book is written by David Richards a veteran Linux thin client network designer Designed for System Administrators Linux Thin Client Networks Design and Deployment goes over the concepts which are related to thin client network
 

Home Networking

Home Networking Home networks are creating the modern day offices at home for individuals who prefer to stay at home while working For domestic usage the home networks found no uses as most people could afford only one computer However there are families that find one computer is not enough for them
 

How EDI work with XML

How EDI work with XML EDI and XML systems have been seen as the opportunity to create a holistic approach to data information exchange that can deliver and process simple durable and effective business transactions by electronic means To achieve this methods must be employed that are not only of val
 

Business Networks and International Business

Business Networks and International Business Internationalizing a Business Network Traditionally only big enterprises and companies had the financial strength to become multi national firms In the present era of information technology small businesses and medium scale businesses have joined together
 

Exploring Business Networking

Exploring Business Networking Introduction to Business Networking With the dawn of globalization and international business opportunities Business Networking is the latest buzz word among the business communities The Business Networking relies on the principle of sharing expertise knowledge skills s
 

Agility in Virtual Business Networks

Agility in Virtual Business Networks Agility means responding to rapid changes and continuous change management With the rapid economic changes and unexpected market behavior the virtual business networks have to adapt themselves to be able to respond in a timely and fast manner Therefore agility pr
 

Smart Business Networks

Smart Business Networks Smart Business network is a creative way of doing business establishing a strong link to achieve effective results better than the conventional business The word smart has been coined to the terminology not only referring to the literal meaning of smartness but also indicates
 

Information Strategy for Business Networks

Information Strategy for Business Networks The world is changing towards better communication setup state of the art information technology with a wide variety of options for small medium and large scale business vendors These business models have sidelined the conventional business methodologies an
 

Assessing Business Networks

Assessing Business Networks The widely popular business networks have different names and are growing in numbers everyday though the internet Names such as Virtual Enterprise Networks Virtual Collaborative Networks Virtual Cluster Networks Virtual Collaborative Supply Chains and Virtual Networked En
 

Freelancer Opportunities in Business Networks

Freelancer Opportunities in Business Networks Definition of Freelancer Freelancing means the process through which individual work from home The freelancers earn money by providing expertise and skills to customers in the virtual Business networks and internet The unique requirement of a freelancer
 

About Us -  Privacy Policy -  Terms and Conditions -  Contact -  Ask Question -  Propose Category -  Site Updates 

Copyright © 2005 - 2009 GeekInterview.com. All Rights Reserved

Page copy protected against web site content infringement by Copyscape