TCtrace is like a brother to itrace and traceroute but it uses TCP SYN packets to trace. This makes it possible for you to trace through firewalls if you know one TCP service that is allowed to pass from the outside. Once again its a very simple tool like the last few I have reviewed and it has one specific function.

Lets have a look at the options:

root@666:~# tctrace -h
tctrace: invalid option -- 'h'
Usage: tctrace [-vn] [-pX] [-mX] [-tX] [-DX] [-SX] -i<dev> -d<destination>

-v      verbose
-n      reverse lookup IPs
-pX     send X probes (default=3)
-mX     maximum TTL (default=30)
-tX     timeout X sec (default=3)
-DX     destination port (default=80)
-SX     source port (default=1064)
-i<dev> use this device
-d<des> trace to this destination

The options are fairly simple. Once again this tool is a little dated and does not work well on the open internet. Most system admins have looked the systems down against this sort of thing. These types of tools are still pretty useful on internal networks.

Here is a example (which fails) of trying to use the tool on google:

root@666:~# tctrace -v -i eth0 -D 80 -S 80 -d
Tracing with TCP SYNs to
Timeout 3, interface eth0
 1(1)   Timeout
 1(2)   Timeout
 1(3)   Timeout
1(all)  Timeout
 2(1)   Timeout
 2(2)   Timeout
 2(3)   Timeout
2(all)  Timeout
 3(1)   Timeout
 3(2)   Timeout
 3(3)   Timeout
3(all)  Timeout
 4(1)   Timeout
 4(2)   Timeout
 4(3)   Timeout

Here is a example of using the tool internally against a firewall using ssh ports:

root@666:~# tctrace -v -i eth0 -D 22 -S 22 -d
Tracing with TCP SYNs to
Timeout 3, interface eth0
 1(1)   [] (reached; open)

Once again, not such a fancy tool but it has its uses.

Hacking Exposed: Network Security Secrets and Solutions, Sixth Edition (Paperback)

By (author): Stuart McClure, Joel Scambray, George Kurtz

List Price: $49.99 USD
New From: $7.80 USD In Stock
Used from: $3.91 USD In Stock

Tags: , , , , , , , , , , , , ,
2 Responses to “Backtrack 4: Information Gathering: Route: Tctrace – Traceroute with tcp/syn”
Leave a Reply

*Type the letter/number combination in the abvoe field before clicking submit.