LFT traceroute tool

LFT traceroute toolDecember 21st, 2006

« PHPMailer tutorialArp Packet Hacking »

LFT: The alternative traceroute and whois tools for network (reverse) engineers.

LFT, short for Layer Four Traceroute, is a sort of ‘traceroute’ that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name lookups, et al.

What makes LFT unique?

LFT is the all-in-one traceroute tool because it can launch a variety of different probes using both UDP and TCP layer-4 protocols. For example, rather than only launching UDP probes in an attempt to elicit ICMP “TTL exceeded” from hosts in the path, LFT can send TCP SYN or FIN probes to target arbitrary services. Then, LFT listens for “TTL exceeded” messages, TCP RST (reset), and various other interesting heuristics from firewalls or other gateways in the path. LFT also distinguishes between TCP-based protocols (source and destination), which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 (IP) hops. With LFT’s verbose output, much can be discovered about a target network.

About

LFT (Layer Four Traceroute) is a sort of “traceroute” that often works much faster than the commonly-used Van Jacobson method and goes through many configurations of packet-filter based firewalls. More importantly, LFT implements numerous other features, including AS number lookups through several reliable sources, loose source routing, netblock name lookups, and more. LFT also distinguishes between TCP-based protocols, which make its statistics slightly more realistic, and gives a savvy user the ability to trace protocol routes, not just layer-3 hops.

• LFT Home Page
• LFT Project Page at Freshmeat.net

nslookup,dns,ping,whois

« PHPMailer tutorialArp Packet Hacking »