Honeypots mailing list archives
network topology scanner for honeyd
From: Niels Provos <provos () citi umich edu>
Date: Wed, 21 Apr 2004 03:39:06 -0400
Hi, I finally got around to package up the network topology scanner that I wrote for Honeyd last year. Nttlscan is a quick network topology scanner and functions as a highly parallel traceroute(8). It randomly picks destination IP addresses and sends TCP or UDP probes. Returing ICMP messages are interpreted to recon- struct the route that packets take to their respective destination. A short description and a download link can be found at http://www.honeyd.org/tools.php#nttlscan The output looks like follows: 10.29.123.19: 192.122.183.73 198.108.23.248 208.174.224.73 (N!) 10.225.121.111: 192.122.183.77 198.108.23.81 * * * * * 10.90.56.85: 192.122.183.77 198.108.23.248 208.174.224.73 (N!) 10.148.154.148: 192.122.183.81 198.108.23.157 208.172.10.137 208.172.2.102 208.175.10.197 208.172.146.100 208.172.156.10 208.172.146.62 208.172.147.78 166.63.243.182 158.205.192.146 158.205.250.26 210.172.238.146 203.178.73.150 203.178.73.166 203.178.118.178 133.148.1.1 133.148.1.1 (N!) 10.53.111.218: 192.122.183.73 198.108.23.248 208.174.224.73 (N!) 10.232.55.1: 192.122.183.201 192.122.183.10 198.32.8.76 198.32.8.83 198.32.11.62 62.40.96.170 62.40.103.150 146.97.37.81 146.97.33.9 146.97.35.10 146.97.40.50 192.153.213.194 * * * * * * 10.224.129.182: 192.122.183.81 * 66.28.21.233 66.28.66.81 66.28.4.62 66.28.4.85 66.28.4.13 66.28.4.81 154.54.1.190 213.140.39.253 213.140.37.85 213.140.36.57 213.140.36.133 213.140.50.126 213.0.251.129 * 193.152.60.185 (FP!) 10.208.114.133: 192.122.183.73 198.108.23.81 * * * * * 10.67.52.51: 192.122.183.77 * 208.174.224.73 (N!) 10.200.113.22: 192.122.183.73 198.108.23.248 208.174.224.73 208.174.226.85 208.174.226.2 152.63.71.97 152.63.67.121 152.63.3.182 152.63.35.250 152.63.42.93 157.130.43.26 * * * * * * The nttlparse.py Python script that comes with nttlscan can be used to convert the output into a Honeyd virtual routing topology. Hope you like it, Niels. -- We are experiencing the witch hunts of the information age. http://www.ageofignorance.com/
Current thread:
- network topology scanner for honeyd Niels Provos (Apr 22)