Penetration Testing mailing list archives
Re: Layer 2 Trace
From: Carles Fragoso i Mariscal <cfragoso () cesca es>
Date: Fri, 02 Dec 2005 16:39:23 +0100
Layer2 on Ethernet doesn't have any hop counter such as TTL on IPv4 header, that's why Spanning-Tree-Protocol is needed to avoid loops on network topology. In order to know a layer 2 path, that feature that has to be provided by the vendor on the switching devices in the path. Cisco calls it "Layer 2 Traceroute utility" and it mainly relies on the Cisco Discovery Protocol (CDP) feature. "traceroute mac" or "traceroute mac ip" CLI commands are the answer. :) http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a00804357b3.html#wp1122528
You can enter the traceroute mac or the traceroute mac ip privileged EXEC command on a switch that is not in the Layer 2 path from the source device to the destination device. All devices in the path must be reachable from this switch.
The traceroute mac command output shows the Layer 2 path only when the specified source and destination MAC addresses belong to the same VLAN. If you specify source and destination MAC addresses that belong to different VLANs, the Layer 2 path is not identified and an error message appears.
The Layer 2 traceroute utility identifies the Layer 2 path that a packet takes from a source device to a destination device. Layer 2 traceroute supports only unicast source and destination MAC addresses. The utility determines the path by using the MAC address tables of the switches in the path. When the Layer 2 traceroute utility detects a device in the path that does not support Layer 2 traceroute, it continues to send Layer 2 trace queries and allows them to time out.
Regards, riftman wrote:
Hello, I would like to know if it is possible to do like a traceroute but on layer 2. I need to see the equipment that is between source and target machines. Thanks in advance; PS: Sorry my English, this is my first post ... be kind
--------------------------------------------------------------------- Carlos Fragoso Mariscal - Network & Security Engineer/Incident Handler Anella Cientifica RREN Incident Response Team (ERIAC) AS13041 CFM1-RIPE Communications and Operations Dept.-Supercomputing Center of Catalonia CCNA CCNP* GSEC GCFW GCIH GREM GHTQ SSP-MPA cfragoso () cesca es phone:+34932056464 fax:+34932056979 inocdba:13041*CFM pgp:0x0E4EDE07 335C CB9F 84E8 85E9 A62B EF3A 102F 01FF 0E4E DE07 --------------------------------------------------------------------- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Layer 2 Trace riftman (Dec 02)
- Re: Layer 2 Trace James Eaton-Lee (Dec 03)
- Re: Layer 2 Trace Gary E. Miller (Dec 04)
- Re: Layer 2 Trace James Eaton-Lee (Dec 04)
- Re: Layer 2 Trace Gary E. Miller (Dec 04)
- Re: Layer 2 Trace Carles Fragoso i Mariscal (Dec 03)
- Re: Layer 2 Trace Francois Labreque (Dec 03)
- Re: Layer 2 Trace James (Dec 05)
- R: Layer 2 Trace Massimo Baschieri (Dec 06)
- Re: R: Layer 2 Trace James (Dec 27)
- Re: R: Layer 2 Trace Maciek Dudek (Dec 28)
- R: Layer 2 Trace Massimo Baschieri (Dec 06)
- Re: Layer 2 Trace James Eaton-Lee (Dec 03)
- <Possible follow-ups>
- RE: Layer 2 Trace Dario Ciccarone (dciccaro) (Dec 03)
- Re: Layer 2 Trace riftman (Dec 03)
- Re: Layer 2 Trace Cedric Blancher (Dec 04)
- RE: Layer 2 Trace Kyle Quest (Dec 05)