Follow us on Twitter!
Understanding is the answer, hatred is the problem, and hackers are the slaves abused and destroyed in the process of peace online - Deshouleres
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 23
Guests Online: 20
Members Online: 3

Registered Members: 82838
Newest Member: w1zarrd
Latest Articles
View Thread

HellBound Hackers | Computer General | Networking

Author

tracert endless loop


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-08-08 14:50
I was trying to trace a host the other day and i saw that the trace entered an infinite loop between 2 ips.

The 10th hop was IP1 (i.e.)
the 11th was IP2
the 12th IP1
and the 14 IP2

and so on.

At about 90 hops i killed the proc Smile

Also the ips was of the same subnet so i smell a firewall or sth.

Any ideas?


Author

RE: tracert endless loop


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 27-08-08 15:22
Longbow wrote:
I was trying to trace a host the other day and i saw that the trace entered an infinite loop between 2 ips. Also the ips was of the same subnet so i smell a firewall or sth. Any ideas?


Not really sure... was it a hostname (DNS) name that you were tracing, or an IP address? If it was a hostname, it could've possibly been bouncing between two DNS servers trying to get the address resolved, but that doesn't seem likely.

IP2 could've possibly been a firewall that was dropping the packets, and IP1 could've been a router that does store-and-forward with data integrity checking features. When a piece of network hardware has data integrity features, it ensures complete delivery of a packet... if the packet doesn't get delivered correctly, it will re-send that one until it makes it. So, to a trace, that could've looked as if the packet hit IP1, hit IP2 (and was dropped), then got re-sent from IP1 (which could've triggered a response loop).

Maybe try using hping or another ping utility that lets you specify a TTL, then set the TTL to the number of hops to IP1. If successful, increment it by 1 and see what happens; it should finish after the first drop. If that's the case, try scoping IP2 with a scanner or try using firewalk.


EDIT: I was close. Here's an excerpt from a site that knows better than I:

'Sometimes you might see a route start “looping” back and forth between two routers, until the 30-hop limit is reached. This is a routing loop. This usually means that one router has lost communication (BGP) with another, and thus has dropped that route. Since the router has lost the route it needs, it sends the packet back where it came from, thinking maybe that is the best route. That router knows better and sends it back to the other one, over and over.'

Source: http://www.exit109.com/~jeremy/news/providers/traceroute.html




Edited by on 27-08-08 15:31