Tool 60: Traceroute TCP (EthIp spoof)

Description:

  This tool lists routers on the path to a computer.
  How traceroute works: IP header contains a field named TTL indicating
  the number of hops a packet can cross. Each router decreases TTL. When
  it reaches 0, the router sends an ICMP Time Exceeded error back to the
  IP source address. Traceroute works by slowly increasing TTL. So, we
  obtain the list of successive routers because each one sends an ICMP
  Time Exceeded.
  This tool sends a TCP SYN to a computer. If host permits TCP, it will
  send back a TCP SYN-ACK (if port is open), or a TCP RST (if port is
  closed).
  This tool also permits to use fake Ethernet and IP addresses.
  
  This tool may need to be run with admin privilege in order to sniff
  and spoof.
   

Synonyms:

  tcptraceroute

Usage:

  netwox 60 -i ip [-d device] [-E eth] [-e eth] [-I ip] [-p port] [-T uint32] [-t uint32] [-m uint32] [-r|+r]

Parameters:

parameter description example
-i|--dst-ip ip destination IP address 5.6.7.8
-d|--device device spoof device Eth0
-E|--src-eth eth source ethernet address 0:a:a:a:a:a
-e|--dst-eth eth destination ethernet address 0:b:b:b:b:b
-I|--src-ip ip source IP address 1.2.3.4
-p|--dst-port port destination port number 80
-T|--min-ttl uint32 min ttl 1
-t|--max-ttl uint32 max ttl 30
-m|--max-ms uint32 max millisecond wait 1000
-r|--resolve|+r|--no-resolve resolve hostname  

Examples:

  netwox 60 -i "5.6.7.8"

  netwox 60 --dst-ip "5.6.7.8"