[Dshield] Questions about traceroute

lserv@shaw.ca lserv at shaw.ca
Tue Jun 25 03:36:50 GMT 2002


I see this from the Telus network
(snip)((west coast))
4    30 ms    29 ms    29 ms  rc1bb-pos15-0.vc.shawcable.net
[66.163.69.70]
5    28 ms    29 ms    29 ms  rc1wt-pos2-2.wa.shawcable.net
[66.163.76.54]
6    78 ms    77 ms    77 ms  rc1ch-pos1-0.il.shawcable.net
[66.163.76.42]
7    92 ms    90 ms    85 ms  206.220.243.177
8   103 ms    95 ms    97 ms  p15-0.core02.ord01.atlas.cogentco.com
[66.28.4.6
 
9   142 ms   128 ms   117 ms  p12-0.core01.mci01.atlas.cogentco.com
[66.28.4.3
 
0   143 ms   140 ms   139 ms  p5-0.core02.dfw01.atlas.cogentco.com
[66.28.4.37
 
1   140 ms   132 ms   152 ms  p15-0.core01.dfw01.atlas.cogentco.com
[66.28.4.2
 
2   126 ms   133 ms   132 ms  p13-0.core01.iah01.atlas.cogentco.com
[66.28.4.9
 
3   156 ms   151 ms   153 ms  p14-0.core01.san01.atlas.cogentco.com
[66.28.4.6
 
4   158 ms   163 ms   170 ms  p4-0.core01.lax01.atlas.cogentco.com
[66.28.4.77
 
5   159 ms   158 ms   156 ms
g49.ba01.b000899-0.lax01.atlas.cogentco.com [66.
.6.242]
6   153 ms   153 ms   150 ms  USC_ISI-Los-Nettos.demarc.cogentco.com
[66.28.28
4]
7   150 ms   149 ms   146 ms  130.152.180.22
8   182 ms   162 ms   159 ms  acg-isi.ln.net [130.152.136.2]

-----Original Message-----
From: list-admin at dshield.org [mailto:list-admin at dshield.org] On Behalf
Of Mercy
Sent: Monday, June 24, 2002 6:05 PM
To: DS mailing list
Subject: [Dshield] Questions about traceroute


I looked up an IP of someone who keeps port scanning me on ports 27374 &
12345 at samspade.org...
 
Traceroute confuses me... i also see it says (fake dns).  What's that
mean?  that they spoofed an IP?

thanks
 
traceroute 24.202.194.32
                                           
 
      3    130.152.80.30    9.849 ms   isi-1-lngw2-pos.ln.net [AS226]
Los Nettos origin AS
      4    4.24.4.249       9.123 ms
gigabitethernet5-0.lsanca1-cr3.bbnplanet.net [AS1] GTE Internetworking
      5    4.24.4.2         9.945 ms   p6-0.lsanca1-cr6.bbnplanet.net
[AS1] GTE Internetworking
      6    4.24.5.49        6.646 ms   p6-0.lsanca2-br1.bbnplanet.net
[AS1] GTE Internetworking
      7    4.24.5.58        10.554 ms  p15-0.snjpca1-br1.bbnplanet.net
[AS1] GTE Internetworking
      8    4.24.9.130       10.421 ms  p9-0.snjpca1-br2.bbnplanet.net
[AS1] GTE Internetworking
      9    4.0.3.229        27.087 ms
so-1-0-0.sttlwa2-br1.bbnplanet.net [AS1] GTE Internetworking
     10    4.24.11.202      27.281 ms
so-0-0-0.sttlwa1-hcr1.bbnplanet.net [AS1] GTE Internetworking
     11    4.24.10.234      28.846 ms
so-7-0-0.sttlwa1-hcr2.bbnplanet.net [AS1] GTE Internetworking
     12    4.24.10.241      27.192 ms  p1-0.sttlwa1-cr2.bbnplanet.net
[AS1] GTE Internetworking
     13    4.24.125.110     30.544 ms  p3-0.bctel.bbnplanet.net [AS1]
GTE Internetworking
     14    154.11.10.10     31.196 ms  sttlwa01br02.bb.telus.com (Fake
rDNS) [AS174/AS852] Performance Systems International, Inc / TELUS
Communications Inc.
     15    209.53.75.177    30.968 ms  nwmrbc01br01.bb.telus.com (Fake
rDNS) [AS852] TELUS Communications Inc.
     16    209.53.75.186    45.424 ms  edtnabxmbr01.bb.telus.com (Fake
rDNS) [AS852] TELUS Communications Inc.
     17    205.233.111.130  77.003 ms  edtnabkdbr01.bb.telus.com (Fake
rDNS) [AS852] TELUS Communications Inc.
     18    209.115.137.238  77.070 ms  toroonnlbr00.bb.telus.com (Fake
rDNS) [AS852] TELUS Communications Inc.
     19    154.11.11.14     87.274 ms  mtrlpqfbbr00.bb.telus.com (Fake
rDNS) [AS174/AS852] Performance Systems International, Inc / TELUS
Communications Inc.
     20    154.11.7.11      87.265 ms  mtrlpqpbbr02.bb.telus.com (Fake
rDNS) [AS174/AS852] Performance Systems International, Inc / TELUS
Communications Inc.
     21    154.11.135.6     94.571 ms  peer.mtrlpqpbbr02.bb.telus.com
(DNS error) [AS174/AS852] Performance Systems International, Inc / TELUS
Communications Inc.
     22 *

Mercy

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/list/attachments/20020624/f589f285/attachment.htm


More information about the list mailing list