tracert mit Router "Zyxel Prestige 660HW-67"

haegar · 26.11.2005

Router:

Hersteller: ZyXEL
Produkt: Prestige 660HW-67
Firmware Version: 3.40(SQ.0)
Fertigstellung: 2004/09/09 21:16:00

offzielle Bezeichnung von Arcor Arcor-DSL Wlan Modem 100

Frage: wie bekomme ich einen kompletten Trace mit aktivierter Router-Firewall hin, ohne große Sicherheitslöcher in die Firewall zu reissen ?

ein tracert mit aktiver RouterFireall sieht so aus:

Code:

C:\>tracert [url]www.uni-erlangen.de[/url]

Tracing route to info2.rrze.uni-erlangen.de [131.188.3.81]
over a maximum of 30 hops:

 1   5 ms  &lt;1 ms  &lt;1 ms localhost [192.168.13.1]
 2   *    *    *   Request timed out.
 3   *    *    *   Request timed out.
 4   *    *    *   Request timed out.
 5   *    *    *   Request timed out.
 6   *    *    *   Request timed out.
 7   *    *    *   Request timed out.
 8   *    *    *   Request timed out.
 9   *    *    *   Request timed out.
 10   *    *    *   Request timed out.
 11   *    *    *   Request timed out.
 12   *    *    *   Request timed out.
 13   *    *    *   Request timed out.
 14  24 ms  24 ms  24 ms info2.rrze.uni-erlangen.de [131.188.3.81]

Trace complete.

ohne Router-Firewall

Code:

C:\>tracert [url]www.uni-erlangen.de[/url]

Tracing route to info2.rrze.uni-erlangen.de [131.188.3.81]
over a maximum of 30 hops:

 1   4 ms   1 ms   1 ms localhost [192.168.13.1]
 2   9 ms  10 ms  10 ms dslb-084-056-064-001.pools.arcor-ip.net [84.56.64.1]
 3  10 ms   9 ms   9 ms nbg-145-254-7-181.arcor-ip.net [145.254.7.181]
 4  12 ms  13 ms  12 ms ffm-145-254-16-182.arcor-ip.net [145.254.16.182]
 5  13 ms  14 ms  12 ms ir-frankfurt2-po3-0.g-win.dfn.de [188.1.56.21]
 6  25 ms  24 ms  24 ms cr-frankfurt1-po8-2.g-win.dfn.de [188.1.80.45]
 7  24 ms  23 ms  25 ms cr-leipzig1-po4-0.g-win.dfn.de [188.1.18.190]
 8  24 ms  24 ms  25 ms cr-erlangen1-po2-2.g-win.dfn.de [188.1.18.45]
 9  24 ms  24 ms  24 ms ar-erlangen1-ge4-2.g-win.dfn.de [188.1.72.2]
 10   *    *    *   Request timed out.
 11   *    24 ms  24 ms enterprise.gate.uni-erlangen.de [131.188.10.2]
 12  24 ms  23 ms  23 ms botany-bay.gate.uni-erlangen.de [131.188.20.101]
 13  24 ms  24 ms  24 ms reliant.gate.uni-erlangen.de [131.188.20.110]
 14  24 ms  24 ms  24 ms info2.rrze.uni-erlangen.de [131.188.3.81]

Trace complete.

Router-Systemstatus:

Code:

 Sytemstatus
Sytemstatus
 
Systemname: Arcor-DSL
ZyNOS Firmware-Version: V3.40(SQ.1) | 3/31/2005
DSL Firmware-Version:TI AR7 01.01.08.00
Standard:ADSL_G.dmt
 
 
WAN-Informationen
 
IP-Adresse:84.56.82.58
IP-Subnet-Maske:255.255.255.255
Standard-Gateway:ArcorDSL
Primärer DNS:195.50.140.250
Sekundärer DNS:195.50.140.114
VPI/VCI:1/ 32
 
 
LAN-Informationen
 
MAC-Adresse:00:13:49:07:e3:04
IP-Adresse: 192.168.13.1
IP-Subnet-Maske: 255.255.255.0
DHCP: Server
DHCP-Startadresse: 192.168.13.100
Größe IP-Folge für DHCP: 32

IP-Configuration meines Rechners:

Code:

C:\Documents and Settings\roheiko>ipconfig /All

Windows IP Configuration

    Host Name . . . . . . . . . . . . : marsnebel
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : Yes
    WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter LAN:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX)
    Physical Address. . . . . . . . . : 00-50-DA-5F-5E-B3
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.13.2
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.13.1
    DNS Servers . . . . . . . . . . . : 192.168.13.1

RavensMetaller · 26.11.2005

Hi,

Du musst ICMP Pakete durchlassen.

How UNIX traceroute works:
Similar to the Microsoft tracert, UNIX traceroute sends UDP packets to high-numbered destination ports (usually over 33000). An arbitrary high number is chosen in the hopes that the target machine is not running a service on that given port. The TTL value is set to 1 initially and is incremented with each router hop; just as in the case of the tracert example. At the end of the exchange, the target machine sends back an ICMP type 3 (port unreachable) packet because it is not using that port. The fact the the target machine responds with a type 3 packet is proof to the source machine that it has successfully reached the intended destination machine.

Gruß
Sven

haegar · 27.11.2005

Danke Dir, es funktioniert!

tracert mit Router "Zyxel Prestige 660HW-67"

haegar

RavensMetaller

haegar

tracert mit Router "Zyxel Prestige 660HW-67"

ANGEBOTE & SPONSOREN

Neueste Beiträge

Neueste Themen

Statistik des Forums