.\" netsniff-ng - the packet sniffing beast .\" Copyright 2013 Daniel Borkmann. .\" Subject to the GPL, version 2. .TH ASTRACEROUTE 8 "03 March 2013" "Linux" "netsniff-ng toolkit" .SH NAME astraceroute \- autonomous system trace route utility .SH SYNOPSIS \fB astraceroute\fR [\fIoptions\fR] .SH DESCRIPTION astraceroute is a small utility to retrieve path information in a traceroute like way, but with additional geographical location information. It tracks the route of a packet from the local host to the remote host by sucessively increasing the IP's TTL field in the hope, that the intermediate node sends a ICMP TIME_EXCEEDED notification back to us. astraceroute supports IPv4 and IPv6 queries and will display country and city information if available as well as the AS number the hop belongs to and its ISP name. astraceroute also displays timing information and reverse DNS data. Due to astraceroute's configurability it is also possible to gather some more useful information about the hop regarding what it passes through and what not. I.e. astraceroute also allows some clear text strings for probing some DPIs or ``great firewalls'' that would filter out blacklisted critical keywords. This tool might be a good start for further in-depth analysis of such systems. .SH OPTIONS .SS -H , --host .SS -p , --port .SS -i , -d , --dev .SS -f , --init-ttl .SS -m , --max-ttl .SS -q , --num-probes .SS -x , --timeout .SS -X , --payload .SS -l , --totlen .SS -4, --ipv4 .SS -6, --ipv6 .SS -n, --numeric .SS -u, --update .SS -L, --latitude .SS -N, --dns .SS -S, --syn .SS -A, --ack .SS -F, --fin .SS -P, --psh .SS -U, --urg .SS -R, --rst .SS -E, --ecn-syn .SS -t , --tos .SS -G, --nofrag .SS -Z, --show-packet Show and dissect the returned packet. .SS -v, --version Show versioning information. .SS -h, --help Show user help. .SH USAGE EXAMPLE .SS astraceroute -i eth0 -N -S -H netsniff-ng.org .SS astraceroute -i eth0 -N -E -H netsniff-ng.org .SS astraceroute -i eth0 -N -F -H netsniff-ng.org .SS astraceroute -i eth0 -N -FPU -H netsniff-ng.org .SS astraceroute -i eth0 -N -H netsniff-ng.org -X "censor-me" -Z .SS astraceroute -6 -i eth0 -S -E -N -H www.6bone.net .SH NOTE If a TCP-based probe will fail after a number of retries, astraceroute will automatically fall back to ICMP-based probes to pass through firewalls resp. routers. To gather more information about astraceroute's displayed AS numbers, see f.e. http://bgp.he.net/AS. .SH BUGS The geographical locations are estimated with the help of Maxmind's GeoIP database and can or cannot deviate from the actual real physical location. What one can do to decrease a possible error rate is to update the database regularly e.g. with astraceroute's --update option. At some point in time, we need a similar approach to gather more reliable path information such as in paris-traceroute. Due to the generic nature of astraceroute it currently does only have a built-in mechanism to stop the trace after a static number of hops, since the configurable TCP flags can have anything included. It is possible to decrease this number of course. In future, if a SYN probe is sent out, there should be a listener thus we can stop the trace if we detect a handshake in progress. .SH LEGAL astraceroute is licensed under the GNU GPL version 2.0. .SH HISTORY .B astraceroute was originally written for the netsniff-ng toolkit by Daniel Borkmann. It is currently maintained by Tobias Klauser and Daniel Borkmann . .SH SEE ALSO .BR netsniff-ng (8), .BR trafgen (8), .BR mausezahn (8), .BR ifpps (8), .BR bpfc (8), .BR flowtop (8), .BR curvetun (8) .SH AUTHOR Manpage was written by Daniel Borkmann.