Determining Intermediary Devices

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
2 hours 8 minutes
Difficulty
Intermediate
CEU/CPE
2
Video Transcription
00:02
Hello and welcome back to Cyber Aires infrastructure services that everyone we looking It's looking at the determining the intermediary devices with trace rt or trace for out hammer instructor Trend Arrow. So let's go ahead and begin.
00:19
So in this video, you're gonna look at the command trace router, trace our tea. We're gonna get the usage between it and the differences and windows Tentative boon to We're going to utilize trace route commanded Sermanni. How many hops are in between the Windows 10 machine and the boon to machine?
00:35
So what is basically what it does is it will set the TT oh, value to zero and try and get that device to send a time expired message back
00:46
to your host, right?
00:48
So it will hit. It'll start zero. Then I will start at one and two and 3 to 4, and so on until it finally hits that eventual end point. What is trying to get is that, you know, time expired message.
01:00
Some devices are set to not respond to requests, and some, as I'm gonna set up in the lab here, are set to actually drop the packets
01:08
to try and avoid people mapping out our network, right? So actually dropped that full
01:15
packet.
01:17
So
01:18
I'm gonna go ahead and bring up the windows box here.
01:23
As you can see, not a whole lot of options for trace R t.
01:26
We can do not result Host names If you don't have your not utilizing DNS and your environment, that's probably good one. Just a minimize traffic. You could set up the maximum hops just so it's not running forever. You set time out just because it will sit there and wait for a reply.
01:44
Um, and you could force to use I before I p six
01:48
Now in the case, let's go ahead and bring up the Abou two version. So it was to a trace route dash dash Hope you can see there is quite a bit more options. We can look at actual kind of raw packet crafting kind of. We can change the MTU sides. We can change the protocol.
02:06
Um,
02:07
there is a lot more you can do here. Could change the type of service, uh,
02:13
change the different port numbers you can. Actually, instead of just sending icmp, we can actually utilise TCP and UDP because most systems are blocking. You know, ICMP Now we're looking at the ICMP echo request will actually drop those packets. It's now, if you know that there is a web server
02:31
on a network and you know that the router is gonna allow
02:35
that could support 80. You can craft your your trace route on port 80. So that way the router will actually allow it to past right? It's not gonna drop that icmp pack
02:47
so you can actually get a pretty in depth with the trace route with you going to our Lennox. Right?
02:54
But for the simplicity of today, we're gonna stick with Windows because it is much simpler to start out with and much easier to learn that you can get into quite a bit of storm with the booty one.
03:09
So I said, go ahead and move into our lives set up here We have three routers with the say the a boon to on the left or right, and we have, you know, Windows 10 on the other side. So right now, all through routers is just kind of set to respond to t T ells. Um, there should be no issues, so I'm gonna go ahead and bring up the Windows 10 box.
03:30
We're gonna do a
03:31
trace R T to 10. That Wanda 2 to 50 which is the a boon to box.
03:38
And we should see the gateway first. What should be 1 70 16 11
03:44
and then you'll see Router, Two routers, road or three and then Router two. And then finally, the a boon to box a 10 1 to doubt 50.
03:53
So here, we're gonna look at the second scenario. I'm gonna go ahead and set this middle one here
03:58
to block packets with a T. T. L. Weston 16. So as soon as it hits it, it'll block it.
04:03
So I'm gonna go ahead and set that one to go.
04:08
Let's bring windows, Turn back up and let's try it again. We'll see how far we get.
04:13
So he signed that we had to default Gateway here, and we'll see. Yeah, So it's gonna go ahead and hit destination not reachable, because that packet is going to be dropped right at the router three. Which is that mean that middle router?
04:27
So I'm gonna go ahead and bring over the party session, have so I'm gonna do exit
04:33
and If we do a show high P access list, you'll see we now have a match on this
04:42
access. Let's right.
04:45
So that's what it looks like when we are blocking that teeth that low t t ells now, because they can't really map out our network.
04:54
But one way that if you were just using an access list of blocked a t t l value,
04:59
you can still kind of map it out. So, for example, if we do a ping toe 192 dot
05:06
50 and you know that your T TL base is set to 64
05:12
and you're seeing a detail of 61
05:15
you can now see that there is three intermediate devices, right,
05:19
because it's removing a video each hop.
05:23
It was kind of interesting way you got something it to kind of watch out for if that is your job,
05:29
but otherwise trace routes. And when knows his real basic riel wrote necessary. There's not much that Bun two or Lennox is gonna are for you unless you are using it for devious purchases or if you're using it as a pen tester.
05:45
But for just network administration windows, Trace rt was gonna work just fine.
05:55
So let's go ahead and try it again. Here. I want to bring out Windows 10.
05:59
We are going to run. Where is where Shark
06:03
T do.
06:09
All right, so now we got wear shirt. I'm just gonna send the ping
06:13
so I can see what that looks like. Here.
06:15
You should see your ICMP
06:19
on TV.
06:21
Gonna go and stop this year.
06:24
We see her quest reply
06:27
Source
06:29
Source Destination So Windows 10 to burn to boot to Windows 10.
06:35
Seems DTP stuff with Cisco with the,
06:40
um
06:43
the switch is here. So here there's 234 So have all for him here.
06:49
And also, you see a little bit our messaging going on, too.
06:54
So he's asking who has the gateway.
06:58
Um
06:59
and he says the gateways were here
07:01
anyway. I was continue again. Continue without saving. Let's bring this guy in. Must do a
07:08
trace rt and we'll see what the packers look like this time.
07:13
Every destination unreachable.
07:16
All right,
07:18
so let's close it down. See, it looks like here.
07:24
So here, you concede you're a t T l exceeded from the gateway here.
07:30
Okay,
07:32
So your time to live as one.
07:35
Let's go down and look at that last one. Here.
07:39
This is the one that is sent from Router three. That metal one with the access list sent.
07:46
So you should still see a Where's the DTL? So TD Els won,
07:51
You can see is it is an ICMP request,
07:57
and it dropped a packet.
08:01
Communication administratively filtered. So there's a way that you can kind of see it. It has been drops, right? If you are running wire shark,
08:09
you could see it has been trapped like them.
08:13
So that's kind of interesting.
08:16
How much pressure is kind of fun, toe. Look at your spirit times. You're really bored, for some reason.
08:22
Anyway, let's go ahead and do the quiz here. What field in the packet is used for? Trace router trace rt to determine intermediate devices. Hopefully should remember this one.
08:33
All right. Hopefully all of you guessed e t t l I only said it a few times here, so hopefully you guys all get sound.
08:43
And in this summary today, we looked at the command trace route and trace r t. We looked at the usage of it both in windows and boom to the boom to be in the more expansive version of Trace Route. Entrees are tears for Windows,
08:54
and we utilized the trace route or trace rt to verify the browning devices in our path. We also looked at it what it look like if someone explicitly sets it to block the low T TL values
09:07
and as always, thank you for washing this lesson and I look forward to seeing you and next one.
Up Next
Infrastructure Services

This Intermediate networking course will look at some of the more advanced tasks required to maintain a network. We will cover network tunneling, upgrading Cisco IOS to fix patches so we can avoid exploits, and other network troubleshooting tasks.

Instructed By