I am trying to find out what happens when you try to access a site using traceroute command, but I cannot find any site that is actually blocking me. Anyway, I wanted to ask what happens when a firewall blocks traceroute? And if I am correct, the firewall blocks all ports that traceroute would use right? What happens to that traceroute exactly?
Asked
Active
Viewed 8,312 times
1 Answers
6
There is no "blocking" of traceroute, tracepath, tracert or whatever the tool gets called. These commands work by setting the TTL/hoplimit of the packet to a specific value and then expect the host to send an ICMP unreachable back if the TTL/hoplimit expired (i.e. decremented to zero). If a system does not send this ICMP message or if a middlebox (like a firewall) blocks the delivery of the ICMP packet then the host with the specific TTL/hoplimit will show up as unknown in traceroute.
Steffen Ullrich
- 184,332
- 29
- 363
- 424