Traceroute Servers for HENP & ESnet
Introduction | Domain Names | Finding Host Information | Autonomous Systems | Security | Automated use of traceroute servers | Sites with web traceroute servers | Other places to look | Installing code for traceroute server | Archives
Traceroute protocols: ICMP, IP, UDP.
There is an Overview
with useful information.
International Country Codes
to find top level domains for countries.
Look in International
E-mail Accessibility for how a country is connected.
You can use the Hurricane Electric Internet Service to find more about a domain.HosIIP site or Geo IP Tool site or IP2location site or ipinfo.io site and and its Developers site or AntiOnline or GeoLim (uses multilateration), or TULIP from SLAC, or Octant from Cornell, or GeoBytes or Hostip.info or the commercial service IPAddressLabs. If you want to find the great circle distance and know the latitude and longitude coordinates of the two ends then you can use http://www.movable-type.co.uk/scripts/LatLong.html. World Gazeteer provides access to data with lat/longs, cities, countries & populations ( download data). If you know the city then you can use City Lat/Longs.
GeekTools provides name server lookup for a host. There is also an Atlas of Cyberspace that provides maps and graphic representations of the geographies of the new electronic territories of the Internet, the World-Wide Web and other emerging Cyberspaces and the Corpex sponsored Cyber Geography Research.
Well managed sites and ISPs maintain a list of email addresses such as abuse@ or postmaster@, that one can send email to, for example to complain about spam etc. This follows an Internet recommendation (RFC 2142). Try DNS Stuff site for the abuse contact for a domain. The Composite Blocking List also keeps a list of addresses that are suspected of abusing and that have been blocked.Autonomous System (AS) number to name. The extensive Classless Internet Domain Routing (CIDR) Report provides links to much routing information and a form to review the entry for a specified AS. The Graphical AS Path. web page allows you to enter an IP address or name and see what AS's one passes through from it to other AS's in the world. Fixed Orbit provides a form to find an AS given an IP or host name. Another relevant site is the Team Cymru IP to ASN mappig site. You can also use the route servers to make detailed analysis of Internet routing and connectivity issues.
Most (Microsoft uses ICMP, and Linux allows an option to use ICMP) traceroutes by default send UDP probes, increasing the UDP port number (the default starting port number is 33434 and typically the port number is less than 33465)) by one for each of its probes (see the traceroute man pages). However, since the TTL starts low most of the packets would not be expected to reach the final remote host. However, if the remote host does not respond to the UDP probes, then the traceroute will keep trying to send probes (by default 3 times until the default 30 hop count max is exceeded). Hence the remote host or someone along the path may deduce that a port scan of the remote host is in progress. If you see a suspected port scan alert, for example from your firewall, with a series of a few tens of ports starting around 33450, coming from www.slac.stanford.edu or www4.slac.stanford.edu it is probably a reverse traceroute from our web based reverse traceroute server. If you were using our server to traceroute to yourself, please do NOT report this to us, since it will almost certainly be a waste of time for both of us. However, do feel free to contact us if you are sure that you weren't using our server yourself at the time of the apparent "scan" and you'd like us to attempt to track down who it was that was using our server to traceroute to your machine. For more on this issue see Traceroute and Security.
As of release 7.4 and beyond, the traceroute.pl script sanitizes the QUERY_STRING to guard against cross site scripting (XSS), see Preventing Cross-site Scripting Attacks.
UXN Spam Combat provides a very useful page for trying to find out more information (route, DNS etc.) of a host.
http://www.slac.stanford.edu/cgi-bin/traceroute.pl?target=www.cern.ch&id=PINGERfirstname.lastname@example.org the id identifies your project (it should be possible to Google for the project) and email@example.com is replaced with the person we should contact in case of anomalous usage. This will help us when we look through the web logs for suspicous usage so we can quickly contact the appropriate people and not have to block access. Map of Traceroute and Ping Servers worldwide.
There are also some graphical tools for visualizing traceroutes that can be found by looking at An Atlas of Traceroutes.