Traceroute Servers for HENP & ESnet
Introduction | Domain Names | Finding Host Information | Autonomous Systems | Security | Automated use of traceroute servers | Sites with web traceroute servers | Other places to look | Installing code for traceroute server | Archives
Traceroute protocols: ICMP, IP, UDP.
enables you to use several Public Traceroute Gateways at
the same time. There is an Overview
with useful information.
International Country Codes or
ISO-3166-1: The Code List
to find top level domains for countries.
Look in International
E-mail Accessibility for how a country is connected.
You can use the Complete Whois web page or GeekTools to interrogate all whois servers or the Web interface to Whois or Whois Report to search for second-level domain names. SamSpade also provides easy access to some tools to find information on hosts.
You can use DNS Report to see how badly your DNS sucks.HosIIP site or Geo IP Tool site or IP2location site or AntiOnline or GeoLim (uses multilateration), or Octant from Cornell, or GeoBytes or Hostip.info or the commercial service IPAddressLabs. If you want to find the great circle distance and know the latitude and longitude coordinates of the two ends then you can use http://www.movable-type.co.uk/scripts/LatLong.html. World Gazeteer provides access to data with lat/longs, cities, countries & populations ( download data). If you know the city then you can use City Lat/Longs.
You can also use SamSpade to look up information on hosts, email addresses and other relevant information. GeekTools provides name server lookup for a host, or if you don't know the exact name try DomainSurfer. There is also an Atlas of Cyberspace that provides maps and graphic representations of the geographies of the new electronic territories of the Internet, the World-Wide Web and other emerging Cyberspaces and the Corpex sponsored Cyber Geography Research.
Well managed sites and ISPs maintain a list of email addresses such as abuse@ or postmaster@, that one can send email to, for example to complain about spam etc. This follows an Internet recommendation (RFC 2142). Some less helpful sites do not provide such services, for more on these, see RFC-ignorant.org. Try DNS Stuff site for the abuse contact for a domain, also see Abuse.net. The Composite Blocking List also keeps a list of addresses that are suspected of abusing and that have been blocked.Autonomous System (AS) number to name. The extensive Classless Internet Domain Routing (CIDR) Report provides links to much routing information and a form to review the entry for a specified AS. The Graphical AS Path (also see The Netlantis Project) web page allows you to enter an IP address or name and see what AS's one passes through from it to other AS's in the world. Fixed Orbit provides a form to find an AS given an IP or host name. You can also use the route servers to make detailed analysis of Internet routing and connectivity issues.
Most (Microsoft uses ICMP, and Linux allows an option to use ICMP) traceroutes by default send UDP probes, increasing the UDP port number (the default starting port number is 33434 and typically the port number is less than 33465)) by one for each of its probes (see the traceroute man pages). However, since the TTL starts low most of the packets would not be expected to reach the final remote host. However, if the remote host does not respond to the UDP probes, then the traceroute will keep trying to send probes (by default 3 times until the default 30 hop count max is exceeded). Hence the remote host or someone along the path may deduce that a port scan of the remote host is in progress. If you see a suspected port scan alert, for example from your firewall, with a series of a few tens of ports starting around 33450, coming from www.slac.stanford.edu or www4.slac.stanford.edu it is probably a reverse traceroute from our web based reverse traceroute server. If you were using our server to traceroute to yourself, please do NOT report this to us, since it will almost certainly be a waste of time for both of us. However, do feel free to contact us if you are sure that you weren't using our server yourself at the time of the apparent "scan" and you'd like us to attempt to track down who it was that was using our server to traceroute to your machine. For more on this issue see Traceroute and Security.
UXN Spam Combat provides a very useful page for trying to find out more information (route, DNS etc.) of a host.
http://www.slac.stanford.edu/cgi-bin/traceroute.pl?target=www.cern.ch&id=PINGERfirstname.lastname@example.org the id identifies your project (it should be possible to Google for the project) and email@example.com is replaced with the person we should contact in case of anomalous usage. This will help us when we look through the web logs for suspicous usage so we can quickly contact the appropriate people and not have to block access.
There are also some graphical tools for visualizing traceroutes that can be found by looking at An Atlas of Traceroutes. VisualRoute also has several servers around the world allowing you to visually see routes from these servers to selected hosts.