views:

890

answers:

5

I have seen another program provide traceroute functionality within it but without needing root (superuser) privileges? I've always assumed that raw sockets need to be root, but is there some other way? (I think somebody mentioned "supertrace" or "tracepath"?) Thanks!

+1  A: 

Ping the target, gradually increasing the TTL and watching where the "TTL exceeded" responses originate.

moonshadow
Sounds like it will work but is a bit complicated.
Unkwntech
That is actually what traceroute does.
Ferruccio
How do you increase the TTL without using raw sockets in C?
brian
You don't need raw sockets to do a ping or to set the options. How precisely you do it will depend on your target platform. See http://msdn.microsoft.com/en-us/library/system.net.networkinformation.ping.aspx for .net for instance.
moonshadow
A: 

Rather than using raw sockets, some applications use a higher numbered tcp or udp port. By directing that tcp port at port 80 on a known webserver, you could traceroute to that server. The downside is that you need to know what ports are open on a destination device to tcpping it.

akraut
A: 

You don't need to use raw sockets to send and receive ICMP packets. At least not on Windows.

Ferruccio
What about packets with a custom TTL?
brian
A: 
James Antill
The source code of traceroute.c expects the user to be root in order to rewrite the TTL of the packet - if you look at your distro traceroute is most likely setuid root.
brian
A: 

ping and traceroute use the ICMP protocol. Like UDP and TCP this is accessible through the normal sockets API. Only UDP and TCP port numbers less than 1024 are protected from use, other than by root. ICMP is freely available to all users.

If you really want to see how ping and traceroute work you can download an example C code implementation for them from CodeProject.

In short, they simple open an ICMP socket, and traceroute alters the increments the TTL using setsockopt until the target is reached.

Andrew Johnson