On Mon, 2003-09-29 at 16:10, Steven M. Bellovin wrote:
In message <NDBBJJPLIGJGLBKILFIHMEPLMIAA.ekgermann@cctec.com>, "Eric Germann" w rites:
winders does use udp instead of icmp in their tracert program, IIRC (or at least they used to). At the risk of getting my head blown off, could we say that was foresight :)
No, they use icmp. Or at least that's what the XP box sitting next to me does...
So far I've seen is it uses UDP with a TTL that increments by one for each hop. The ICMP time exceeded message is returned from the interface of the router closest to you, and then windows tries to ping the hop. If it can't do this, it displays * * *. Why it needs do this rather than simply use only UDP like the rest of the world, I don't know. But leave it to microsoft to be different... -Paul -- Paul Timmins <paul@timmins.net>