George Perkins said: > Traceroute does not use pings, which are ICMP packets (ECHO_REQUEST sent, > ECHO_RESPONSE returned) by default, it uses UDP packets (on many systems > one can choose, however, to alter the default and send the ICMP "ECHO" > family packets instead). What I forgot in my initial suggestion was that > the responses traceroute listens for are ICMP TIME_EXCEEDED and/or > UNREACHABLE packets (depending on which is appropriate), so even though > the UDP packets it's sending out may get through an ICMP block, the ICMP > packets it's listening for may not. > > There are network utilities available which use repeated TCP or UDP > connection attempts in order to simulate pings in an environment where > ICMP is not useful/useable. Many hacker toolkits make use of them > (though actual hackers tend to use other features beyond the simple > "can I get through to system A?" functionality). Actually, Windows traceroute ("tracert") DOES use ICMP ECHO packets. If anyone has a lead on a good ping/traceroute for Windows that uses UDP (or TCP or either), can you let us know? Doug Doug Nelson [log in to unmask] Network Manager Ph: (517) 353-2980 Computer Laboratory http://www.msu.edu/~nelson/ Michigan State University