CEH exam might ask you about traceroute like, How does Traceroute map the route that a packet travels from point A to point B?


Right explaination would be; By manipulating the value of time to live (TTL) parameter packet to elicit a time exceeded in transit message. Traceroute works by increasing the “time-to-live” value of each successive batch of packets sent. The first three packets have a time-to-live (TTL) value of one (implying that they make a single hop). The next three packets have a TTL value of 2, and so on. When a packet passes through a host, normally the host decrements the TTL value by one, and forwards the packet to the next host.


When a packet with a TTL of one reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to the sender. The traceroute utility uses these returning packets to produce a list of hosts that the packets have traversed en route to the destination.


Please enter your comment!
Please enter your name here