Solved

Yet another icmp results question: %loss and ???

Posted on 2014-12-07
3
146 Views
Last Modified: 2014-12-10
Using basic bash scripting, I am trying to run ping/mtr tests to better understand the results.

I understand the basics and know that when I see %loss, yet see the next hop, it typically means that the hop is either having problems is more likely, icmp is being limited. If I can see the IP of the %loss hop, it still doesn't mean that I can tell if the hope is having problems or if it is being icmp limited.

The fact that I can see the next hop tells me that the path to the target is complete but what else can I learn from this test?

There doesn't seem to be any reliable way of knowing if a %loss hop is experiencing problems or is only being icmp blocked or limited. Throughput might be one way but that would mean having to know what the previous throughput was and again is reliably unknown if it is traversing the internet.

So my question is... IS there a reliable way of determining this short of knowing the hop owner and contacting them and how can I do it using a bash script.
0
Comment
Question by:projects
  • 2
3 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 40485661
If you can get to a hop beyond the one showing %loss, that means it is working but not responding to 'icmp' because you get to the next hop by going thru the one showing %loss.  If the one with %loss was actually down, I believe the trace would stop there.
0
 

Author Comment

by:projects
ID: 40485691
Yes, that is what my question says but I am wanting to know if there are some ways of knowing reliably what is going on.
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 40485771
No, not with ICMP or traceroute.  You're seeing everything that is available with those methods.  Since those servers are not otherwise accessible by you, there is nothing else to get.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now