¿entendiendo tracert para determinar el ataque MITM?

0

Hice una prueba para comprender Tracert contra el mismo ISP (TE DATA) desde dos ubicaciones diferentes. Obtuve el siguiente resultado:

  • Para google

Red A

Tracing route to google.com [213.158.189.20]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  192.168.1.1
  2    38 ms    40 ms    37 ms  ALMAZA-R06C-C-EG [163.121.172.232]
  3    43 ms    43 ms    44 ms  host-163.121.238.237.tedata.net [163.121.238.237]
  4    42 ms    40 ms    41 ms  host-163.121.238.238.tedata.net [163.121.238.238]
  5    44 ms    41 ms    41 ms  host-163.121.228.141.tedata.net [163.121.228.141]
  6    46 ms    40 ms    41 ms  10.37.242.229
  7    42 ms    42 ms    40 ms  213.158.189.20

Trace complete.

Red B

Tracing route to google.com [213.158.178.45]
over a maximum of 30 hops:

  1     4 ms     2 ms     2 ms  10.0.0.138
  2   594 ms   580 ms   645 ms  zamalek-r03c-c-eg [163.121.173.179]
  3   639 ms   638 ms   690 ms  host-163.121.228.198.tedata.net [163.121.228.198]
  4   590 ms   644 ms   623 ms  host-163.121.228.197.tedata.net [163.121.228.197]
  5   536 ms   484 ms   530 ms  host-163.121.235.61.tedata.net [163.121.235.61]
  6   591 ms   402 ms   531 ms  10.37.242.233
  7   535 ms     *      182 ms  host-213.158.178.45.tedata.net [213.158.178.45]

Trace complete.
  • Para yahoo

Red A

Tracing route to yahoo.com [206.190.36.45]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  192.168.1.1
  2    40 ms    40 ms    42 ms  ALMAZA-R06C-C-EG [163.121.172.232]
  3    45 ms    45 ms    71 ms  host-163.121.238.237.tedata.net [163.121.238.237]
  4    43 ms    44 ms    41 ms  host-163.121.238.238.tedata.net [163.121.238.238]
  5    44 ms    44 ms    40 ms  10.37.241.90
  6    60 ms    41 ms    41 ms  10.32.8.107
  7    63 ms   111 ms   114 ms  10.37.241.25
  8    90 ms    91 ms    92 ms  xe-0-3-2.mrs12.ip4.gtt.net [77.67.76.169]
  9   260 ms   172 ms   167 ms  xe-9-2-0.was10.ip4.gtt.net [89.149.183.154]
 10   178 ms   172 ms   171 ms  as10310.ip4.tinet.net [213.200.84.126]
 11   172 ms   182 ms   175 ms  ae-6.pat2.dcp.yahoo.com [216.115.102.178]
 12   224 ms   197 ms   198 ms  ae-7.pat2.che.yahoo.com [216.115.100.137]
 13   222 ms   225 ms   263 ms  ae-6.pat1.dnx.yahoo.com [216.115.96.207]
 14   349 ms   336 ms   244 ms  ae-8.pat2.gqb.yahoo.com [216.115.96.204]
 15   253 ms   246 ms   275 ms  ae-0.msr2.gq1.yahoo.com [66.196.67.23]
 16   268 ms   314 ms   245 ms  UNKNOWN-67-195-0-X.yahoo.com [67.195.0.23]
 17   245 ms   245 ms   249 ms  et-18-25.fab6-1-gdc.gq1.yahoo.com [98.137.31.186]
 18   246 ms   248 ms   248 ms  po-14.bas1-7-prd.gq1.yahoo.com [206.190.32.23]
 19   251 ms   299 ms   248 ms  ir1.fp.vip.gq1.yahoo.com [206.190.36.45]

Trace complete.

Red B

Tracing route to yahoo.com [206.190.36.45]
over a maximum of 30 hops:

  1     4 ms     2 ms     3 ms  10.0.0.138
  2   645 ms   721 ms   715 ms  zamalek-r03c-c-eg [163.121.173.179]
  3   747 ms   704 ms   742 ms  host-163.121.228.198.tedata.net [163.121.228.198]
  4   538 ms   636 ms   589 ms  host-163.121.228.197.tedata.net [163.121.228.197]
  5   499 ms   514 ms   562 ms  host-163.121.235.61.tedata.net [163.121.235.61]
  6   619 ms   583 ms   605 ms  10.37.242.185
  7   785 ms   769 ms   610 ms  10.37.242.173
  8   594 ms   674 ms   679 ms  10.37.241.17
  9   653 ms   643 ms   494 ms  xe-0-3-2.mrs12.ip4.gtt.net [77.67.76.169]
 10   872 ms   857 ms   742 ms  xe-4-0-0.was10.ip4.gtt.net [89.149.184.250]
 11   610 ms   621 ms   625 ms  as10310.ip4.gtt.net [77.67.70.222]
 12   773 ms   824 ms   839 ms  ae-6.pat2.dcp.yahoo.com [216.115.102.178]
 13   924 ms   769 ms   716 ms  ae-7.pat2.che.yahoo.com [216.115.100.137]
 14   724 ms   769 ms   850 ms  ae-6.pat1.dnx.yahoo.com [216.115.96.207]
 15   672 ms   747 ms   775 ms  ae-8.pat2.gqb.yahoo.com [216.115.96.204]
 16     *      608 ms   653 ms  ae-1.msr1.gq1.yahoo.com [66.196.67.5]
 17   446 ms   423 ms   464 ms  xe-2-0-1.clr1-a-gdc.gq1.yahoo.com [68.180.253.129]
 18   489 ms   430 ms   466 ms  et-18-1.fab5-1-gdc.gq1.yahoo.com [67.195.1.235]
 19   934 ms   714 ms   745 ms  po-13.bas2-7-prd.gq1.yahoo.com [206.190.32.37]
 20   709 ms   852 ms  1033 ms  ir1.fp.vip.gq1.yahoo.com [206.190.36.45]

Trace complete.

Intenté whois para cada IP, sin embargo, no pude obtener información para las direcciones IP que comienzan con 10.37.242.229 & 10.37.242.233 ??

    
pregunta kifcaliph 13.01.2015 - 22:02
fuente

1 respuesta

1

El primer salto es su enrutador, el espacio de direcciones 192.168.x.x y 10.x.x.x está reservado para las direcciones de red internas.

    
respondido por el wireghoul 13.01.2015 - 22:09
fuente

Lea otras preguntas en las etiquetas