G
Guest
I think not.
8 so-7-0-0.mpr3.ams1.nl.above.net (64.125.27.186) 127.935 ms 132.867 ms 1 32.734 ms
9 true.ams4.nl.above.net (82.98.247.54) 134.512 ms 145.852 ms 142.350 ms10 10ge-6-3.e600-2.ams7.true.nl (87.233.192.18) 139.116 ms 152.574 ms 148.831 ms
11 rtr2.eu1.core.ppse.net (87.233.161.218) 142.242 ms 142.954 ms 143.934 ms
12 powered-by.parchosting.nl (217.195.115.146) 145.843 ms 146.937 ms 148.715 ms
.
This is a traceroute output, with information too close for comfort to me removed. I'll attempt to explain how to know more about how your traffic is routed to its final destination. If you study this stuff you will definitely be able to tell if a route is somthing out of the ordinary. You might ask what the shit does this mean? Well it's only a start. Find yourself to dnsstuff.com, and find the whois look up, currently in the lower left. Lets say you wanna know who ge-6-3.e600-2.ams7.true.nl (87.233.192.18) is. Just paste that IP address (87.xx) in there and boom:
OrgName: Abovenet Communications, Inc
OrgID: ABVE
Address: 360 Hamilton Ave
City: White Plains
StateProv: NY
PostalCode: 10601
Country: US
Along with other useful information, contacts etc. This information by law needs to be accurate and would not be compromised for law enforcement, it's vital. Well, I could see them trying, but you'd hear about it.
This is what I would expect, my traffic from the states bustin' over to new york as directly as possible, and overseas. Now what if I saw my traffic being routed through virgina, again, not a major peering point, I'd find that strange. Now different service providers have better routes than others, they're not created equal - your isp may routinely make the crappiest routing decisions ever using cut-rate carriers, in this case it will be more difficult to pinpoint anomolies. My routes are great, *hint - you get what you pay for.
For windows users, click start, run, type 'cmd' and press enter. In the black box type 'tracert hostname' where hostname is your desired destination ie. icmag.com. Poke around to websites, try and get an idea where they're located for reference and with study you can see stuff that looks goofy.
A buddy of mine tried to turn me on to overgrow, and I'm naturally a bit paranoid and checked into it and I thought it was really weird that my traffic was being routed through hosts that appeared to be located in kansas city -- not any sort of major peering location at all, esspecially noting that overgrow was housed in canada. It was shut down shortly after, so I've convinced myself of the value of route study.
Topology map, this will give you a gist overview of major peering locations throughout the world. Its the first link if you google 'internet topology'
http://www.caida.org/analysis/topology/as_core_network/pics/ascoreApr2005.png
I'm not going to copy the image as its copyrighted and I don't know if its tou violation.
Anyone still here?
Questions?
8 so-7-0-0.mpr3.ams1.nl.above.net (64.125.27.186) 127.935 ms 132.867 ms 1 32.734 ms
9 true.ams4.nl.above.net (82.98.247.54) 134.512 ms 145.852 ms 142.350 ms10 10ge-6-3.e600-2.ams7.true.nl (87.233.192.18) 139.116 ms 152.574 ms 148.831 ms
11 rtr2.eu1.core.ppse.net (87.233.161.218) 142.242 ms 142.954 ms 143.934 ms
12 powered-by.parchosting.nl (217.195.115.146) 145.843 ms 146.937 ms 148.715 ms
.
This is a traceroute output, with information too close for comfort to me removed. I'll attempt to explain how to know more about how your traffic is routed to its final destination. If you study this stuff you will definitely be able to tell if a route is somthing out of the ordinary. You might ask what the shit does this mean? Well it's only a start. Find yourself to dnsstuff.com, and find the whois look up, currently in the lower left. Lets say you wanna know who ge-6-3.e600-2.ams7.true.nl (87.233.192.18) is. Just paste that IP address (87.xx) in there and boom:
OrgName: Abovenet Communications, Inc
OrgID: ABVE
Address: 360 Hamilton Ave
City: White Plains
StateProv: NY
PostalCode: 10601
Country: US
Along with other useful information, contacts etc. This information by law needs to be accurate and would not be compromised for law enforcement, it's vital. Well, I could see them trying, but you'd hear about it.
This is what I would expect, my traffic from the states bustin' over to new york as directly as possible, and overseas. Now what if I saw my traffic being routed through virgina, again, not a major peering point, I'd find that strange. Now different service providers have better routes than others, they're not created equal - your isp may routinely make the crappiest routing decisions ever using cut-rate carriers, in this case it will be more difficult to pinpoint anomolies. My routes are great, *hint - you get what you pay for.
For windows users, click start, run, type 'cmd' and press enter. In the black box type 'tracert hostname' where hostname is your desired destination ie. icmag.com. Poke around to websites, try and get an idea where they're located for reference and with study you can see stuff that looks goofy.
A buddy of mine tried to turn me on to overgrow, and I'm naturally a bit paranoid and checked into it and I thought it was really weird that my traffic was being routed through hosts that appeared to be located in kansas city -- not any sort of major peering location at all, esspecially noting that overgrow was housed in canada. It was shut down shortly after, so I've convinced myself of the value of route study.
Topology map, this will give you a gist overview of major peering locations throughout the world. Its the first link if you google 'internet topology'
http://www.caida.org/analysis/topology/as_core_network/pics/ascoreApr2005.png
I'm not going to copy the image as its copyrighted and I don't know if its tou violation.
Anyone still here?
Questions?
