Notices

Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

How do i do a trace route to a certain port?

Post Reply New Thread Subscribe Search this Thread
 
 
Thread Tools
Old 02-19-05, 11:21 AM Thread Starter   #1
Mr.Guvernment

 
Mr.Guvernment's Avatar 

Join Date: Feb 2003
Location: Costa Rica - and toronto sometimes

10 Year Badge
 
How do i do a trace route to a certain port?


Hey all

i dont know what port a trace route in DOS goes on, but i need to specify the port

i have traied tracert addressort but that doesnt work..


Any thoughts?

__________________

,`, Poor Planning On Your Part Does Not Constitute An Emergency On My Part ,`,
,`, The trouble with life is theres no background music ,`,
,`, Life isnt short, you're just dead for too long,`,


Mr.Guvernment is offline Folding Profile   QUOTE Thanks
Old 02-19-05, 12:01 PM   #2
Know Nuttin
Senior Member

 
Know Nuttin's Avatar 

Join Date: Mar 2004
Location: Ontario, Canada

 
have you tried using telnet?

__________________
AMD Phenom II X4 965BE, Asus M5A88-V Evo, 8GB Mushkin Blackline DDR3-1600 , Coolermaster Hyper212+, OCZ Vertex Plus 60GB, Seagate 7200.11 500GB, Antec EA-380
Lenovo X200, P8400 C2D, 8GB, 120GB OCZ Vertex 3.
Know Nuttin is offline   QUOTE Thanks
Old 02-19-05, 12:15 PM   #3
kct2
Member



Join Date: Feb 2002

 
Tracert just gives you the hops to the specified IP address. Every port will take the same path to the destination.

What exactly are you trying to determine?
kct2 is offline   QUOTE Thanks
Old 02-19-05, 12:41 PM Thread Starter   #4
Mr.Guvernment

 
Mr.Guvernment's Avatar 

Join Date: Feb 2003
Location: Costa Rica - and toronto sometimes

10 Year Badge
 
ahh okay

a piece of software our company uses works on port 443, customer can download, install our software - do a trace route with no time outs or anything but our software will just not connect to our server - even though we have like 2000+ people connected and people connecting wit no problems.

i can go through their system configure / disable firewalls etc but still no luck....

__________________

,`, Poor Planning On Your Part Does Not Constitute An Emergency On My Part ,`,
,`, The trouble with life is theres no background music ,`,
,`, Life isnt short, you're just dead for too long,`,


Mr.Guvernment is offline Folding Profile   QUOTE Thanks
Old 02-19-05, 01:12 PM   #5
Know Nuttin
Senior Member

 
Know Nuttin's Avatar 

Join Date: Mar 2004
Location: Ontario, Canada

 
try a different port. That port number is already reserved for https.

__________________
AMD Phenom II X4 965BE, Asus M5A88-V Evo, 8GB Mushkin Blackline DDR3-1600 , Coolermaster Hyper212+, OCZ Vertex Plus 60GB, Seagate 7200.11 500GB, Antec EA-380
Lenovo X200, P8400 C2D, 8GB, 120GB OCZ Vertex 3.
Know Nuttin is offline   QUOTE Thanks
Old 02-19-05, 03:21 PM Thread Starter   #6
Mr.Guvernment

 
Mr.Guvernment's Avatar 

Join Date: Feb 2003
Location: Costa Rica - and toronto sometimes

10 Year Badge
 
cant - hardcoded into our software and it works for thousand and thousands of other people. our site is SSL encrypted.

__________________

,`, Poor Planning On Your Part Does Not Constitute An Emergency On My Part ,`,
,`, The trouble with life is theres no background music ,`,
,`, Life isnt short, you're just dead for too long,`,


Mr.Guvernment is offline Folding Profile   QUOTE Thanks
Old 02-19-05, 04:49 PM   #7
XWRed1
Senior Member

 
XWRed1's Avatar 

Join Date: Oct 2001

 
Tracerouting on ports doesn't make sense.

Traceroute uses icmp.
XWRed1 is offline   QUOTE Thanks
Old 02-19-05, 04:59 PM   #8
kct2
Member



Join Date: Feb 2002

 
Is it possible they have to update their trusted Certificate Authorities, or install your site's SSL certificate?
kct2 is offline   QUOTE Thanks
Old 02-19-05, 06:09 PM   #9
Slackfumasta
Member

 
Slackfumasta's Avatar 

Join Date: Dec 2004
Location: My own personal HELL!

 
Also, if it's just this customer, they may not have port 443 (HTTPS) open on their firewall, or for some screwy reason they are using an old browser without 128 bit encryption, or something stupid like that. Chances are it's a problem on their end.

They also need to make sure they have Use SSL 2.0 and Use SSL 3.0 enabled in IE if that's what they are using.
Slackfumasta is offline   QUOTE Thanks
Old 02-19-05, 06:33 PM   #10
XWRed1
Senior Member

 
XWRed1's Avatar 

Join Date: Oct 2001

 
I find telnet to be a nice program to test tcp connections.

Just ask them to telnet to you on port 443. If they can connect, then it is something else. If they can't even connect, then their firewall must be misconfigured in some way (or yours)
XWRed1 is offline   QUOTE Thanks
Old 02-19-05, 06:45 PM   #11
Slackfumasta
Member

 
Slackfumasta's Avatar 

Join Date: Dec 2004
Location: My own personal HELL!

 
You can't telnet to port 443 unless you configure a server to specifically turn off HTTPS and answer telnet on port 443. Telnet by default works on port 23.
Slackfumasta is offline   QUOTE Thanks
Old 02-19-05, 10:13 PM   #12
kct2
Member



Join Date: Feb 2002

 
Quote:
Originally Posted by Slackfumasta
You can't telnet to port 443 unless you configure a server to specifically turn off HTTPS and answer telnet on port 443. Telnet by default works on port 23.
However doing that would disable the software for the thousands of users it does work for. Not a great idea.
kct2 is offline   QUOTE Thanks
Old 02-19-05, 10:31 PM   #13
XWRed1
Senior Member

 
XWRed1's Avatar 

Join Date: Oct 2001

 
Quote:
Originally Posted by Slackfumasta
You can't telnet to port 443 unless you configure a server to specifically turn off HTTPS and answer telnet on port 443. Telnet by default works on port 23.
You can telnet on any port you want to.

I'm only suggesting using telnet as a tool to test connectivity, I don't expect him to get a shell that way. Only to see if he can open a connection. I do it all the time as a diagnostic. It's a nice diagnostic because almost any computer you sit down at will have telnet on it.

Right now, open a command prompt and run:
telnet gmail.google.com 443

I get a connection:
Trying 216.239.57.98...
Connected to 216.239.57.98.
Escape character is '^]'.

Thats all I expect. Pick another port they aren't listening on, it won't connect. As an aside, telnet is also a nice diagnostic for plaintext services like ftp and smtp.
XWRed1 is offline   QUOTE Thanks
Old 02-19-05, 10:56 PM   #14
kct2
Member



Join Date: Feb 2002

 
Quote:
Originally Posted by XWRed1
You can telnet on any port you want to.

I'm only suggesting using telnet as a tool to test connectivity, I don't expect him to get a shell that way. Only to see if he can open a connection. I do it all the time as a diagnostic. It's a nice diagnostic because almost any computer you sit down at will have telnet on it.

Right now, open a command prompt and run:
telnet gmail.google.com 443

I get a connection:
Trying 216.239.57.98...
Connected to 216.239.57.98.
Escape character is '^]'.

Thats all I expect. Pick another port they aren't listening on, it won't connect. As an aside, telnet is also a nice diagnostic for plaintext services like ftp and smtp.
This does work, you'll be able to see the connection on the server (using something like 'netstat' if you are using windows server), but on the client machine the telnet window just goes blank as there is no telnet-able service running on that port. It never really tells you it made a connection, but if it doesn't connect you will get an error message. Just an FYI.
kct2 is offline   QUOTE Thanks
Old 02-20-05, 12:04 AM Thread Starter   #15
Mr.Guvernment

 
Mr.Guvernment's Avatar 

Join Date: Feb 2003
Location: Costa Rica - and toronto sometimes

10 Year Badge
 
well the world knows our server address so i telnet'd to it

cmd
telnet tpc.dynip.com 443

i got a blank screen after that - does that mean it connected?

i go through peoples systems, get them to turn off all firewalls and such, and it just seems so rare that say 5 out of say 20,000 people just cant connect to any of our 4 servers running. Uusally they are on Xp with the odd ME person

__________________

,`, Poor Planning On Your Part Does Not Constitute An Emergency On My Part ,`,
,`, The trouble with life is theres no background music ,`,
,`, Life isnt short, you're just dead for too long,`,


Mr.Guvernment is offline Folding Profile   QUOTE Thanks
Old 02-20-05, 02:38 AM   #16
XWRed1
Senior Member

 
XWRed1's Avatar 

Join Date: Oct 2001

 
Quote:
Originally Posted by kct2
This does work, you'll be able to see the connection on the server (using something like 'netstat' if you are using windows server), but on the client machine the telnet window just goes blank as there is no telnet-able service running on that port. It never really tells you it made a connection, but if it doesn't connect you will get an error message. Just an FYI.
I know this. All I said is it is a nice way to see if a port is accessible if you aren't sure. I'm not expecting to find a telnettable service on 443. Didn't I even say there shouldn't be anything useable there?
XWRed1 is offline   QUOTE Thanks
Old 02-20-05, 02:41 AM   #17
XWRed1
Senior Member

 
XWRed1's Avatar 

Join Date: Oct 2001

 
Code:
xwred1@stoneburner:~$ telnet tpc.dynip.com 443
Trying 66.212.224.33...
Connected to tpc.dynip.com.
Escape character is '^]'.
I was able to connect fine.

So your thing *is* listening on 443.

I was able to connect with my browser too, said you were using a 3rd party certificate for "Jesse". Told Firefox to go ahead and connect anyway, use your certificate. Now it grinds waiting for more data from your end... which is a problem on your end, not mine.
XWRed1 is offline   QUOTE Thanks
Old 02-20-05, 03:54 AM   #18
kct2
Member



Join Date: Feb 2002

 
Quote:
Originally Posted by XWRed1
I know this. All I said is it is a nice way to see if a port is accessible if you aren't sure. I'm not expecting to find a telnettable service on 443. Didn't I even say there shouldn't be anything useable there?
I was simply explaining what would happen, not to you, but to Mr.Guvernment, when he made a successful connection using the method you described. I figured you knew what you wrote would work, my point wasn't to verify what you said, but to expand on what Mr.Guvernment could expect to see.

Quote:
Originally Posted by Mr.Guvernment
i got a blank screen after that - does that mean it connected?
As you can see, what I wrote was necessary because exactly what I described happened. For some reason he still asked if it was connected

Quote:
Originally Posted by XWRed1
Code:
xwred1@stoneburner:~$ telnet tpc.dynip.com 443
Trying 66.212.224.33...

Connected to tpc.dynip.com.
Escape character is '^]'.
I was able to connect fine.

So your thing *is* listening on 443.

I was able to connect with my browser too, said you were using a 3rd party certificate for "Jesse". Told Firefox to go ahead and connect anyway, use your certificate. Now it grinds waiting for more data from your end... which is a problem on your end, not mine.
The fact you or I can connect is irrelevant, we know that the port is open on the server because of the thousands of other users that are able to connect. You need to have the user having trouble connecting try to telnet in on that port.

But simply being able to connect to port 443 is not enough to establish a SSL connection, the server certificate needs to be trusted by the client system too. The fact your server certificate is self-signed to a server name different than your public domain name, and expired 4 years ago could be a problem if the connection was being made by a standard browser. But looking at your company's website it would seem like your software would have to be coded to accept that specific server certificiate as it doesn't look like it requries or uses any specific version of Windows or IE. So, if the effected users are able to telnet to the correct port on the server, I am not sure what else to suggest.
kct2 is offline   QUOTE Thanks
Old 02-20-05, 08:09 AM Thread Starter   #19
Mr.Guvernment

 
Mr.Guvernment's Avatar 

Join Date: Feb 2003
Location: Costa Rica - and toronto sometimes

10 Year Badge
 
The port is certainly listening on port 443, to connect on 443 you need to download our client, which will allow you to connect on port 443 - i beleive our client creates is own SSL certifcate with each new client that connects - not too sure will have to ask our developers about it though.


Also, upon checking that certificate - it expired in 2001, that was actually just around i got the job and shortly after , March 2001, i set up our company in Antigua , Jesse njo longer works for us but was one of the original programmers for our software.

I would also assume it hangs on FireFox or any browser is because we are not serving any HTTP(s) web sites off 443, it is all a client / server based application.

__________________

,`, Poor Planning On Your Part Does Not Constitute An Emergency On My Part ,`,
,`, The trouble with life is theres no background music ,`,
,`, Life isnt short, you're just dead for too long,`,


Mr.Guvernment is offline Folding Profile   QUOTE Thanks
Old 02-20-05, 08:47 AM   #20
Slackfumasta
Member

 
Slackfumasta's Avatar 

Join Date: Dec 2004
Location: My own personal HELL!

 
I see what you mean now by using Telnet to test, very cool
Slackfumasta is offline   QUOTE Thanks

Post Reply New Thread Subscribe


Overclockers Forums > Software > Internet, Networking, and Security
Internet, Networking, and Security Networking and Viruses/Malware trouble. Get the answers here.
Forum Jump

Thread Tools Search this Thread
Search this Thread:

Advanced Search


Mobile Skin
All times are GMT -5. The time now is 03:19 AM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
You can add these icons by updating your profile information to include your Heatware ID, Benching Profile ID or your Folding/SETI profile ID. Edit your profile!
X

Welcome to Overclockers.com

Create your username to jump into the discussion!

New members like you have made this the best community on the Internet since 1998!


(4 digit year)

Why Join Us?

  • Share experience
  • Max out your hardware
  • Best forum members anywhere
  • Customized forum experience

Already a member?