site - Better than traceroute / nslookup
2014-04
Im searching for a command that shows all IP addresses that you get in status bar when you connect to site.
Example: ebuddy.com, is not ony ebuddy.com, but varnish.ebuddy.com bsvc.ebuddy.com web.ebuddy.com
and so on. Does anyone know?
(Linux Mint, based on Ubuntu packages)
Those are not IP addresses, but subdomains and there is no easy way to find all subdomains associated with a site other than brute-forcing.
If it helps: you can google for "site:ebuddy.com -inurl:www" to see some subdomains, but it is not very practical.
I was reading the manpage for traceroute
, and I noticed it accepts a port
argument.
I thought traceroute
worked only with ICMP. What does it do with the port?
Traceroute (classical mode) works by sending UDP packets to a high, theoretically unused UDP port, changing the time to live (TTL) for each packet so that routers along the way notice that it has timed out and return ICMP time exceeded messages. Traceroute then prints those messages out until it gets a message from the destination host denying the connection.
You can change the port in case the default port is in use (thus preventing that last hop from working because the packet is silently accepted).
There is a wealth of information in the man page for traceroute on your standard Linux distro.
That's in case ICMP is blocked somewhere along the way.
You could for example use port 80 (http) because almost any firewall will allow it to pass through.