Find the answer to your Linux question:
Results 1 to 6 of 6
Hi, I am connected to a school PC through ssh and I need to do a traceroute to a site... The problem is that when I do traceroute google.com (or ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2008
    Posts
    2

    traceroute not wroking


    Hi,

    I am connected to a school PC through ssh and I need to do a traceroute to a site... The problem is that when I do traceroute google.com (or any other site) I get something like this:

    Code:
    traceroute: Warning: google.com has multiple addresses; using 72.14.207.99
    traceroute to google.com (72.14.207.99), 30 hops max, 52 byte packets
    traceroute: sendto: Operation not permitted
     1 traceroute: wrote google.com 52 chars, ret=-1
     *traceroute: sendto: Operation not permitted
    traceroute: wrote google.com 52 chars, ret=-1
    And it goes on like this. I did some search and found out that I need to change the rules in IPTABLES or something (noob here). Whatever I tried with iptables it says this:

    Code:
    iptables v1.3.6: can't initialize iptables table `filter': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    Obviously I can't do anything about this and I'm supposed to do a traceroute and it supposedly should work.

    Can anyone help me out?

  2. #2
    Linux Engineer Kieren's Avatar
    Join Date
    Aug 2007
    Location
    England
    Posts
    848
    You wont be able to modify iptables unless you have root access to the PC. Since this is a school PC I don't think you will have?
    Linux User #453176

  3. #3
    Just Joined!
    Join Date
    Jun 2008
    Posts
    7
    traceroute, also, requires root to work. It is usually installed setuid root, but your school may have decided not to do this for security reasons (I recall my old university killed the setuid bit on 'ping' due to security concerns at one point).

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Jun 2008
    Posts
    2
    Yeah, I know I can't modify iptables. But is there another way to do a traceroute without being root (or modifying iptables)?

    This is an assignment I was given, and it's supposed to be doable.

  6. #5
    Just Joined!
    Join Date
    Jun 2008
    Posts
    7
    I think the suggestion that you need to change your iptables setup is wrong. If you had a firewall rule preventing you sending traceroute packets, you wouldn't get an error message like you are; instead you'd see a lot of lines like:

    1 * * *
    2 * * *
    3 * * *

    etc. Traceroute depends on sending ICMP packets, which can only be done by root. Usually, the traceroute program is installed setuid root. I'd suggest asking your local system administrator why it hasn't been done this way, and if it can be switched back.

  7. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Quote Originally Posted by vikerneso View Post
    Yeah, I know I can't modify iptables. But is there another way to do a traceroute without being root (or modifying iptables)?

    This is an assignment I was given, and it's supposed to be doable.

    If this is an assignment from school then please go back to the person who assigned this to you and have them explain how you should proceed.

    I am thinking that this is part of the lesson to figure out why it is not working and what would be the fix.

    I see too many students too lazy to do their homework and want answers handed o them.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •