What are the significant differences between tracepath and traceroute?
How do traceroute and tracepath perform a similar function, differently?
Both programs essentially do one thing: send and receive certain IP packets.
A program can use the normal sockets API to do this, or it can manipulate the raw packets from the interface. The sockets API does not require root privileges, because it is fairly secure. There are mechanisms builtin to prevent one program from accessing IP packets that another program made.
Tracepath uses the sockets API for all it's functionality. Traceroute manipulates raw packages for some of its functionality.
What does traceroute do, which requires root privileges, that tracepath doesn't?
It manipulates raw packages.
To manipulate raw packets, you need root privileges because by doing this, you bypass the security mechanisms of the sockets API. You gains access to communications of all other processes and users using that interface. Just think about what a virus could do if it could manipulate raw packages.
Are there scenarios where one should prefer tracepath over traceroute, or vice-versa?
One advanced command available in Traceroute is the ability to run a network trace using IPv4 or IPv6 protocol. It is also possible to choose between ICMP, TCP or UDP data formats for a probe. Traceroute can choose specific source routings for the probe and choose what port to send from. It can set limits on the minimum and maximum TTL to accept from an outbound probe. IN addition, Traceroute can show the wait time for response pings as well as set how many packets are send in each probe and how many probes to send. Some of these commands may not be supported by networking hardware along the path, which could terminate the probe before it reaches its target destination.
sources: 1 2 3
You can use traceroute
for advanced network tracing , you can choose between IPv4 and Ipv6 protocols , you can also choose between ICMP, TCP or UDP data formats for a probe.
So traceroute
has more advanced options than tracepath
which uses UDP packets for tracing.
Now about superuser privileges :
you can use traceroute
with both a normal user and a superuser that depends on the option you want to use , here is an example :
Here we are using UDP packets which doesn't need superuser privileges
Here we are using ICMP echo packets which need privileges .
By ICMP packets you can make DDOS attack.
To learn about ICMP options Traceroute Man Page
To view traceroute
options type in terminal man traceroute
ICMP need super user privileges , to ensure just administrators can use some of its options , because it can be used to make ping of death and collecting information about a specific network , the privilege here will give the super user the ability to change options using ICMP packets.
That you can see it , when you try to ping so websites like www.microsoft.com
, your ping will fail even its online, and that because Microsoft routers block ICMP_requests .
So linux protect the system from unprivileged user , so they can not use this commands for attacking .
i think you have to read this http://www.ehow.com/list_7526520_differences-between-traceroute-tracepath.html
From the above link:
TracePath
Tracepath traces a path to a designated network address, reporting on the "time to live" or TTL lag and maximum transmission units (MTU) along the way. This command can be run by any user other with access to the command line prompt.
Traceroute Basics
Traceroute is essentially the same as Tracepath except that by default, it will only give the TTL value. If you want additional data, you must request those variables on the command line. Also, traceroute requires superuser access to run the command on a Linux box, and some advanced data requests may not be supported by all of the routers along the path. In a Windows environment, any user with access to the command line can run Traceroute.