2013-02-19 Traceroute database

Our new service, traceroutes database, will be launching today. Database was collected during a large scale tracerouting experiment, which involves over 61 million IP addresses of websites and servers worldwide. All data obtained is now available as a service where query about a particular IP address can be made. As a result, you will get incoming and outgoing routes of server or router.

With the emerging of virtualization technologies, new problems in security field may arise (i.e., isolation of virtual machines). These potential problems are usually solved using default settings and "security through obscurity" policy. But now, all "hidden" servers or networks can easily be enumerated in a single click.

Service allows to enumerate not only routers between client and target server, but also machines behind a given IP address (i.e., privately allocated networks, IP addresses of hosted virtual machines)

To use our traceroutes database service, enter IP address in the search box field on main page

While doing reconnaissance, in most cases, you will see information about a given website that is easy to obtain during regular WHOIS lookups and common techniques. Complex information, such as traceroute database, is not usually nessesary. However, shortage of IPv4 addresses is pushing its way too. Hosting providers, like Hetzner (our servers hosts there), are doing great job reusing all IPs they got. They allocating an additional IP from any pool available, resulting in a single hardware server with two (or more) IP addresses which, at first, located in different subnetworks, and in second, have no relations to each other at all. No WHOIS lookup, or traceroute to any of known IP addresses will unveil any other IPs.
But now this is possible:
178.63.14.200 - Hetzner client, found routes for two subnets and several additional IP addresses

176.9.111.19 - Hetzner client, additional IPs in other network 176.9.199.0/24



Another interesting thing to note is that we found out which router in the Internet has the most IP addresses connected to: 69.197.1.154 with 4921 outgoing IPs in 67 different C-networks. These are other interesting subjects: 209.51.161.102, 219.234.92.18, 64.209.96.150 and so on.



For other researchers, JSON API was launched on the same terms as any other service on this site. Check docs if you want to build something using our API.

For those who does not like to dig text we prepared interactive map.

Subscribe to our RSS/Atom feed to get interesting news about our future experiments.
Share link via Twitter: