NetTrace Pro

Advanced Network Analysis & Traceroute Toolkit

Terminal unplugged - awaiting connection method
nettrace@terminal v2.4.1
NetTrace Pro Terminal - Network Analysis Toolkit
Type help for available commands
Type plug to connect system access
────────────────────────────────────────────────

$
Command Reference
pwd - Print working directory
ls / - List root directory
ping <host> - Ping a host
traceroute <host> - Trace route
whois <ip> - WHOIS lookup
nmap <ip> - Port scan (sim)
dns <domain> - DNS lookup
clear - Clear terminal
ident <ip> <name> - Add identity
export - Export user data
import - Import user data
hints - Toggle hints

Traceroute Visualization

Run a traceroute to visualize network path

Legend

Router
Proxy/CDN
Server
Decentralized
Unknown (no data)
User-identified
Understanding Traceroute Analysis

How Traceroute Works: Traceroute uses ICMP packets with incrementally increasing TTL (Time To Live) values. Each router along the path decrements the TTL, and when it reaches 0, the router sends back an ICMP "Time Exceeded" message, revealing its IP address.

Device Classification: We analyze naming patterns, TTL values, response times, and known IP ranges to determine if a hop is likely a router, proxy server, CDN edge, or origin server.

Decentralized Detection: Unusually high latency variance, non-sequential IP ranges, and inconsistent AS numbers can indicate traffic routing through decentralized networks like Tor or I2P.

Hardware/Firmware Detection Commands

Advanced commands for device fingerprinting (run in terminal):

snmpwalk <ip>

Query SNMP for device info (requires SNMP enabled)

curl -I http://<ip>

Check HTTP headers for server software

shodan <ip>

Query Shodan database for device info

banner <ip> <port>

Grab service banner for identification