Scuttle is a tool that lets you control the output when your server is
tracerouted. It currently
supports both ICMP and UDP
You'll need a set of IP addresses you can control the reverse DNS entries for, and a Linux server that supports IP spoofing.
Vultr will let you buy as many IPs as you want, and control their reverse
DNS entries, for $3/month each. AWS EC2 will let you spoof IPs
– make sure you enable all inbound UDP and ICMP traffic, and disable the source/dest check (in
the console, right click => Networking => Change source/dest check). Note that
has unreliable route lengths, which breaks scuttle, but
us-west-1 (N. California) works fine.
Run the following commands on your server, to disable kernel-level ICMP and UDP replies:
# Disable the kernel's responses to ICMP echo packets, which would interfere with our own replies. sudo echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all # Prevent the kernel from sending "destination port unreachable" messages, which would interfere # with our UDP traceroute implementation. FreeBSD has a blackhole sysctl that would do this for # us, but on Linux we don't have as much luck, so have to resort to this hack. # Allow all outbound ICMP packets except "destination port unreachable". sudo iptables -A OUTPUT -p icmp -m icmp ! --icmp-type port-unreachable -j ACCEPT # Drop all outbound "destination port unreachable" packets except those sent by root. sudo iptables -A OUTPUT -p icmp -m owner ! --uid-owner root -j DROP
Add the IPs you'd like to a newline delimited file named
redirect_ips.txt, for example
184.108.40.206 220.127.116.11 18.104.22.168
sudo python scuttle.py redirect_ips.txt to serve responses infinitely.