The BackTrack 4 tools grouped in this category can be used to get network routing information.
0trace is a tool that can be used to passively trace the network route between the penetration tester and the target device.
0trace utilizes common protocols such as HTTP or SNMP to reach the firewall, and then uses a TTL-based packet afterward. There are many reasons why using
0trace can be more successful than using a traditional traceroute. Some of them are: If there is a firewall misconfiguration, the firewall doesn't rewrite all of the packet (which is common for native stateful inspection firewall), and a firewall doesn't use an application layer gateway or proxy (which is common in today's company infrastructure).