Hackers can use many of the same discovery tools that they used for finding network devices to later find hosts.

  • traceroute
  • nmap
  • netcat

Using the traceroute utility, the hacker can determine the router IP addresses between himself and the end destination host. Since the traceroute was performed to a host, the hacker can be pretty sure that the IP address prior to the host is the router to that network.