The Web Local
 

 

 

Hping

 

Hping is a software to do TCP/IP stack auditing, to uncover firewall policy, to scan TCP port in a lot of different modes, to transfer files across a firewall and many other stuff. Using hping you are able to do even a lot of not security-regarding stuff i.e.

 

  • Test firewall rules
  • Advanced port scanning
  • Test net performance using different protocols, packet size, TOS (type of service) and fragmentation.
  • Path MTU discovery
  • Transferring files between hosts where stringent firewall rules are being applied.
  • Traceroute-like under different protocols.
  • Firewalk-like usage.
  • Remote OS fingerprinting.
  • TCP/IP stack auditing.

 

Installation

 

./configure

make

make install

 

or use the rpm :)

 

It is best to install the latest libpcap package.

 

Execution

 

root@FC4]# hping3 192.168.0.1

HPING 192.168.0.1 (eth0 192.168.0.1): NO FLAGS are set, 40 headers + 0 data bytes

mslen=46 ip=192.168.0.1 ttl=128 id=2258 sport=0 flags=RA seq=0 win=0 rtt=0.7

mslen=46 ip=192.168.0.1 ttl=128 id=2259 sport=0 flags=RA seq=1 win=0 rtt=0.8

mslen=46 ip=192.168.0.1 ttl=128 id=2260 sport=0 flags=RA seq=2 win=0 rtt=0.7

mslen=46 ip=192.168.0.1 ttl=128 id=2261 sport=0 flags=RA seq=3 win=0 rtt=0.3

mslen=46 ip=192.168.0.1 ttl=128 id=2262 sport=0 flags=RA seq=4 win=0 rtt=0.8

mslen=46 ip=192.168.0.1 ttl=128 id=2263 sport=0 flags=RA seq=5 win=0 rtt=0.2

mslen=46 ip=192.168.0.1 ttl=128 id=2264 sport=0 flags=RA seq=6 win=0 rtt=0.7

mslen=46 ip=192.168.0.1 ttl=128 id=2265 sport=0 flags=RA seq=7 win=0 rtt=0.3 ms

--- 192.168.0.1 hping statistic ---

8 packets tramitted, 8 packets received, 0% packet loss

 

(ms)len is the size, in bytes, of the data captured from the data link layer excluding the data link header size. This may not match the IP datagram size due to low level transport layer padding.

ip is the source ip address.

id is the IP ID field.

flags are the TCP flags,

      R for RESET,

    S for SYN,

    A for ACK,

    F for FIN,

    P for PUSH,

    U for URGENT

seq is the sequence number of the packet, obtained using the source port for TCP/UDP packets, the sequence field for ICMP packets.

win is the window size.

rtt is the round trip time. i.e. time taken to return from the initial ping.

 

Should you receive a window size on the reply from this tool and are having trouble working out the OS of the host you are dealing with, a quick Google search should hopefully give you a few pointers in the right direction.

 

Pen Testing Framework:

 

Latest Tool Reviews:

 

 

 

  
 

© VulnerabilityAssessment.co.uk 23 February 2008