Nmap Development mailing list archives
Re: How Nping works at the OS/ kernel level
From: Jack Dangler <tdldev () gmail com>
Date: Wed, 2 Aug 2023 11:12:37 -0400
On 8/2/23 08:55, Subhra Das wrote:
Hi,I carried out the below experiment. Could anyone help me to find out which process (at user/ kernel level) on the remote node is responding to nping TCP packets. Is there any flow diagram to understand the samea) On Node 1 installed nping tool b) On Node 2 removed nping toolc) Executed the *below* command on Node 1. It still works. Could you please let us know how should we go about finding which process is responding to nping tcp packets on Node 2, which doesn’t have the nping module installed*nping -c 1 --tcp -p 13567 <IP Address on Node 2>* _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived athttps://seclists.org/nmap-dev/
Unless I am mistaken, nping doesn't need to be installed at both ends. nping is issuing a ping request to the other node. When ping runs, it sends an ICMP "Echo" request to the interface and waits to get a response. Once the target receives the request, it (should) respond by sending a "Reply" packet.
Jack
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at https://seclists.org/nmap-dev/
Current thread:
- How Nping works at the OS/ kernel level Subhra Das (Aug 02)
- Re: How Nping works at the OS/ kernel level Jack Dangler (Aug 02)