Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How Nping works at the OS/ kernel level

From: Jack Dangler <tdldev () gmail com>
Date: Wed, 2 Aug 2023 11:12:37 -0400

On 8/2/23 08:55, Subhra Das wrote:

Hi,
I carried out the below experiment. Could anyone help me to find out which process (at user/ kernel level) on the remote node is responding to nping TCP packets. Is there any flow diagram to understand the same 

a) On Node 1 installed nping tool

b) On Node 2 removed nping tool
c) Executed the *below* command on Node 1. It still works. Could you please let us know how should we go about finding which process is responding to nping tcp packets on Node 2, which doesn’t have the nping module installed 

*nping -c 1 --tcp -p 13567 <IP Address on Node 2>*


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived athttps://seclists.org/nmap-dev/
Unless I am mistaken, nping doesn't need to be installed at both ends. nping is issuing a ping request to the other node. When ping runs, it sends an ICMP "Echo" request to the interface and waits to get a response. Once the target receives the request, it (should) respond by sending a "Reply" packet. 


Jack


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at https://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: