Firewall Wizards mailing list archives
Re: hping
From: Salvatore Sanfilippo <antirez () seclab com>
Date: Fri, 11 Dec 1998 17:39:08 +0100
A few weeks ago, I wrote this little tool. hping (h? ping) is a tool that fits ping's concept to the tcp protocol. In a few words hping can send any kind of tcp flags and display the target replies in this format: [size] bytes from [ip]: flags=[flags] seq=[x] ttl=[y] win=[z] time=[t]ms This can be usefull for: - ACL discovery and testing - Port scanning - Hide pinging - Raw fingerprints - ... Other stuff usage: hping host [options] c - packets count i - wait n - numeric output q - quiet I - interface name p - destination port (default 0) [ctrl+z inc, double ctrl+z dec] s - base source port (default random) t - ttl (default 64) w - winsize (default 512) h - show this help v - show version F - set FIN flag S - set SYN flag R - set RST flag P - set PUSH flag A - set ACK flag U - set URG flag X - set X unused flag (0x40) Y = set Y unused flag (0x80) f - split packets in two fragments (may pass weak acl) x - set more fragments flag (maybe uselessness) O - set fake tcp data offset (instead of tcphdrlen / 4) r - relativize id field (to estimate host traffic) z - bind ctrl+z to ttl Z - unbind ctrl+z p.s. the -r option permits to understand the outgoing traffic from an unix box misured in packets for second. Best Regards, antirez -- Salvatore Sanfilippo Intesis SECURITY LAB Phone: +39-02-671563.1 Via Settembrini, 35 Fax: +39-02-66981953 I-20124 Milano ITALY Email: antirez () seclab com
Attachment:
hping.c
Description:
Current thread:
- Re: hping Salvatore Sanfilippo (Dec 11)
- Re: hping Darren Reed (Dec 14)
- traceroute using TCP (was Re: hping) Darren Reed (Dec 18)