Re: Call for testers: Nping 0.1BETA1 Released.

[Ron <ron () skullsecurity net>]

Hey Luis,

From a quick couple runs, it seems like a nice tool. I have some 
suggestions/requests about its interface, though. Some easy, some 
probably pointless, but I'll leave it up to you to decide. Keep in mind 
that I haven't really read any of the documentation or suggestions or 
anything about Nping, all my experience is from using hping and the '-h' 
option on Nping. Since I'm coming in pretty clean, I'm hopefully looking 
at it as an external user would.

When giving --flags, I actually prefer the way Hping does it with 
-S/-A/-R/--syn/--ack/--rst/etc. Would it be possible to support that 
syntax in addition to the --flags? I also tried doing --flags=SAR, which 
would be equally good, but that didn't work the way I was hoping. In 
fact, when I did that I noticed an issue -- there's no error message if 
I give invalid flags. It may also be interesting to allow a 8-bit 
integer for the --flags field for people hardcore enough to memorize 
flags, but that wouldn't be all that useful :)

Also, in the 'help' text displayed when I run 'nping -h', it doesn't 
list the possible flags. I was specifically looking for PSH to see the 
list, and couldn't find it. It might be helpful to have them, especially 
for the two less standard flags (I think hping calls them XXX and YYY or 
something?)

Speaking of help, I'd suggest a more logical order for the help: either 
going up or down the TCP/IP stack. Right now it's mostly in that order, 
except the IP/IPv6 is under Ethernet.

A feature of Hping that I really like, that may or may not be trivial to 
implement, is the ability to change the port/ttl using the keyboard 
during a scan. That lets me do a manual traceroute or portscan, which I 
like.

Speaking of traceroutes, something else I miss is DNS resolution. As 
much as I normally use -n on most programs to stop them from resolving 
DNS, there are times, such as on a traceroute, when I'd actually like 
the program to do reverse DNS lookups. Is that something that's 
possible/useful? I'm not sure if I'd default to doing resolutions, but 
the standard for networking tools seems to be doing reverse DNS unless 
-n is given.

And finally, this command doesn't work as I'd expect:
sudo ./nping --tcp -p 80 --flags syn --ttl 5 www.google.ca

The reason being, Nping doesn't seem to print the 'TTL Expired' message. 
Would it be difficult to add that?

And finally, having a delay and rate are nice, but it'd be helpful to 
have pre-set rates; for example, --fast, --faster, --flood, --slow, 
--slower, --paranoid. Something like that, where --flood and --paranoid 
are the extremes.

That's what I noticed from ~10 minutes playing with it. Hope that's 
helpful!

Thanks for the tool!
Ron

--
Ron Bowes
http://www.skullsecurity.org/

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org