Nmap Development mailing list archives
Re: Nping 0.1BETA2 Released
From: Dirk Loss <lists () dirk-loss de>
Date: Fri, 21 Aug 2009 22:41:41 +0200
Hi, some initial feedback on Nping 0.1BETA2, mainly on documentation: Installation on Mac OS X 10.5.8 was very easy using the .dmg fileThe man page is awesome. Really exhaustive, still very readable and it teaches a lot about all the different packets and their usage.
Well done!The attached patches (against r15209) include some minor corrections to the man page and the help screen. Please take them as suggestions, because English is not my native language.
Could a "-vvv" syntax be supported in addition to "-v -v -v" and "-v3"? I think this would make it more consistent with Nmap. Same with -d and -q. Moreover the verbosity levels do not seem to influence output in --unprivileged mode. A note in the man page could be helpful.
Why does --udp automatically decide when to use raw sockets and --tcp does not? To put it another way: Why do we need --tcp-connect if we do not need --udp-sendto?
Regards Dirk
--- nping-help.r15209 2009-08-21 22:24:29.000000000 +0200
+++ nping-help.new 2009-08-21 22:29:38.000000000 +0200
@@ -8,11 +8,11 @@
PROBE MODES:
--tcp-connect : Unprivileged TCP connect probe mode.
--tcp : TCP probe mode.
- --upd : UPD probe mode.
+ --udp : UDP probe mode.
--icmp : ICMP probe mode.
--arp : ARP/RARP probe mode.
--tr, --traceroute : Traceroute mode (can only be used with
- TCP/UDP/ICMP modes.
+ TCP/UDP/ICMP modes).
TCP CONNECT MODE:
-p, --dest-port <port spec> : Set destination port(s).
TCP PROBE MODE:
@@ -54,7 +54,7 @@
alternative to {target specification} ).
--tos <tos> : Set type of service field (8bits).
--id <id> : Set identification field (16 bits).
- --df : Set Dont Fragment flag.
+ --df : Set Don't Fragment flag.
--mf : Set More Fragments flag.
--ttl <hops> : Set time to live [0-256].
--badsum-ip : Use a random invalid checksum.
@@ -66,16 +66,16 @@
-6, --IPv6 : Use IP version 6.
--dest-ip : Set destination IP address (used as an
alternative to {target specification}).
- --hop-limit : Same as IPv4 TTL..
+ --hop-limit : Same as IPv4 TTL.
--traffic-class <class> : : Traffic class.
--flow <label> : Flow label.
ETHERNET OPTIONS:
- --dest-mac <mac> : Set destination mac address. (disables
+ --dest-mac <mac> : Set destination mac address. (Disables
ARP resolution)
--source-mac <mac> : Set source MAC address.
--ether-type <type> : Set EtherType value.
PAYLOAD OPTIONS:
- --data <hex string> : Include a custom payload .
+ --data <hex string> : Include a custom payload.
--data-string <text> : Include a custom ASCII text.
--data-file <filename> : Include payload from specified file.
--data-length <len> : Include len random bytes as payload.
@@ -103,7 +103,7 @@
-d[level] : Set debugging level. E.g: -d3
-q : Decrease verbosity level by one.
-q[N] : Decrease verbosity level N times
- --quiet : Sets verbosity and debug level to zero.
+ --quiet : Sets verbosity and debug level to minimum.
--debug : Sets verbosity and debug to the max level.
EXAMPLES:
nping scanme.nmap.org
--- nping-r15208/docs/nping-man.xml 2009-08-21 20:49:17.000000000 +0200
+++ nping/docs/nping-man.xml 2009-08-21 22:19:57.000000000 +0200
@@ -37,7 +37,7 @@
</web>
<para>Nping is an open source tool for network packet generation, response
analysis and response time measurement. Nping allows to generate network
- packets of a wide range of protocols, letting users to tune virtually any
+ packets of a wide range of protocols, letting users tune virtually any
field of the protocol headers. While Nping can be used as a simple ping
utility to detect active hosts, it can also be used as a raw packet
generator for network stack stress tests, ARP poisoning, Denial of Service
@@ -69,12 +69,12 @@
<option>-p 80,433</option> to specify the target ports; and then the two
target hostnames.</para>
-<example id="man-ex-repping"><title>A representative Nping Execution</title>
+<example id="man-ex-repping"><title>A representative Nping execution</title>
<indexterm significance="normal"><primary><option>-A</option></primary><secondary>example of</secondary></indexterm>
<screen format="linespecific">
# nping -c 1 --tcp -p 80,433 scanme.nmap.org google.com
-Starting Nping V. 0.01a ( http://nmap.org/nping ) at 2009-08-04 13:48 CEST
+Starting Nping 0.1BETA2 ( http://nmap.org/nping ) at 2009-08-04 13:48 CEST
SENT (0.0120s) TCP 96.16.226.135:50091 > 64.13.134.52:80 S ttl=64 id=52072 iplen=40 seq=1077657388 win=1480
RCVD (0.1810s) TCP 64.13.134.52:80 > 96.16.226.135:50091 SA ttl=53 id=0 iplen=44 seq=4158134847 win=5840 <mss
1460>
SENT (1.0140s) TCP 96.16.226.135:50091 > 74.125.45.100:80 S ttl=64 id=13932 iplen=40 seq=1077657388 win=1480
@@ -148,7 +148,7 @@
address for which the first numbits are the same as for the
reference IP or hostname given. For example, 192.168.10.0/24 would
send probes to the 256 hosts between 192.168.10.0
- <literal moreinfo="none">11000000 10101000 00001010 00000000</literal>)
+ (binary: <literal moreinfo="none">11000000 10101000 00001010 00000000</literal>)
and 192.168.10.255
(binary: <literal moreinfo="none">11000000 10101000 00001010 11111111</literal>),
inclusive. 192.168.10.40/24 would ping exactly the same targets.
@@ -178,8 +178,8 @@
<literal moreinfo="none">-</literal> by itself is the same as 0-255,
but remember to use 0- in the first octet so the target
specification doesn't look like a command-line option. Ranges need
- not be limited to the final octets: the specifier will send probes
- to all IP addresses on the Internet ending in 13.37 This sort of
+ not be limited to the final octets: the specifier <literal moreinfo="none">0-.-.13.37</literal> will send
probes
+ to all IP addresses on the Internet ending in .13.37. This sort of
broad sampling can be useful for Internet surveys and research.
</para>
@@ -248,7 +248,7 @@
</para>
<para>
- Target ports are also scheduled using Round Robin so, unless only one
+ Target ports are also scheduled using Round Robin. So, unless only one
port is specified, Nping never sends two probes to the same target
host and port consecutively.
</para>
@@ -257,7 +257,7 @@
<para>
Basically it can be seen as if it was implemented using three
nested loops: one that iterates N times, where N is the number of
- rounds ( see option --count for details), one that iterates over
+ rounds (see option --count for details), one that iterates over
the specified ports and one that iterates over the specified
targets. Obviously, if Nping is sending ICMP or ARP packets, there
is no loop that iterates over ports. Also, note that after a probe
@@ -347,7 +347,7 @@
<title>Probe Modes</title>
<indexterm class="startofrange" id="man-probe-modes-indexterm" significance="normal"><primary>probe
modes</primary></indexterm>
- <para>Nping supports a wide variety of protocols. . Altough in some cases
+ <para>Nping supports a wide variety of protocols. Altough in some cases
Nping can automatically determine the mode from the options used, it
is generally a good idea to specify it explicitly.
</para>
@@ -426,7 +426,7 @@
sendto() system call. Note that in this unprivileged mode it is
not possible to see low level header information of the packets
on the wire but only status information about the amount of bytes
- that are being transmitted and received.UDP mode can be used to
+ that are being transmitted and received. UDP mode can be used to
interact with any UDP based server such as DNS servers,
streamming servers, online gaming servers, Port Knocking/Single
Packet Authorization daemons, etc.
@@ -649,11 +649,11 @@
See RFC 3168 for more information.</para>
<para>URG: (Urgent) Segment is urgent and the Urgent Pointer field
carries valid information.</para>
- <para>ACK: (Acknowledgement) The segment carries an aknowledgement and
+ <para>ACK: (Acknowledgement) The segment carries an acknowledgement and
the value of the Acknowledgement Number field is valid and
contains the next sequence number that is expected from the
receiver.</para>
- <para>PSH: (Push) The data in this segment should be inmediately
+ <para>PSH: (Push) The data in this segment should be immediately
pushed to the application layer on arrival.</para>
<para>RST: (Reset) There was some problem and the sender wants to
abort the connection.</para>
@@ -808,7 +808,7 @@
</term>
<listitem>
<para>
- Asks Nping to use an invalid UDP, checksum for packets sent to
+ Asks Nping to use an invalid UDP checksum for packets sent to
target hosts. Since virtually all host IP stacks properly drop these
packets, any responses received are likely coming from a firewall or
an IDS that didn't bother to verify the checksum. For more
@@ -849,7 +849,7 @@
<para>In general you can use the full option name (e.g
destination-unreachable), the 4-3 letters format (e.g. dest-unr)
or the initials (e.g. du). In ICMP types that request something,
- the word "request" is ommited. These are the the available
+ the word "request" is omitted. These are the the available
ICMP types:
</para>
@@ -957,7 +957,7 @@
</term>
<listitem>
<para>
- This option specifies which ICMP code should should be included in
+ This option specifies which ICMP code should be included in
the generated ICMP messages. <replaceable>code</replaceable> can be
supplied in two different ways. You can use the official code numbers
assigned by IANA (<ulink url="http://www.iana.org/assignments/icmp-parameters"; />)
@@ -1430,7 +1430,7 @@
<para><option>arp-nak; an; </option>
Send ARP NAK messages. ARP NAK messages are an extension to the
- ARMARP protocol and they are used to improve the robustness of
+ ATMARP protocol and they are used to improve the robustness of
the ATMARP server mechanism. With ARP NAK, a client can
determine the difference between a catastrophic server failure
and an ATMARP table lookup failure. See RFC 1577 for more
@@ -1688,8 +1688,8 @@
string containing 36 NUL bytes.
Nmap also offers a shortcut mechanism for specifying options.
- Simply pass the letter R, T, or U to request record-route,.
- record-timestamp,. or both options together, respectively. Loose
+ Simply pass the letter R, T, or U to request record-route,
+ record-timestamp, or both options together, respectively. Loose
or strict source routing. may be specified with an L or S followed
by a space and then a space-separated list of IP addresses.
@@ -1841,7 +1841,7 @@
Sets the IPv6 Hop Limit field in sent packets to the given
value. The Hop Limit field specifies how long the datagram is allowed
to exist on the network. It represents the number of hops a packet
- can traverse before being dropped. As with IPv5 TTL, IPv6 Hop Limit
+ can traverse before being dropped. As with IPv4 TTL, IPv6 Hop Limit
tries to avoid a situation in which undeliverable datagrams keep being
forwarded from one router to another endlessly.
<replaceable>hops</replaceable> must be a number in the range [0-255].
@@ -1864,7 +1864,7 @@
<para>
In most cases Nping sends packets at raw IP level. This means that Nping
- creates its own IP packets and trasmits them through a raw socket. However,
+ creates its own IP packets and transmits them through a raw socket. However,
in some cases it may be necessary to send packets at the raw Ethernet level.
This happens, for example, when Nping is run under Windows (as Microsoft
has disabled raw socket support since Windows XP SP2), or when Nping is
@@ -2286,7 +2286,7 @@
<varlistentry>
<term>
<option>-e <replaceable>name</replaceable></option>;
- <option>--interface <replaceable>name</replaceable></option> ( )
+ <option>--interface <replaceable>name</replaceable></option> (Set the network interface to be used)
<indexterm significance="preferred"><primary><option>--</option></primary></indexterm>
<indexterm significance="normal"><primary>ZZZZZZ</primary></indexterm>
</term>
@@ -2459,7 +2459,7 @@
<varlistentry>
<term>
- <option>-v [<replaceable>level</replaceable>]</option> (Increase or set verbosity level) .
+ <option>-v[<replaceable>level</replaceable>]</option> (Increase or set verbosity level) .
<indexterm significance="preferred"><primary><option>--verbosity</option></primary></indexterm>
<indexterm significance="normal"><primary>verbosity</primary></indexterm>
</term>
@@ -2525,7 +2525,7 @@
<varlistentry>
<term>
- <option>-q [<replaceable>level</replaceable>]</option> (Decrese verbosity level) .
+ <option>-q[<replaceable>level</replaceable>]</option> (Decrease verbosity level) .
<indexterm significance="preferred"><primary><option>-q</option></primary></indexterm>
<indexterm significance="normal"><primary>q</primary></indexterm>
</term>
@@ -2536,7 +2536,7 @@
levels of verbosity (-4 to 4). Every instance of -q decrements
verbosity level by one (from its default value, level 0).
Alternatively one can specify how many times should verbosity be
- decreased (e.g: -d2 sets verbosity level -2). For a detailed
+ decreased (e.g: -q2 sets verbosity level -2). For a detailed
description of the available levels, check documentation for
option "-v".
</para>
@@ -2548,7 +2548,7 @@
<varlistentry>
<term>
- <option>-d [<replaceable>level</replaceable>]</option> (Increase or set debugging level)
+ <option>-d[<replaceable>level</replaceable>]</option> (Increase or set debugging level)
<indexterm significance="preferred"><primary><option>--count</option></primary></indexterm>
<indexterm significance="normal"><primary>count</primary></indexterm>
</term>
@@ -2631,12 +2631,12 @@
<para>Like its author, Nping isn't perfect. But you can help make
it better by sending bug reports or even writing patches. If Nping
doesn't behave the way you expect, first upgrade to the latest
- version available from <ulink url="http://nmap.org"/>. If the problem
+ version available from <ulink url="http://nmap.org/nping"/>. If the problem
persists, do some research to determine whether it has already been
discovered and addressed. Try searching for the error message on our
search page at <ulink url="http://insecure.org/search.html"/> or at Google.
Also try browsing the <citetitle>nmap-dev</citetitle> archives at
- <ulink url="http://seclists.org/"/>.<indexterm significance="normal">
+ <ulink url="http://seclists.org/"/><indexterm significance="normal">
<primary><citetitle>nmap-dev</citetitle> mailing list</primary></indexterm>
Read this full manual page as
well. If nothing comes of this, mail a bug report to
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nping 0.1BETA2 Released Luis M. (Aug 21)
- Re: Nping 0.1BETA2 Released Dirk Loss (Aug 21)
- Re: Nping 0.1BETA2 Released Luis M. (Aug 23)
- Re: Nping 0.1BETA2 Released Dirk Loss (Aug 23)
- Re: Nping 0.1BETA2 Released Fyodor (Aug 23)
- Re: Nping 0.1BETA2 Released Luis M. (Aug 23)
- Re: Nping 0.1BETA2 Released Jack Grahl (Aug 21)
- Re: Nping 0.1BETA2 Released Dirk Loss (Aug 21)