Nmap Development mailing list archives
Some general questions about Nping/Ncat
From: David Lam <david () thedavid net>
Date: Thu, 29 Sep 2011 18:38:19 -0700
Hello all. Just a few questions about Nping/Ncat (v.0.5.61TEST1), would appreciate it someone can give me some insights into this. 1) It seems like Nping is having a hard time determining the adapter to use when one is on a static IP address (not assigned by DHCP). When Nping is run, it will report: Device used for target host x.x.x.x seems to be down. In addition, when more than one default gateways are available (e.g. LAN and WLAN), sometimes Nping will get the adapters mixed up (e.g. it will send packets out on the WLAN interface with the LAN's assigned IP address, rather than sending packets out the LAN interface with the LAN's assigned IP address.) 2) When using Nping to do a trace route (using --tr), is it possible to have Nping resolve the IP addresses just like a normal trace route would? I am currently using this command: nping --tcp -tr 4.2.2.1 -p 53 -delay 50ms -H In addition, in TCP traceroute mode, would it be possible to ask Nping to stop once it gets an SYN-ACK response back from the destination host rather than continuously hitting the host until the max TTL? 3) For ARP pings (nping --arp 192.168.0.1), RTT times are reported as N/A. Is this intended? 4) Nping's broadcast ping doesn't seem to work (maybe it is related to issue #1 I am having?) I can see the echo request go out and a lot of echo replies coming back in, but Nping isn't registering any of them (nping 192.168.0.255 --dest-mac ff:ff:ff:ff:ff:ff -c 1). When broadcast pings did work (I believe it was in an earlier version), I remember that it outputted a lot of statistics that were appended on the bottom. Is there a way to turn this off? Also, would it be at all possible to ping 224.0.0.1 from a Windows prespective? 5) Nping does not respect the --ws switch (nothing happens), which allows the Windows Scaling to be set. Is this only intended for Linux systems or is this no longer in use? (e.g. I can set the windows size to 1000 using --win 1000, but --win 1000 and --ws 8 also results in a TCP window size of 1000. The correct window scaling factor was not reported in the outbound SYN packet). 6) I was trying to diagnose a problem with a firewall which seemed to be dropping packets when TCP window scaling was turned on and the TCP window was almost zero (with dd for windows and ncat). Right now I know that it was due to a software bug in the firewall's firmware that were causing window miscalculations, but it would be nice if Ncat has implemented these following features: a. Ability to generate an infinite stream of random or zero data (just like /dev/urandom or /dev/zero in Linux, but usable within a command switch in Windows for send operations) b. Configurable receive / send buffer sizes (e.g. mimicking TCP ZeroWindow behavior) c. Stop sending data (and close connection) after 'x' (bytes/KB/MB/GB) of data. d. Send data at rate (k|M|G)bps. e. Connection statistics after the connection/session is ended (e.g. average speed, min and max speeds, data loss rates (retransmissions) in TCP mode) f. Ability to disable Nagle's algorithm? (or is Ncat not subject to Nagle?) g. Ability to set TCP window size and window scaling values. 7) Would it also be possible to include Data payloads in Nping's generated packets in ways that could solicit a reply (e.g. UDP DNS requests or BOOTP requests)? If so, how? Thanks all! Best, David _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Some general questions about Nping/Ncat David Lam (Sep 29)
- Re: Some general questions about Nping/Ncat Luis MartinGarcia. (Sep 30)
- Re: Some general questions about Nping/Ncat David Lam (Sep 30)
- Re: Some general questions about Nping/Ncat David Fifield (Sep 30)
- Re: Some general questions about Nping/Ncat David Lam (Sep 30)
- Re: Some general questions about Nping/Ncat Luis MartinGarcia. (Sep 30)