New Nping! Call for testers...

["Luis MartinGarcia." <luis.mgarc () gmail com>]

Hi!

I am glad to announce that the new version of Nping is ready to be
tested. This version is a major rewrite of important parts of the tool
and brings some new exciting functionality. Please see below for the
changelog.

To test it, run the following:

svn co https://svn.nmap.org/nmap-exp/luis/nmap-npingchanges
cd nmap-npingchanges
./configure && make
sudo make install

Please report any bugs you find. Any other kind of feedback will be
greatly appreciated.

Thank you and best regards,

Luis MartinGarcia.

=========
CHANGELOG
=========

[+] Added proper support for IPv6 and ICMPv6.
    $ sudo nping ::1
    $ sudo nping/nping ::1 --icmp6-type rr -vv
    $ sudo nping/nping ::1 --icmp6-type redir -vv
    $ sudo nping/nping ::1 --icmp6-type niq -vv
    $ sudo nping/nping ::1 --icmp6-type gmq -vv

[+] Added the ability to deal with IPv4 and IPv6 hosts at the same time.
    As far as I know, Nping is one of the first tools that is able to
    do that.
    $ sudo nping ::1 127.0.0.1

[+] Added the ability to handle multiple interfaces at the same time
    (for both sending and capturing packets). In other words, Nping
    may now send an receive packets to/from hosts that are reachable
    through different network interfaces in the same run. This includes
    the loopback interface.
    $ sudo nping scanme.nmap.org 127.0.0.1 192.168.1.1

[+] Added the ability to send more than one type of packet to each host.
    This lets us do things like an Nmap ping scan, and send TCP, ARP
    an ICMP on the same run.
    $ sudo nping scanme.nmap.org --icmp --tcp --udp

[+] Added the ability to use custom different ports for each packet.
    Basically it now lets user specify port ranges for TCP/UDP source
    ports. Such ports will be set in a round robin fashion.
    $ sudo nping scanme.nmap.org --tcp -p 78-82 -g 4550-4554

[+] Improve target address specification. Now if targets are supplied
    as IP addresses (IPv4 in dot-decimal notation, or IPv6 in the colon
    hexadecimal notation), it doesn't matter which address family is set
    globally. So even if users pass -6, if one of the targets is
    something like 74.207.254.18, IPv4 will be used for that target.
    Obviously, the same thing applies for '-4' and addresses like
    2600:3c01::f03c:91ff:fe96:967c.
    $ sudo nping 2a03:2880:10:cf01:face:b00c:: 66.220.149.88
    $ sudo nping -6 scanme.nmap.org 74.207.244.221

[+] Added the ability to request custom address family when resolving
    hostnames. If the ipv4:// prefix is prepended to the hostname, a
    DNS query for A records will be performed. If ipv6:// is used, then
    the query will be for AAAA records. Note that Nping can resolve
    IPv6 names even when there is no explicit IPv6 DNS server
    configured on the system (as long as the default IPv4 DNS server
    contains AAAA records).
    $ sudo nping scanme.nmap.org ipv6://google.com 192.168.1.1
    $ sudo nping ipv6://scanme.nmap.org ipv4://scanme.nmap.org

[+] Added the ability to inject payloads in TCP-Connect mode. This lets
    us do cool things like targeting a /16 on port 80 and injecting a
    payload of "GET / HTTP/1.0\r\n" to all hosts that have that port
    open.
    $ sudo nping --tcp-connect -p80 scanme.nmap.org -data \
      0x474554202f20485454502f312e300d0a0d0a

[+] Added the ability to read bytes sent by the targets in TCP-Connect
    mode. This is useful for services that send data automatically after
    they detect a new TCP connection (like the Nping Echo Server), or
    when when inject payloads into the TCP connection.
    $ sudo nping --tcp-connect -p9929 echo.nmap.org
      Starting Nping 0.6.02 ( http://nmap.org/nping ) at 2012-10-16
      SENT (0.0000s) Starting TCP Handshake > 74.207.244.221:9929
      RECV (0.1800s) Handshake with 74.207.244.221:9929 completed
      DATA (1.3160s) 96 bytes received from 74.207.244.221:9929

[+] Make Nping smarter about responses. Before, we just built a BPF
    filter and printed anything that got through the filter. Now, it has
    a matching engine that determines if a given captured packet is a
    response to a probe that it sent before. This works for TCP, UDP,
    etc., but also for all sorts of weird things like multicast
    listener discovery queries, ICMPv6 Router solicitations, ICMPv4
    timestamp requests, malformed packets, and so on.

[+] Improved the scheduling engine. Nping is now a lot more precise and
    keeps an accurate inter-packet delay (it takes into account the time
    it takes to do stuff, not only waits for X millisecs before sending
    the next packet). Note that due to limitations imposed by Nsock,
    this only works well for rates of less than 1000 packets per second,
    but it does offer a significant improvement over the old engine.

[+] Improved packet statistics. Now Nping provides accurate per-protocol
    statistics, even when targeting IPv4 and IPv6 hosts at the same
    time, sending multiple types of packets. Also for TCP connects()
    issued, connections accepted, unprivileged UPD reads and writes,
    etc.
        Statistics for host 173.194.34.0 (google.com):
         |_ Raw packets sent: 10 (340B) | Rcvd: 10 (360B) | Lost: 0
            (0.00%)
         |_ TCP packets sent: 5 | Rcvd: 5 | Lost: 0 (0.00%)
         |_ ICMPv4 packets sent: 5 | Rcvd: 5 | Lost: 0 (0.00%)
         |_ Max rtt: 33.473ms | Min rtt: 27.786ms | Avg rtt: 30.791ms
        Statistics for host 74.207.244.221 (scanme.nmap.org):
         |_ Raw packets sent: 10 (340B) | Rcvd: 10 (360B) | Lost: 0
            (0.00%)
         |_ TCP packets sent: 5 | Rcvd: 5 | Lost: 0 (0.00%)
         |_ ICMPv4 packets sent: 5 | Rcvd: 5 | Lost: 0 (0.00%)
         |_ Max rtt: 180.292ms | Min rtt: 167.251ms | Avg rtt: 174.430ms
        Raw packets sent: 20 (680B) | Rcvd: 20 (720B) | Lost: 0 (0.00%)
        TCP packets sent: 10 | Rcvd: 10 | Lost: 0 (0.00%)
        ICMPv4 packets sent: 10 | Rcvd: 10 | Lost: 0 (0.00%)
        Max rtt: 180.292ms | Min rtt: 27.786ms | Avg rtt: 102.609ms
        Tx time: 8.99956s | Tx bytes/s: 75.56 | Tx pkts/s: 2.22
        Rx time: 9.72190s | Rx bytes/s: 74.06 | Rx pkts/s: 2.06
        Nping done: 2 IP addresses pinged in 9.95 seconds

[+] Made Nping smarter when deciding how many millisecs should it wait
    for after the last sent packet, in order to receive a reply. Instead
    of waiting for a full interpacket delay, it now takes into account
    the maximum observed RTT and waits a decent amount of time to let
    slower replies reach Nping but without having to wait for a full
    inter-packet delay if it's not necessary.

[+] Fixed important bug in the Nping Echo Server. The IP Identification
    field in NEP_PACKET_SPEC packets was being sent in host byte order.
    The echo server was expecting network byte order and therefore, the
    Identification field was never being matched. Embarrassing...

[+] Improved the way we compute the display time for CAPT packets. Now
    we compute the CAPT time as follows: if we have a RCVD reply for the
    last SENT probe, we assume that the CAPT packet was captured at the
    server side (SENT_TIME+RCVD_TIME)/2 seconds ago. If we don't have
    any replies, we compute a fake RTT by using the time we got the
    NEP_ECHO message as the RCVD_TIME, and do the same calculation.

[+] Made Nping smarter about the protocol fields that need to vary for
    every packets (IPID, TCP Seq, TCP Ack, ICMP seq, etc).

[+] Added the ability to pass custom IPv4 fragment offsets.

[+] Added the ability to set the IPv4 reserved flag (X flag).

[+] Added the ability to manipulate checksums. Now --badsum and
    --badsum-ip for all protocols (TCP, UDP, ICMP, IPv4, IPv6). Also,
    it is now possible to and set custom checksum values from the
    command line.

[+] Added the ability to print link layer info (info from sent/rcvd
    Ethernet frames). This can be done by passing --show-eth

[+] Now, in low detail mode (the default), when the ACK flag is set,
    the value in the TCP Acknowledgment field gets printed out.

[+] Now, if users pass a hostname, it gets printed in the stats. Before,
    only the IP addresses were shown.

[+] Multiple minor bugfixes.

==========================
CHANGELOG (DEVELOPER SIDE)
==========================

[+] Rewritten the entire probe engine. ProbeMode:: is gone, now
    we have ProbeEngine::

[+] IPv4 and IPv6 addresses are now represented by a generic
    class: IPAddress. The class contains all kinds of helper
    methods, which make our life easier, letting us deal
    with both address versions in an easy way. Lot better
    than dealing with sockaddr_storage structs.

[+] MAC addresses are now represented by the generic class
    MACAddress.

[+] Target hosts are now represented by the TargetHost class.
    No more NpingTarget and NpingTargets classes. To simplify,
    several targets are handled just by using a regular array
    of TargetHost objects. No need for a a TargetHosts class.

[+] Added class NetworkInterface to represent network devices.

[+] Cleaned up NpingOps. Lots of useless and unused methods removed.

[+] Added HeaderTemplates. This is, code to express default values for
    protocol header fields.

[+] Added the ProtoField class, something that represents protocol
    fields and lets us do stuff like incrementing field values, setting
    random values, setting custom discrete values, etc. In future
    releases this will allow users to specify if any protocol field
    should be randomly generated, incremented by one for each packet,
    or take a set of discrete values. The functionality is there, we
    just need to modify the arg parser to let users access it.

[+] Some other code refactorings.


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/