hping wiki

Differences for page What's hping

Current version compared with version Wed May 19 04:26:04 GMT 2004

...
- Hping is a software to send raw TCP/IP packets of many different kinds and see the reply coming back from the host.
- Version two was a unix command with an interface very similar to the [ping] program, but just with many more features:
- more protocols (not only [ICMP]), traceroute mode, many options to control different fields of outgoing packets,
- support for IP spoofing, and so on.
- 
- 
- Since version 3, that's now in alpha stage, hping is trying to not be just a little tool but to become a framework
- for scripting related to [TCP/IP] testing and security. [hping3] continue to be command-line compatible with [hping2], but
- integrates two main new things: the first is an engine called [APD] that is able to translate simple to write packet
- descriptions in form of strings into a packet ready to be sent, and the reverse (generate the representation from
+ since version 3, that's now in alpha stage, hping is trying to not be just a little tool but to become a framework
+ for scripting related to [TCP/IP] testing and security. [hping3] continues to be command-line compatible with [hping2], but
+ integrates two main new things: the first is an engine called [APD] that is able to translate simple  packet
+ descriptions in the form of strings into a packet ready to be sent, and the reverse (generate the representation from
  a real packet). The second is the [Tcl] scripting language. So you can imagine hping3 as a scriptable TCP/IP stack.
  
- The following is a very little hping3 script that may help better specify what's the usage philosofy:
+ The following is a very little hping3 script that may help demonstrate the usage philosophy::
  
   set srcaddr 192.168.1.5
   foreach destaddr {1.2.3.4 100.101.102.103} {
...
  more secure instead to spend a lot of time rewriting again and again the same low level, hard to debug, non interactive
  [C] code.
  
- ===For what hping2 was used in the past===
- -> traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.
- -> perform the [idle scan], but now it's implemented in [nmap] with an easy to use interface to the user.
- -> test firewalling rules.
- -> test [IDS]es.
- -> exploit known vulnerabilties of [TCP/IP] stacks.
- -> networking research.
- -> learn [TCP/IP] (hping was used in networking courses AFAIK).
- ===For what hping3 should be used===
- -> hping3 can be used to write real applications related to [TCP/IP] testing and security.
- -> automated firewalling tests.
- -> proof of concept exploits.
- -> networking and security research when there is the need to emulate complex [TCP/IP] behaviour.
+ ===hping2 was used (in the past) to...===
+ -> Traceroute/ping/probe hosts behind a firewall that blocks attempts using the standard utilities.
+ -> Perform the [idle scan] (now implemented in [nmap] with an easy user interface).
+ -> Test firewalling rules.
+ -> Test [IDS]es.
+ -> Exploit known vulnerabilties of [TCP/IP] stacks.
+ -> Networking research.
+ -> Learn [TCP/IP] (hping was used in networking courses AFAIK).
+ ===hping3 should be used to...===
+ -> Write real applications related to [TCP/IP] testing and security.
+ -> Automated firewalling tests.
+ -> Proof of concept exploits.
+ -> Networking and security research when there is the need to emulate complex [TCP/IP] behaviour.
  -> Prototype [IDS] systems.
- -> simple to use networking utilities with Tk interface.
- -> All the usage of hping2.
+ -> Simple to use networking utilities with Tk interface.
+ -> All the usage of hping2
  
- See Also: [hping3 API]+ See Also: [hping3 API]
+ 

The following is the old page content