Common Linux Network Tools: hping advanced host scanning, linuxhping
I have previously introduced the host scanning tool fping. For details, refer to my "common Linux network tool: fping host scanning".
Hping is a more advanced host scanning tool that supports TCP/IP packet construction and analysis. It can be used to scan active hosts when some firewall configurations or operators intercept ICMP packets.
Hping can also forge source IP addresses to initiate DDos attacks.
Hping Official Website: http://www.hping.org/
Compile and install hping source code
The source code of hping is hosted on GitHub at https://github.com/antirez/hping.
Compile and install commands:
wget https://github.com/antirez/hping/archive/master.zipunzip mastercd hping-masteryum install libpcap-devel./configuremakemake install
Hping depends on libpcap-devel, so you need to install it first. The following two problems may occur during make:
Error: libpcap_stuff.c: 20: 21: Error: net/bpf. h: No file or directory
Solution: ln-sf/usr/include/pcap-bpf.h/usr/include/net/bpf. h;
Problem:/usr/bin/ld: cannot find-ltcl
Solution: yum-y install tcl-devel;
Then enter:
make stripmake install
Hping common parameters
If the firewall or operator blocks ICMP, hping can initiate TCP detection on the specified target port. Common parameters:
-P port number-S: Send tcp syn Packet
-A sends the tcp ack packet
-A: Counterfeit source IP address
-- Flood should be sent as quickly as possible, with caution
Input example:
hping 192.168.2.224 -p 80 -Shping 192.168.2.224 -p 80 -A
hping 192.168.2.224 -p 80 -S -a 192.168.0.91
Record, for better yourself!