Annotation of embedaddon/hping2/NEWS, revision 1.1
1.1 ! misho 1: This short document is for users of hping-beta54 or prior versions
! 2: and helps to exploit all the new features of this hping2 release in a
! 3: short time. You may want to read the new man page anyway but the
! 4: following will help for sure:
! 5:
! 6: === release candidate 3 news
! 7:
! 8: In this release a nasty bug with the checksum code was fixed.
! 9: If you experimented strange problems like some kind of packet
! 10: generated with a wrong checksum try this version.
! 11:
! 12: Try the --scan option in the command line to see the port-scanner features.
! 13:
! 14: Example of the --scan option usage:
! 15:
! 16: # hping3 --scan known 1.2.3.4
! 17:
! 18: Scanning 1.2.3.4 (1.2.3.4), port known
! 19: 245 ports to scan, use -V to see all the replies
! 20: +----+-----------+---------+---+-----+-----+-----+
! 21: |port| serv name | flags |ttl| id | win | len |
! 22: +----+-----------+---------+---+-----+-----+-----+
! 23: 9 discard : .S..A... 64 0 32767 44
! 24: 13 daytime : .S..A... 64 0 32767 44
! 25: 21 ftp : .S..A... 64 0 32767 44
! 26: 22 ssh : .S..A... 64 0 32767 44
! 27: 25 smtp : .S..A... 64 0 32767 44
! 28: 37 time : .S..A... 64 0 32767 44
! 29: 80 www : .S..A... 64 0 32767 44
! 30: 111 sunrpc : .S..A... 64 0 32767 44
! 31: 113 auth : .S..A... 64 0 32767 44
! 32: 631 ipp : .S..A... 64 0 32767 44
! 33: 3306 mysql : .S..A... 64 0 32767 44
! 34: 6000 x11 : .S..A... 64 0 32767 44
! 35: 6667 ircd : .S..A... 64 0 3072 44
! 36: All replies received. Done.
! 37: Not responding ports:
! 38:
! 39: Check the man page for more information on the scan mode.
! 40:
! 41: === release candidate 2 news
! 42:
! 43: . Now hping is able to send/parse source routed IP headers.
! 44: See the manpage for more info.
! 45:
! 46: . Hping was almost rewrote, at least all the most important parts.
! 47: You should experiment a more readable, compact, fast to compile
! 48: code.
! 49:
! 50: . The new option parsing code allows you to specify abbreviated
! 51: options. you can now use for example --tcp-ti instead of --tcp-timestamp
! 52: and so on.
! 53:
! 54: . The new feature rand-dest allows to send the packet to random
! 55: IP addresses. This is very useful to do some Internet survey
! 56: or large subnet random scanning.
! 57:
! 58: For example the follow command line will send TCP packets with the
! 59: SYN flag on to the port 80 of the 192.168.0.0/16 address space:
! 60:
! 61: hping 192.168.x.x --rand-dest -p 80 -S
! 62:
! 63: Every occurrence of 'x' is substituted with a random number
! 64: in the 0-255 range.
! 65:
! 66: . The new feature rand-source allows to send packets with random
! 67: source addresses. Useful to test some DoS condition against firewalls
! 68: or TCP/IP stacks that implements some per-IP basis information
! 69: recording.
! 70:
! 71: . The output was enhanced and fixed a bit.
! 72:
! 73: . The "force incremental dest port" option (++<port>) now works with UDP
! 74: packets and works better with TCP, since it is more selective
! 75: with the incoming responses.
! 76:
! 77: . Now you should be really able to set the sequence and acknowledge
! 78: number of the TCP packets. The rc1 code was broken because
! 79: atoi() was used to get a long unsigned value.
! 80:
! 81: . The documentation (and the french translation) was updated
! 82: to reflect the changes.
! 83:
! 84: === release candidate 1 news
! 85:
! 86: . Now hping works better on BSD, and works on Solaris. It should
! 87: be many times simplest to port it to an unsupported platform.
! 88: Problems with systems that uses 32bit pids are now fixed.
! 89:
! 90: . The output is different to be more parseable and compact, example:
! 91:
! 92: len=46 ip=192.168.1.1 flags=RA DF seq=0 ttl=255 id=0 win=0 rtt=0.5 ms
! 93:
! 94: now the presence of the Don't fragment IP flag is signaled with 'DF'.
! 95: all the fields with a value are in the form 'field=value'.
! 96:
! 97: . To specify the outgoing interface with -I is no longer needed,
! 98: hping will try to detect the right interface according to the
! 99: system routing table. Of course you can override it using -I.
! 100:
! 101: . Instead to specify -i u10000 to get a speed of ten packets for second
! 102: you can just use --fast.
! 103:
! 104: . Now --traceroute (-T) implies --ttl 1. You can override this using --ttl.
! 105:
! 106: . Using hping as traceroute you have now RTT informations about the
! 107: hops.
! 108:
! 109: . You can monitor a specific hop in traceroute mode, using the following
! 110: syntax:
! 111:
! 112: hping2 -T www.yahoo.com --tr-keep-ttl --ttl 5
! 113:
! 114: see the output:
! 115:
! 116: HPING www.yahoo.com (ippp0 64.58.76.177): NO FLAGS are set, 40 headers + 0 dat
! 117: a bytes
! 118: 5->TTL 0 during transit from 144.232.234.57 (sl-gw18-nyc-2-2.sprintlink.net)
! 119: 5->RTT was: 136.9 ms
! 120: 5->TTL 0 during transit from 144.232.234.57 (sl-gw18-nyc-2-2.sprintlink.net)
! 121: 5->RTT was: 136.8 ms
! 122: 5->TTL 0 during transit from 144.232.234.57 (sl-gw18-nyc-2-2.sprintlink.net)
! 123: 5->RTT was: 136.9 ms
! 124: 5->TTL 0 during transit from 144.232.234.57 (sl-gw18-nyc-2-2.sprintlink.net)
! 125: 5->RTT was: 136.7 ms
! 126:
! 127: --- www.yahoo.com hping statistic ---
! 128: 4 packets tramitted, 0 packets received, 100% packet loss
! 129: round-trip min/avg/max = 136.7/136.8/136.9 ms
! 130:
! 131: you get only information about the 5 hop, after Ctrl+C the round-trip
! 132: min/avg/max is calculated using the rtt of this hop.
! 133:
! 134: . Using the option --tr-stop you can obtain that hping will exit
! 135: when the first matching packet that isn't an ICMP time exceeded
! 136: in transit is received, like the original traceroute. Without
! 137: this hping continue to send packets to the target host forever.
! 138:
! 139: . You can use --tr-no-rtt to suppress the rtt information in traceroute
! 140: mode.
! 141:
! 142: . With the --tcp-timestamp feature you can guess the uptime of some
! 143: remote systems. Example:
! 144:
! 145: HPING www.hping.org (ippp0 192.70.106.166): S set, 40 headers + 0 data bytes
! 146: 56 bytes from 192.70.106.166: flags=SA seq=0 ttl=49 id=28881 win=16080 rtt=105.0 ms
! 147: TCP timestamp: 258597761
! 148:
! 149: 56 bytes from 192.70.106.166: flags=SA seq=1 ttl=49 id=28882 win=16080 rtt=105.4 ms
! 150: TCP timestamp: 258597860
! 151: HZ seems 100
! 152: System uptime seems: 29 days, 22 hours, 19 minutes, 38 seconds
! 153:
! 154: 56 bytes from 192.70.106.166: flags=SA seq=2 ttl=49 id=28883 win=16080 rtt=105.1 ms
! 155: TCP timestamp: 258597960
! 156: HZ seems 100
! 157: System uptime seems: 29 days, 22 hours, 19 minutes, 39 seconds
! 158:
! 159:
! 160: --- www.hping.org hping statistic ---
! 161: 3 packets tramitted, 3 packets received, 0% packet loss
! 162: round-trip min/avg/max = 105.0/105.2/105.4 ms
! 163:
! 164: As you can see the first reply does not contain any uptime information
! 165: since at least two packets are needed to estimate the increment frequency
! 166: of the timestamp timer (that is HZ in the output).
! 167:
! 168: . You can now use ICMP timestamp and address subnet mask requests.
! 169: Two shortcut are provided to use they: --icmp-ts and --icmp-addr.
! 170:
! 171: . Now the sequence number handling is revisited to allow hping to
! 172: show the right rtt info even if the sequence number overflows.
! 173:
! 174: . Now hping should never (hopefully) SIGBUS on sparc.
! 175:
! 176: I hope you will find hping better to use and more powerful, these enhancements
! 177: were implemented thanks to many people that helped a lot with code and
! 178: new ideas, see the CHANGES file for more information and credits.
! 179:
! 180: have fun,
! 181: antirez
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to NEWS CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / hping2