mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-08 06:48:28 +00:00
26f0460098
hping3 is a command-line oriented TCP/IP packet assembler/analyzer. This port is significantly modified version of already existing older port net/hping but hping3 has more useful features like IP options LSRR/SSRR etc. net/hping3 does not conflict with net/hping due to different names of installed files and both utilities may be installed same time.
218 lines
8.8 KiB
Groff
218 lines
8.8 KiB
Groff
--- docs/hping3.8.orig 2004-06-18 09:53:13 UTC
|
|
+++ docs/hping3.8
|
|
@@ -1,8 +1,8 @@
|
|
-.TH HPING2 8 "2001 Aug 14"
|
|
+.TH HPING3 8 "2001 Aug 14"
|
|
.SH NAME
|
|
-hping2 \- send (almost) arbitrary TCP/IP packets to network hosts
|
|
+hping3 \- send (almost) arbitrary TCP/IP packets to network hosts
|
|
.SH SYNOPSIS
|
|
-.B hping2
|
|
+.B hping3
|
|
[
|
|
.B \-hvnqVDzZ012WrfxykQbFSRPAUXYjJBuTG
|
|
] [
|
|
@@ -116,11 +116,11 @@ hostname
|
|
.br
|
|
.ad
|
|
.SH DESCRIPTION
|
|
-hping2 is a network tool able to send custom TCP/IP packets and to
|
|
-display target replies like ping program does with ICMP replies. hping2
|
|
+hping3 is a network tool able to send custom TCP/IP packets and to
|
|
+display target replies like ping program does with ICMP replies. hping3
|
|
handle fragmentation, arbitrary packets body and size and can be used in
|
|
order to transfer files encapsulated under supported protocols. Using
|
|
-hping2 you are able to perform at least the following stuff:
|
|
+hping3 you are able to perform at least the following stuff:
|
|
|
|
- Test firewall rules
|
|
- Advanced port scanning
|
|
@@ -136,7 +136,7 @@ hping2 you are able to perform at least
|
|
- A lot of others.
|
|
|
|
.IR "It's also a good didactic tool to learn TCP/IP" .
|
|
-hping2 is developed and maintained by antirez@invece.org and is
|
|
+hping3 is developed and maintained by antirez@invece.org and is
|
|
licensed under GPL version 2. Development is open so you can send
|
|
me patches, suggestion and affronts without inhibitions.
|
|
.SH HPING SITE
|
|
@@ -158,7 +158,7 @@ or
|
|
.I -c --count count
|
|
Stop after sending (and receiving)
|
|
.I count
|
|
-response packets. After last packet was send hping2 wait COUNTREACHED_TIMEOUT
|
|
+response packets. After last packet was send hping3 wait COUNTREACHED_TIMEOUT
|
|
seconds target host replies. You are able to tune COUNTREACHED_TIMEOUT editing
|
|
hping2.h
|
|
.TP
|
|
@@ -171,9 +171,9 @@ to X seconds, --interval uX set
|
|
.I wait
|
|
to X micro seconds.
|
|
The default is to wait
|
|
-one second between each packet. Using hping2 to transfer files tune this
|
|
+one second between each packet. Using hping3 to transfer files tune this
|
|
option is really important in order to increase transfer rate. Even using
|
|
-hping2 to perform idle/spoofing scanning you should tune this option, see
|
|
+hping3 to perform idle/spoofing scanning you should tune this option, see
|
|
.B HPING2-HOWTO
|
|
for more information.
|
|
.TP
|
|
@@ -195,13 +195,13 @@ Quiet output. Nothing is displayed excep
|
|
startup time and when finished.
|
|
.TP
|
|
.I -I --interface interface name
|
|
-By default on linux and BSD systems hping2 uses default routing interface.
|
|
+By default on linux and BSD systems hping3 uses default routing interface.
|
|
In other systems or when there is no default route
|
|
-hping2 uses the first non-loopback interface.
|
|
-However you are able to force hping2 to use the interface you need using
|
|
+hping3 uses the first non-loopback interface.
|
|
+However you are able to force hping3 to use the interface you need using
|
|
this option. Note: you don't need to specify the whole name, for
|
|
example -I et will match eth0 ethernet0 myet1 et cetera. If no interfaces
|
|
-match hping2 will try to use lo.
|
|
+match hping3 will try to use lo.
|
|
.TP
|
|
.I -V --verbose
|
|
Enable verbose output. TCP replies will be shown as follows:
|
|
@@ -211,7 +211,7 @@ tos=0 iplen=40 seq=0 ack=1380893504 sum=
|
|
.TP
|
|
.I -D --debug
|
|
Enable debug mode, it's useful when you experience some problem with
|
|
-hping2. When debug mode is enabled you will get more information about
|
|
+hping3. When debug mode is enabled you will get more information about
|
|
.B interface detection, data link layer access, interface settings, options
|
|
.B parsing, fragmentation, HCMP protocol
|
|
and other stuff.
|
|
@@ -223,30 +223,30 @@ so you will able to increment/decrement
|
|
CTRL+Z once or twice.
|
|
.TP
|
|
.I -Z --unbind
|
|
-Unbind CTRL+Z so you will able to stop hping2.
|
|
+Unbind CTRL+Z so you will able to stop hping3.
|
|
.TP
|
|
.I --beep
|
|
Beep for every matching received packet (but not for ICMP errors).
|
|
.SH PROTOCOL SELECTION
|
|
-Default protocol is TCP, by default hping2 will send tcp headers to target
|
|
+Default protocol is TCP, by default hping3 will send tcp headers to target
|
|
host's port 0 with a winsize of 64 without any tcp flag on. Often this
|
|
is the best way to do an 'hide ping', useful when target is behind
|
|
a firewall that drop ICMP. Moreover a tcp null-flag to port 0 has a good
|
|
probability of not being logged.
|
|
.TP
|
|
.I -0 --rawip
|
|
-RAW IP mode, in this mode hping2 will send IP header with data
|
|
+RAW IP mode, in this mode hping3 will send IP header with data
|
|
appended with --signature and/or --file, see also --ipproto that
|
|
allows you to set the ip protocol field.
|
|
.TP
|
|
.I -1 --icmp
|
|
-ICMP mode, by default hping2 will send ICMP echo-request, you can set
|
|
+ICMP mode, by default hping3 will send ICMP echo-request, you can set
|
|
other ICMP type/code using
|
|
.B --icmptype --icmpcode
|
|
options.
|
|
.TP
|
|
.I -2 --udp
|
|
-UDP mode, by default hping2 will send udp to target host's port 0.
|
|
+UDP mode, by default hping3 will send udp to target host's port 0.
|
|
UDP header tunable options are the following:
|
|
.B --baseport, --destport, --keep.
|
|
.TP
|
|
@@ -288,11 +288,11 @@ at this additional information when you
|
|
shows interesting details.
|
|
.TP
|
|
.I -9 --listen signature
|
|
-HPING2 listen mode, using this option hping2 waits for packet that contain
|
|
+HPING3 listen mode, using this option hping3 waits for packet that contain
|
|
.I signature
|
|
and dump from
|
|
.I signature
|
|
-end to packet's end. For example if hping2 --listen TEST reads a packet
|
|
+end to packet's end. For example if hping3 --listen TEST reads a packet
|
|
that contain
|
|
.B 234-09sdflkjs45-TESThello_world
|
|
it will display
|
|
@@ -347,7 +347,7 @@ of outgoing packets, it's likely that yo
|
|
or
|
|
.B --bind
|
|
options. If in doubt try
|
|
-.BR "" "`" "hping2 some.host.com -t 1 --traceroute" "'."
|
|
+.BR "" "`" "hping3 some.host.com -t 1 --traceroute" "'."
|
|
.TP
|
|
.I -N --id
|
|
Set ip->id field. Default id is random but if fragmentation is turned on
|
|
@@ -361,7 +361,7 @@ Set the ip protocol in RAW IP mode.
|
|
.I -W --winid
|
|
id from Windows* systems before Win2k has different byte ordering, if this
|
|
option is enable
|
|
-hping2 will properly display id replies from those Windows.
|
|
+hping3 will properly display id replies from those Windows.
|
|
.TP
|
|
.I -r --rel
|
|
Display id increments instead of id. See the
|
|
@@ -445,7 +445,7 @@ Alias for --icmptype 17 (to send ICMP ad
|
|
.SH TCP/UDP RELATED OPTIONS
|
|
.TP
|
|
.I -s --baseport source port
|
|
-hping2 uses source port in order to guess replies sequence number. It
|
|
+hping3 uses source port in order to guess replies sequence number. It
|
|
starts with a base source port number, and increase this number for each
|
|
packet sent. When packet is received sequence number can be computed as
|
|
.IR "replies.dest.port - base.source.port" .
|
|
@@ -485,7 +485,7 @@ This option can be used in order to coll
|
|
by target host. This can be useful when you need to analyze whether
|
|
TCP sequence number is predictable. Output example:
|
|
|
|
-.B #hping2 win98 --seqnum -p 139 -S -i u1 -I eth0
|
|
+.B #hping3 win98 --seqnum -p 139 -S -i u1 -I eth0
|
|
.nf
|
|
HPING uaz (eth0 192.168.4.41): S set, 40 headers + 0 data bytes
|
|
2361294848 +2361294848
|
|
@@ -540,8 +540,8 @@ Set Ymas tcp flag.
|
|
.SH COMMON OPTIONS
|
|
.TP
|
|
.I -d --data data size
|
|
-Set packet body size. Warning, using --data 40 hping2 will not generate
|
|
-0 byte packets but protocol_header+40 bytes. hping2 will display
|
|
+Set packet body size. Warning, using --data 40 hping3 will not generate
|
|
+0 byte packets but protocol_header+40 bytes. hping3 will display
|
|
packet size information as first line output, like this:
|
|
.B HPING www.yahoo.com (ppp0 204.71.200.67): NO FLAGS are set, 40 headers + 40 data bytes
|
|
.TP
|
|
@@ -577,9 +577,9 @@ will be resent. For example in order to
|
|
A to host B you may use the following:
|
|
.nf
|
|
.I [host_a]
|
|
-.B # hping2 host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd
|
|
+.B # hping3 host_b --udp -p 53 -d 100 --sign signature --safe --file /etc/passwd
|
|
.I [host_b]
|
|
-.B # hping2 host_a --listen signature --safe --icmp
|
|
+.B # hping3 host_a --listen signature --safe --icmp
|
|
.fi
|
|
.TP
|
|
.I -u --end
|
|
@@ -590,10 +590,10 @@ accept more packets. Please, for more in
|
|
.BR HPING2-HOWTO .
|
|
.TP
|
|
.I -T --traceroute
|
|
-Traceroute mode. Using this option hping2 will increase ttl for each
|
|
+Traceroute mode. Using this option hping3 will increase ttl for each
|
|
.B ICMP time to live 0 during transit
|
|
received. Try
|
|
-.BR "hping2 host --traceroute" .
|
|
+.BR "hping3 host --traceroute" .
|
|
This option implies --bind and --ttl 1. You can override the ttl of 1
|
|
using the --ttl option. Since 2.0.0 stable it prints RTT information.
|
|
.TP
|
|
@@ -601,7 +601,7 @@ using the --ttl option. Since 2.0.0 stab
|
|
Keep the TTL fixed in traceroute mode, so you can monitor just one hop
|
|
in the route. For example, to monitor how the 5th hop changes or
|
|
how its RTT changes you can try
|
|
-.BR "hping2 host --traceroute --ttl 5 --tr-keep-ttl" .
|
|
+.BR "hping3 host --traceroute --ttl 5 --tr-keep-ttl" .
|
|
.TP
|
|
.I --tr-stop
|
|
If this option is specified hping will exit once the first packet
|