Security testing with hping

Firewalls and Session State

Suppose you want to determine how well your firewall is able to record requests for Microsoft protocols across the network. To use hping3 to generate the packets for this test, issue the following commands:

hping www.acme.net -S -c 1 -p 139
hping www.acme.net -S -A -c 1 -p 139
hping www.acme.net -S -A -c 1 -p 135

These commands generate packets that the firewall – if its capability for maintaining state is working – will record. To verify this, you'll need to check the firewall's logs and use a packet sniffer.

Christmas Tree Packet

A Christmas tree packet [5] is a TCP packet that has almost every flag set, which is useful for bypassing firewalls and for launching various other forms of attack.

To create a Christmas tree packet using hping3, issue the following command:

hping3 -F -P -U 10.44.45.15 -p 0

Firewalls and Time Stamps

In many cases, a firewall will automatically drop packets that don't have a time stamp. To add a time stamp to your packets, use the -timestamp option in your command:

hping3 -S 72.14.207.99 -p 80 --tcp-timestamp

The results will help you determine whether you need to enable timestamp filtering on the firewall.

« Previous 1 2 3 4 5 Next »

Our Services

Read full article as PDF » 038-041_hping.pdf  (443.94 kB)
comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF » 038-041_hping.pdf  (443.94 kB)

Tag Cloud

Android Bruce Byfield Gnome KDE Linux Pro Magazine Open Source Projects Red Hat Ubuntu events foss free software google linux

News