Security testing with hping

Firewalls and Session State

Suppose you want to determine how well your firewall is able to record requests for Microsoft protocols across the network. To use hping3 to generate the packets for this test, issue the following commands:

hping -S -c 1 -p 139
hping -S -A -c 1 -p 139
hping -S -A -c 1 -p 135

These commands generate packets that the firewall – if its capability for maintaining state is working – will record. To verify this, you'll need to check the firewall's logs and use a packet sniffer.

Christmas Tree Packet

A Christmas tree packet [5] is a TCP packet that has almost every flag set, which is useful for bypassing firewalls and for launching various other forms of attack.

To create a Christmas tree packet using hping3, issue the following command:

hping3 -F -P -U -p 0

Firewalls and Time Stamps

In many cases, a firewall will automatically drop packets that don't have a time stamp. To add a time stamp to your packets, use the -timestamp option in your command:

hping3 -S -p 80 --tcp-timestamp

The results will help you determine whether you need to enable timestamp filtering on the firewall.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security Strategies

    Is your data safe? Are your borders protected? This month we examine some expert techniques for building more secure networks.

  • Tool Tips

    We review htop 2.0.1, Metastore 1.1.0, fgallery 1.8.1, UniversalCodeGrep 0.2.1, hping 3.0.0, and NitroShare 0.3.1. 

  • KTools: KMyFirewall

    Linux has a fantastic selection of firewalls for securing stand-alone computers or whole networks. Although you can use IPTables to set up a firewall, the configuration is often the most difficult step. KMyFirewall offers a powerful, user-friendly, GUI-based approach.

  • Wifislax

    Modern WiFi installations provide comfort, but they often have serious security problems. Wifislax offers an extensive collection of tools for checking the security of your wireless network.

  • Wifislax 4.6

    Almost every wireless LAN has some potential security weaknesses. The Wifislax Slackware derivative helps detect and eliminate them.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.