「nping」の版間の差分
提供: セキュリティ
(相違点なし)
|
2014年2月9日 (日) 17:44時点における最新版
nping とは、パケットジェネレータツール/pingユーティリティです。
読み方
- nping
- えぬ ぴんぐ
概要
npingは、ネットワークパケットジェネレーション、レスポンスの分析とレスポンスタイムの計測を行うオープンソースのツールです。幅広いプロトコルのプロトコルヘッダーフィールドを操作したネットワークパケットを作成できます。npingは、アクティブなホストを検出するシンプルなpingユーティリティとしても使うことができますが、ネットワークスタックストレステスト、ARPポイズニング(ARP Poisoning),DoS攻撃, ルートトレース、その他の目的のためのrawパケットジェネレーターとしても使用できます。
加えて、npingは、"Echo Mode"(エコーモード)と呼ばれる特別なオペレーションモードを提供します。送信したパケットと戦法で受信されたパケットの違いを公開し、通信中の変更を調査できます。
インストール
nmapと一緒にインストールされます。nmap 5.50 以上をインストールしてください。
使い方
コマンドラインオプション
Nping 0.6.40 ( http://nmap.org/nping ) Usage: nping [Probe mode] [Options] {target specification} TARGET SPECIFICATION: Targets may be specified as hostnames, IP addresses, networks, etc. Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.*.1-24 PROBE MODES: --tcp-connect : Unprivileged TCP connect probe mode. --tcp : TCP probe mode. --udp : UDP probe mode. --icmp : ICMP probe mode. --arp : ARP/RARP probe mode. --tr, --traceroute : Traceroute mode (can only be used with TCP/UDP/ICMP modes). TCP CONNECT MODE: -p, --dest-port <port spec> : Set destination port(s). -g, --source-port <portnumber> : Try to use a custom source port. TCP PROBE MODE: -g, --source-port <portnumber> : Set source port. -p, --dest-port <port spec> : Set destination port(s). --seq <seqnumber> : Set sequence number. --flags <flag list> : Set TCP flags (ACK,PSH,RST,SYN,FIN...) --ack <acknumber> : Set ACK number. --win <size> : Set window size. --badsum : Use a random invalid checksum. UDP PROBE MODE: -g, --source-port <portnumber> : Set source port. -p, --dest-port <port spec> : Set destination port(s). --badsum : Use a random invalid checksum. ICMP PROBE MODE: --icmp-type <type> : ICMP type. --icmp-code <code> : ICMP code. --icmp-id <id> : Set identifier. --icmp-seq <n> : Set sequence number. --icmp-redirect-addr <addr> : Set redirect address. --icmp-param-pointer <pnt> : Set parameter problem pointer. --icmp-advert-lifetime <time> : Set router advertisement lifetime. --icmp-advert-entry <IP,pref> : Add router advertisement entry. --icmp-orig-time <timestamp> : Set originate timestamp. --icmp-recv-time <timestamp> : Set receive timestamp. --icmp-trans-time <timestamp> : Set transmit timestamp. ARP/RARP PROBE MODE: --arp-type <type> : Type: ARP, ARP-reply, RARP, RARP-reply. --arp-sender-mac <mac> : Set sender MAC address. --arp-sender-ip <addr> : Set sender IP address. --arp-target-mac <mac> : Set target MAC address. --arp-target-ip <addr> : Set target IP address. IPv4 OPTIONS: -S, --source-ip : Set source IP address. --dest-ip <addr> : Set destination IP address (used as an alternative to {target specification} ). --tos <tos> : Set type of service field (8bits). --id <id> : Set identification field (16 bits). --df : Set Don't Fragment flag. --mf : Set More Fragments flag. --ttl <hops> : Set time to live [0-255]. --badsum-ip : Use a random invalid checksum. --ip-options <S|R [route]|L [route]|T|U ...> : Set IP options --ip-options <hex string> : Set IP options --mtu <size> : Set MTU. Packets get fragmented if MTU is small enough. IPv6 OPTIONS: -6, --IPv6 : Use IP version 6. --dest-ip : Set destination IP address (used as an alternative to {target specification}). --hop-limit : Set hop limit (same as IPv4 TTL). --traffic-class <class> : : Set traffic class. --flow <label> : Set flow label. ETHERNET OPTIONS: --dest-mac <mac> : Set destination mac address. (Disables ARP resolution) --source-mac <mac> : Set source MAC address. --ether-type <type> : Set EtherType value. PAYLOAD OPTIONS: --data <hex string> : Include a custom payload. --data-string <text> : Include a custom ASCII text. --data-length <len> : Include len random bytes as payload. ECHO CLIENT/SERVER: --echo-client <passphrase> : Run Nping in client mode. --echo-server <passphrase> : Run Nping in server mode. --echo-port <port> : Use custom <port> to listen or connect. --no-crypto : Disable encryption and authentication. --once : Stop the server after one connection. --safe-payloads : Erase application data in echoed packets. TIMING AND PERFORMANCE: Options which take <time> are in seconds, or append 'ms' (milliseconds), 's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m, 0.25h). --delay <time> : Adjust delay between probes. --rate <rate> : Send num packets per second. MISC: -h, --help : Display help information. -V, --version : Display current version number. -c, --count <n> : Stop after <n> rounds. -e, --interface <name> : Use supplied network interface. -H, --hide-sent : Do not display sent packets. -N, --no-capture : Do not try to capture replies. --privileged : Assume user is fully privileged. --unprivileged : Assume user lacks raw socket privileges. --send-eth : Send packets at the raw Ethernet layer. --send-ip : Send packets using raw IP sockets. --bpf-filter <filter spec> : Specify custom BPF filter. OUTPUT: -v : Increment verbosity level by one. -v[level] : Set verbosity level. E.g: -v4 -d : Increment debugging level by one. -d[level] : Set debugging level. E.g: -d3 -q : Decrease verbosity level by one. -q[N] : Decrease verbosity level N times --quiet : Set verbosity and debug level to minimum. --debug : Set verbosity and debug to the max level. EXAMPLES: nping scanme.nmap.org nping --tcp -p 80 --flags rst --ttl 2 192.168.1.1 nping --icmp --icmp-type time --delay 500ms 192.168.254.254 nping --echo-server "public" -e wlan0 -vvv nping --echo-client "public" echo.nmap.org --tcp -p1-1024 --flags ack SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
単純な例
root@kali:~# nping yahoo.com Starting Nping 0.6.40 ( http://nmap.org/nping ) at 2014-02-09 17:42 JST SENT (0.1432s) ICMP [192.168.60.128 > 98.139.183.24 Echo request (type=8/code=0) id=45855 seq=1] IP [ttl=64 id=1842 iplen=28 ] SENT (1.1446s) ICMP [192.168.60.128 > 98.139.183.24 Echo request (type=8/code=0) id=45855 seq=2] IP [ttl=64 id=1842 iplen=28 ] RCVD (1.3776s) ICMP [98.139.183.24 > 192.168.60.128 Echo reply (type=0/code=0) id=45855 seq=2] IP [ttl=128 id=40620 iplen=28 ] SENT (2.1477s) ICMP [192.168.60.128 > 98.139.183.24 Echo request (type=8/code=0) id=45855 seq=3] IP [ttl=64 id=1842 iplen=28 ] RCVD (2.4029s) ICMP [98.139.183.24 > 192.168.60.128 Echo reply (type=0/code=0) id=45855 seq=3] IP [ttl=128 id=40621 iplen=28 ] SENT (3.1498s) ICMP [192.168.60.128 > 98.139.183.24 Echo request (type=8/code=0) id=45855 seq=4] IP [ttl=64 id=1842 iplen=28 ] RCVD (3.3806s) ICMP [98.139.183.24 > 192.168.60.128 Echo reply (type=0/code=0) id=45855 seq=4] IP [ttl=128 id=40622 iplen=28 ] SENT (4.1519s) ICMP [192.168.60.128 > 98.139.183.24 Echo request (type=8/code=0) id=45855 seq=5] IP [ttl=64 id=1842 iplen=28 ] RCVD (4.3839s) ICMP [98.139.183.24 > 192.168.60.128 Echo reply (type=0/code=0) id=45855 seq=5] IP [ttl=128 id=40623 iplen=28 ] Max rtt: 255.080ms | Min rtt: 230.604ms | Avg rtt: 237.577ms Raw packets sent: 5 (140B) | Rcvd: 4 (184B) | Lost: 1 (20.00%) Nping done: 1 IP address pinged in 4.39 seconds
root@kali:~# nping -c 1 --tcp -p 80,433 scanme.nmap.org google.com Starting Nping 0.6.40 ( http://nmap.org/nping ) at 2014-02-09 17:31 JST SENT (0.4563s) TCP 192.168.60.128:16345 > 74.207.244.221:80 S ttl=64 id=59863 iplen=40 seq=590054815 win=1480 RCVD (0.5976s) TCP 74.207.244.221:80 > 192.168.60.128:16345 SA ttl=128 id=40575 iplen=44 seq=1337686763 win=64240 <mss 1460> SENT (1.4576s) TCP 192.168.60.128:16345 > 74.207.244.221:433 S ttl=64 id=59863 iplen=40 seq=590054815 win=1480 SENT (2.4595s) TCP 192.168.60.128:16345 > 74.207.244.221:433 S ttl=64 id=59863 iplen=40 seq=590054815 win=1480 RCVD (2.8604s) TCP 74.207.244.221:433 > 192.168.60.128:16345 RA ttl=128 id=40576 iplen=40 seq=1909720671 win=64240 SENT (3.4615s) TCP 192.168.60.128:16345 > 173.194.117.166:433 S ttl=64 id=59863 iplen=40 seq=590054815 win=1480 Statistics for host scanme.nmap.org (74.207.244.221): | Probes Sent: 2 | Rcvd: 2 | Lost: 0 (0.00%) |_ Max rtt: 400.760ms | Min rtt: 140.655ms | Avg rtt: 270.707ms Statistics for host google.com (173.194.117.166): | Probes Sent: 2 | Rcvd: 0 | Lost: 2 (100.00%) |_ Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A Raw packets sent: 4 (160B) | Rcvd: 2 (92B) | Lost: 2 (50.00%) Nping done: 2 IP addresses pinged in 4.46 seconds