search for: hping

Hi all, We want to do some stress testing of firewall configurations/hardware. We have discovered hping that seems a great tool for this, but funny enough Shorewall cuts it !!! even when you leave ports open :) So besides hping, any tool for this? Why is shorewall cutting this traffic? Thanks in advance. Regards. -- Jaime Nebrera - jnebrera@eneotecnologia.com Consultor TI - ENEO Tecnologia SL...

Hi, I have been doing some tests using hping2 and TCP SYN pings targeting local and remote hosts from two FreeBSD 4.7-RELEASE-p10 and one Linux 2.4.18 host. The three machines have the same hardware configuration and have been running for 6 months now. The average load isnt too high (usually 0.01 to 0.15) on the FreeBSD machines. Her...

The following patch allows the network tests to pass with hvm support enabled. More specifically: 02_network_local_ping_pos.py REASON: ping loopback failed for size 65507. ping eth0 failed for size 65507. (but all other size pings work) 05_network_dom0_ping_pos.py REASON: Ping to dom0 failed for size 65507. (but all other size pings work) 11_network_domU_ping_pos.py passes 100% (even the large

...2.168.1.69.11111 > 192.168.1.72.56789: UDP, length: 64 14:27:16.073875 IP 192.168.1.69.11111 > 192.168.1.72.56789: UDP, length: 64 Note there are both src and dst ports are not being changed within time. How to reproduce the bug: ~~~~~~~~~~~~~~~~~~~~~~~~~ 1) reproduce network setup. 2) use hping to emulate netflow stream: # hping -d 64 -2 -s 11111 -k -p 56789 -i u10000 192.168.1.72 3) start tcpdump on NAT_box and ensure you're receiving traffic 4) ensure no iptables/conntrack/nat relevant modules loaded 5) modprobe ip_conntrack 6) ensure conntrack captured this stream: # grep 192.168.1...

...ReportedBy: Mitsuaki_Shiraishi at symantec.com Estimated Hours: 0.0 Iptables on Ubuntu 13.10 cannot block outbound packets sent by Nessus. [TESTED ENVIRONMENT] * Iptables v1.4.18 * Ubuntu 13.10 on x86_64 (Kali Linux 1.0.5 64bit may also be affected) * Nessus 5.2.4 * Nmap 6.40 * Hping3 3.0.0-alpha-2 * Local ip: 192.168.2.100 * Remote ip: 192.168.2.99 [FINDING] Iptables cannot block outbound packets sent by local Nessus daemon. Setting OUTPUT chain's policy DROP and appending rule that ACCEPT loopback interface should be block any outbound packets through eth1. Howeve...

...following: http://seclists.org/lists/bugtraq/2001/Mar/0285.html ---------------- Obviously, the netfilter nat code breaks nmap while using the -O flag or using decoy options. The (sendto in send_tcp_raw: sendto....) error is a symptom of this. It also breaks other packet shaping utilities such as hping, etc., so this does not appear to be an nmap problem. I don't believe the connection tracking portion of netfilter is to blame in this case. In my tests the connection tracking code, whether it was loaded as a module or built statically into the kernel, didn't seem to get in the way. T...

Hi! I am trying to use hping to chek the latency of our network. Somehow things are not going to plan and I thought someone might be able to shed some light on the subject. Here is the setup: (the IP addresses gvien here are fake, but they do represent the correct state of the networking setup) vlan interface IP...

hi list :) its been a long since I''m looking for a tool that can : generate traffic in all protocols ( the ability to send customized and standard (example : syn/ack) to target ) control over Ip Diagram ability to do Denial of service attack ! ( I''m not looking to crack anything , but i need to test my own setup with it ) the ability to work without its own server ( like

...ics: 50 packets transmitted, 49 received, 2% packet loss, time 49496ms rtt min/avg/max/mdev = 9.308/13.126/33.307/4.851 ms Everything would be great, but the quality isn't good enough. I have 2mb/512kb DSL line, on which voice calls are working muuch better. I've checked it on many ways. Hping tells me, that the average UDP packet loss rate is about 8-15%. Is that too much for IAX retransmissions ability? I've setup jitter with default settings from iax.conf, but the quality remains almost the same - it's still tooo jiiiiitttteery every few seconds. I ran out of ways to test it....

Hi there, I am getting very low throughput (around 0.29Mbps) while running netperf benchmark for guest to guest communication on a single physical host. To analyse where the time is spent in hypervisor I wanna use profiling. Please help me choosing good profiler according to my requirments. Should it be better in my case, Xentrace, gprof, xenoprof  or Oprofile. Is it possible to use some vtune

Hi there, I am getting very low throughput (around 0.29Mbps) while running netperf benchmark for guest to guest communication on a single physical host. To analyse where the time is spent in hypervisor I wanna use profiling. Please help me choosing good profiler according to my requirments. Should it be better in my case, Xentrace, gprof, xenoprof  or Oprofile. Is it possible to use some vtune

Dear all, I am running IPSEC and l2tpd in FreeBSD 4.9. I am able to connect from WindowsXP to this FreeBSD box . I am also able to ping the Hosts behind the IPSEC gateway, connect to internal ftp servers, browse intranet websites etc. However I am not able to browse network shares (windows and samba both). It does prompts for Username/password when we try to access directly , but it will

i think our strategy for privsep is to just keep portable sync'd closely with openbsd's tree, even though things will be broken wrt privsep for many platforms. then we just get primary one's working and work out issues as we go along. i'll start to work on sun and hp-ux again tomorrow.

Greetings, I have a routing problem I am hoping can be solved. I have three networks. A Private network, and a dual network the private network connects too. The internal network talks through a gateway/router(linux redhat 7.2) that has a default route set that allows the internal network to talk to a computer on the external networks. The external network is a Redundant network scheme in

Am 15.05.2015 um 18:17 schrieb Gordon Messmer <gordon.messmer at gmail.com>: > On 05/15/2015 09:02 AM, Leon Fauster wrote: >> >> I have a public peer system (yy.yy.yy.yy) that is reachable >> via my home uplink (xx.xx.xx.xxx). >> >> 15:59:30.244199 IP xx.xx.xx.xxx.42958 > yy.yy.yy.yy.https: tcp 0 >> 15:59:30.281931 IP yy.yy.yy.yy.https >

...group of the user. This patch fixes only the cases I met. Here is an up to date chroot patch for 2.5.2p2 too. And the most important : thanks to all developers of such a great tools. Regards, Denis Ducamp. -- Denis.Ducamp at hsc.fr --- Herv? Schauer Consultants --- http://www.hsc.fr/ snort, hping & dsniff en fran?ais : http://www.groar.org/~ducamp/#sec-trad Du bon usage de ... http://usenet-fr.news.eu.org/fr-chartes/rfc1855.html Netiquette Guidelines .... http://www.pasteur.fr/infosci/RFC/18xx/1855 -------------- next part -------------- diff -ur openssh-2.5.2p2.orig/auth-rhosts.c op...

...A OUTPUT -m state -p icmp --state INVALID -j DROP Example =3D=3D=3D=3D=3D=3D=3D Let's take a machine (172.16.1.40) that DNAT port 666 to 172.16.3.26:22 : iptables -t nat -A PREROUTING -p tcp --dport 666 -j DNAT --to 172.16.3.26:22 Then if a host sends a packet that will die on 172.16.1.40 : hping -t 1 --syn -p 666 172.16.1.40 This is the icmp packet we'll get from 172.16.1.40 : 17:07:46.709230 172.16.1.40 > 172.16.1.28: icmp: time exceeded in-transit 0x0000 45c0 0044 eaa6 0000 ff01 75f1 ac10 0128 E..D......u....( 0x0010 ac10 0118 0b00 516d 0000 0000...

OpenSSH 3.2.2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Security Changes: ================= - fixed buffer overflow

Hi everyone, today I got an e-mail from a company claiming that my server is doing port scans on their firewall machine. I found that hard to believe so I started checking the box. The company rep told me that the scan was originating at port 80 with destination port 8254 on their machine. I couldn't find any hints as to why that computer was subject to the alleged port scans. Searching