How to use the hping3 command on Linux to ping websites with TCP SYN packets instead of ICMP.

Posted: October 14, 2013. At: 6:39 PM. This was 4 years ago. Post ID: 6431
Page permalink.
WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters. These cookies expire two weeks after they are set.

This posting will explain the workings of the hping3 command. This is a command that may be run as the superuser to ping a website with TCP packets instead of the default ICMP packets used by the ping command.

This is an example; I am sending some TCP SYN packets to the http://hackthissite.com to ping the website.

root@neo:/home/homer# hping3 hackthissite.com -S -p 80 -c 3
HPING hackthissite.com (wlan0 64.95.64.190): S set, 40 headers + 0 data bytes
len=44 ip=64.95.64.190 ttl=45 DF id=0 sport=80 flags=SA seq=0 win=14600 rtt=267.9 ms
len=44 ip=64.95.64.190 ttl=45 DF id=0 sport=80 flags=SA seq=1 win=14600 rtt=264.9 ms
len=44 ip=64.95.64.190 ttl=45 DF id=0 sport=80 flags=SA seq=2 win=14600 rtt=276.3 ms
 
--- hackthissite.com hping statistic ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 264.9/269.7/276.3 ms

This example shows me port scanning the Microsoft.com website using hping3. This is another good use of this command.

root@neo:/home/homer# hping3 microsoft.com -S --scan 80-300
Scanning microsoft.com (65.55.58.201), port 80-300
221 ports to scan, use -V to see all the replies
+----+-----------+---------+---+-----+-----+-----+
|port| serv name |  flags  |ttl| id  | win | len |
+----+-----------+---------+---+-----+-----+-----+
   80 http       : .S..A... 242 14629  8190    44
All replies received. Done.
Not responding ports: (81 ) (82 ) (83 ) (84 ) (85 ) (86 ) (87 link) (88 kerberos) (89 ) (90 ) (91 ) (92 ) (93 ) (94 ) (95 supdup) (96 ) (97 ) (98 linuxconf) (99 ) (100 ) (101 hostnames) (102 iso-tsap) (103 ) (104 acr-nema) (105 csnet-ns) (106 poppassd) (107 rtelnet) (108 ) (109 pop2) (110 pop3) (111 sunrpc) (112 ) (113 auth) (114 ) (115 sftp) (116 ) (117 uucp-path) (118 ) (119 nntp) (120 ) (121 ) (122 ) (123 ntp) (124 ) (125 ) (126 ) (127 ) (128 ) (129 pwdgen) (130 ) (131 ) (132 ) (133 ) (134 ) (135 loc-srv) (136 ) (137 netbios-ns) (138 netbios-dgm) (139 netbios-ssn) (140 ) (141 ) (142 ) (143 imap2) (144 ) (145 ) (146 ) (147 ) (148 ) (149 ) (150 ) (151 ) (152 ) (153 ) (154 ) (155 ) (156 ) (157 ) (158 ) (159 ) (160 ) (161 snmp) (162 snmp-trap) (163 cmip-man) (164 cmip-agent) (165 ) (166 ) (167 ) (168 ) (169 ) (170 ) (171 ) (172 ) (173 ) (174 mailq) (175 ) (176 ) (177 xdmcp) (178 nextstep) (179 bgp) (180 ) (181 ) (182 ) (183 ) (184 ) (185 ) (186 ) (187 ) (188 ) (189 ) (190 ) (191 prospero) (192 ) (193 ) (194 irc) (195 ) (196 ) (197 ) (198 ) (199 smux) (200 ) (201 at-rtmp) (202 at-nbp) (203 ) (204 at-echo) (205 ) (206 at-zis) (207 ) (208 ) (209 qmtp) (210 z3950) (211 ) (212 ) (213 ipx) (214 ) (215 ) (216 ) (217 ) (218 ) (219 ) (220 imap3) (221 ) (222 ) (223 ) (224 ) (225 ) (226 ) (227 ) (228 ) (229 ) (230 ) (231 ) (232 ) (233 ) (234 ) (235 ) (236 ) (237 ) (238 ) (239 ) (240 ) (241 ) (242 ) (243 ) (244 ) (245 ) (246 ) (247 ) (248 ) (249 ) (250 ) (251 ) (252 ) (253 ) (254 ) (255 ) (256 ) (257 ) (258 ) (259 ) (260 ) (261 ) (262 ) (263 ) (264 ) (265 ) (266 ) (267 ) (268 ) (269 ) (270 ) (271 ) (272 ) (273 ) (274 ) (275 ) (276 ) (277 ) (278 ) (279 ) (280 ) (281 ) (282 ) (283 ) (284 ) (285 ) (286 ) (287 ) (288 ) (289 ) (290 ) (291 ) (292 ) (293 ) (294 ) (295 ) (296 ) (297 ) (298 ) (299 ) (300 )

Of course we can just use the vanilla command to ping a website and get packets back; but this uses ICMP packets and some networks might not allow these through. I have a script that will allow you to ping through a proxy and get confirmation that a host is up.

Here is the post where I put a copy of the script for anyone to use.

http://www.securitronlinux.com/bejiitaswrath/common-errors-and-troubleshooting-commands-for-linux/. This script is very useful for pinging a host through a restrictive proxy and getting a response.

You can also use the tcpping command to ping a remote host. Just download the tcpping binary using this command.

[email protected]:~# wget http://www.vdberg.org/~richard/tcpping
--2013-10-14 18:13:16--  http://www.vdberg.org/~richard/tcpping
Resolving www.vdberg.org (www.vdberg.org)... 94.142.246.140, 2a02:898:62:f6::8c
Connecting to www.vdberg.org (www.vdberg.org)|94.142.246.140|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 3510 (3.4K)
Saving to: 'tcpping’
 
100%[=============================================================================================================================>] 3,510       --.-K/s   in 0.001s  
 
2013-10-14 18:13:19 (2.24 MB/s) - 'tcpping’ saved [3510/3510]

Then make the binary executable using chmod.

[email protected]:~# chmod 755 tcpping
[email protected]:~# ./tcpping hackthissite.com
seq 0: tcp response from hackthissite.com (64.95.64.190) [open]  372.014 ms
seq 1: tcp response from hackthissite.com (64.95.64.190) [open]  364.722 ms
seq 2: tcp response from hackthissite.com (64.95.64.190) [open]  324.132 ms
seq 3: tcp response from hackthissite.com (64.95.64.190) [open]  300.618 ms
seq 4: tcp response from hackthissite.com (64.95.64.190) [open]  780.365 ms
^C

That is how easy that is.

No comments have been made. Use this form to start the conversation :)

Leave a Reply