инструмент генерации сетевых пакетов / утилита ping (Network packet generation tool / ping utility)
TCP MODE
-p port_spec, --dest-port port_spec (Target ports)
This option specifies which destination ports you want to
send probes to. It can be a single port, a comma-separated
list of ports (e.g. 80,443,8080), a range (e.g. 1-1023),
and any combination of those (e.g. 21-25,80,443,1024-2048).
The beginning and/or end values of a range may be omitted,
causing Nping to use 1 and 65535, respectively. So you can
specify -p- to target ports from 1 through 65535. Using port
zero is allowed if you specify it explicitly.
-g portnumber, --source-port portnumber (Spoof source port)
This option asks Nping to use the specified port as source
port for the TCP connections. Note that this might not work
on all systems or may require root privileges. Specified
value must be an integer in the range [0–65535].
--seq seqnumber (Sequence Number)
Specifies the TCP sequence number. In SYN packets this is the
initial sequence number (ISN). In a normal transmission this
corresponds to the sequence number of the first byte of data
in the segment. seqnumber must be a number in the range
[0–4294967295].
--flags flags (TCP Flags)
This option specifies which flags should be set in the TCP
packet. flags may be specified in three different ways:
1. As a comma-separated list of flags, e.g. --flags
syn,ack,rst
2. As a list of one-character flag initials, e.g. --flags
SAR tells Nping to set flags SYN, ACK, and RST.
3. As an 8-bit hexadecimal number, where the supplied number
is the exact value that will be placed in the flags field
of the TCP header. The number should start with the
prefix 0x and should be in the range [0x00–0xFF], e.g.
--flags 0x20 sets the URG flag as 0x20 corresponds to
binary 00100000 and the URG flag is represented by the
third bit.
There are 8 possible flags to set: CWR, ECN, URG, ACK, PSH,
RST, SYN, and FIN. The special value ALL means to set all
flags. NONE means to set no flags. It is important that if
you don't want any flag to be set, you request it explicitly
because in some cases the SYN flag may be set by default.
Here is a brief description of the meaning of each flag:
CWR (Congestion Window Reduced)
Set by an ECN-Capable sender when it reduces its
congestion window (due to a retransmit timeout, a fast
retransmit or in response to an ECN notification.
ECN (Explicit Congestion Notification)
During the three-way handshake it indicates that sender
is capable of performing explicit congestion
notification. Normally it means that a packet with the IP
Congestion Experienced flag set was received during
normal transmission. See RFC 3168 for more information.
URG (Urgent)
Segment is urgent and the urgent pointer field carries
valid information.
ACK (Acknowledgement)
The segment carries an acknowledgement and the value of
the acknowledgement number field is valid and contains
the next sequence number that is expected from the
receiver.
PSH (Push)
The data in this segment should be immediately pushed to
the application layer on arrival.
RST (Reset)
There was some problem and the sender wants to abort the
connection.
SYN (Synchronize)
The segment is a request to synchronize sequence numbers
and establish a connection. The sequence number field
contains the sender's initial sequence number.
FIN (Finish)
The sender wants to close the connection.
--win size (Window Size)
Specifies the TCP window size, this is, the number of octets
the sender of the segment is willing to accept from the
receiver at one time. This is usually the size of the
reception buffer that the OS allocates for a given
connection. size must be a number in the range [0–65535].
--badsum (Invalid Checksum)
Asks Nping to use an invalid TCP checksum for the packets
sent to target hosts. Since virtually all host IP stacks
properly drop these packets, any responses received are
likely coming from a firewall or an IDS that didn't bother to
verify the checksum. For more details on this technique, see
https://nmap.org/p60-12.html
