hping or lightweight freeware to test Tcp_timestamps

I don't want wireshark or heavyweight tools but could not find hping for Windows (XP & Win 7)
anymore.

Q1:
Where can I get hping for Win XP & 7 ?

Q2:
I have an old nmap for windows but can nmap test if Tcp_timestamp has been disabled?
Any other lightweight freeware for Windows to test this?
sunhuxAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
1. looks like it si not readily available and not update since 2005 from the forum. there are a few couple with src and tar based but not the windows though. I believe Backtrack has that too e.g. hping3. Or even nessus plugin tcp_timestamps.nasl

2. Better to see if nping will help  http://nmap.org/nping/ (or if open to linux, tcptest https://code.google.com/p/tcptest/). Specifically nmap has shared in the uptime (http://www.exploresecurity.com/testing-for-tcp-ip-timestamps/) aspect
The uptime guess is labeled a “guess” because various factors can make it completely inaccurate. Some operating systems do not start the timestamp counter at zero, but initialize it with a random value, making extrapolation to zero meaningless. Even on systems using a simple counter starting at zero, the counter eventually overflows and wraps around. With a 1,000 Hz counter increment rate, the counter resets to zero roughly every 50 days. So a host that has been up for 102 days will appear to have been up only two days. Even with these caveats, the uptime guess is accurate much of the time for most operating systems, so it is printed when available, but only in verbose mode. The uptime guess is omitted if the target gives zeros or no timestamp options in its SYN/ACK packets, or if it does not reply at all. The line is also omitted if Nmap cannot discern the timestamp increment rate or it seems suspicious (like a 30-year uptime).
Not all operating systems send TCP timestamps unless incoming TCP SYN packets will have this option enabled. http://ithitman.blogspot.sg/2013/02/enabling-tcp-timestamp-linux-and-windows.html
sunhuxAuthor Commented:
Hping.org is not around anymore.  Got nping but did not quite figure how it can be used to scan for tcp timestamp.  Havent manage to locate a windows copy of hping3
btanExec ConsultantCommented:
indeed, probably looking at baacktrack CD will help to retrieve but i doubt you find the windows exe. it seems the most "accurate" tool so far is hping. better to go into running in it linux form else the packet capture analysis based on wireshark is another (though not straightforward) means
Discover the Answer to Productive IT

Discover app within WatchGuard's Wi-Fi Cloud helps you optimize W-Fi user experience with the most complete set of visibility, troubleshooting, and network health features. Quickly pinpointing network problems will lead to more happy users and most importantly, productive IT.

sunhuxAuthor Commented:
Will nmap be able to do this (ie detect if Tcp timestamping is enabled or off) ?
sunhuxAuthor Commented:
The closest I get with nmap:

D:\nmap-4.62>nmap |find/i "timestamp"
  -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes


D:\nmap-4.62>nmap -PP localhost

Starting Nmap 4.62 ( http://nmap.org ) at 2014-11-20 01:12
Skipping SYN Stealth Scan against localhost (127.0.0.1) because Windows does not
 support scanning your own machine (localhost) this way.
0 ports scanned on localhost (127.0.0.1)

Nmap done: 1 IP address (1 host up) scanned in 0.328 seconds
btanExec ConsultantCommented:
Check this out as it tested for uptime using nmap, snmpwalk and rsysinfo (and also hping3)
https://maciejkola.wordpress.com/security-tips-2/why-uptime-can-be-dangerous/
NMAP
root@tester# nmap -v -O victim.com
Starting Nmap 6.01 ( http://nmap.org ) at 2012-09-25 20:29 CEST
Initiating Ping Scan at 20:29
(…) Uptime guess: 15.414 days (since Mon Sep 10 10:23:32 2012)

Open in new window

SNMP:

root@tester# snmpwalk -v 1 -c public victim.com .1.3.6.1.2.1.25.1.1.0
iso.3.6.1.2.1.25.1.1.0 = Timeticks: (156851524) 18 days, 3:41:55.24

Open in new window

RPC:

root@tester# rsysinfo victim.com
System Information for: victim.com

uptime:   18 days,  6:27, load average: 0.04 0.03 0.00

Open in new window

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sunhuxAuthor Commented:
The syntax I have for my Windows version of snmpwalk & nmap don't have those options
btanExec ConsultantCommented:
it is better then to get the non windows instead since hping is already not avail as well. I saw another tool called nemesis that is a network packet crafting and injection utility for UNIX-like and Windows systems. I did not explore further though
http://nemesis.sourceforge.net/
http://nemesis.sourceforge.net/manpages/nemesis-icmp.1.html
http://nemesis.sourceforge.net/manpages/nemesis-tcp.1.html
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.