Solved

hping or lightweight freeware to test Tcp_timestamps

Posted on 2014-11-14
8
168 Views
Last Modified: 2014-12-28
I don't want wireshark or heavyweight tools but could not find hping for Windows (XP & Win 7)
anymore.

Q1:
Where can I get hping for Win XP & 7 ?

Q2:
I have an old nmap for windows but can nmap test if Tcp_timestamp has been disabled?
Any other lightweight freeware for Windows to test this?
0
Comment
Question by:sunhux
  • 4
  • 4
8 Comments
 
LVL 62

Assisted Solution

by:btan
btan earned 500 total points
ID: 40443972
1. looks like it si not readily available and not update since 2005 from the forum. there are a few couple with src and tar based but not the windows though. I believe Backtrack has that too e.g. hping3. Or even nessus plugin tcp_timestamps.nasl

2. Better to see if nping will help  http://nmap.org/nping/ (or if open to linux, tcptest https://code.google.com/p/tcptest/). Specifically nmap has shared in the uptime (http://www.exploresecurity.com/testing-for-tcp-ip-timestamps/) aspect
The uptime guess is labeled a “guess” because various factors can make it completely inaccurate. Some operating systems do not start the timestamp counter at zero, but initialize it with a random value, making extrapolation to zero meaningless. Even on systems using a simple counter starting at zero, the counter eventually overflows and wraps around. With a 1,000 Hz counter increment rate, the counter resets to zero roughly every 50 days. So a host that has been up for 102 days will appear to have been up only two days. Even with these caveats, the uptime guess is accurate much of the time for most operating systems, so it is printed when available, but only in verbose mode. The uptime guess is omitted if the target gives zeros or no timestamp options in its SYN/ACK packets, or if it does not reply at all. The line is also omitted if Nmap cannot discern the timestamp increment rate or it seems suspicious (like a 30-year uptime).
Not all operating systems send TCP timestamps unless incoming TCP SYN packets will have this option enabled. http://ithitman.blogspot.sg/2013/02/enabling-tcp-timestamp-linux-and-windows.html
0
 

Author Comment

by:sunhux
ID: 40445612
Hping.org is not around anymore.  Got nping but did not quite figure how it can be used to scan for tcp timestamp.  Havent manage to locate a windows copy of hping3
0
 
LVL 62

Assisted Solution

by:btan
btan earned 500 total points
ID: 40445644
indeed, probably looking at baacktrack CD will help to retrieve but i doubt you find the windows exe. it seems the most "accurate" tool so far is hping. better to go into running in it linux form else the packet capture analysis based on wireshark is another (though not straightforward) means
0
 

Author Comment

by:sunhux
ID: 40452871
Will nmap be able to do this (ie detect if Tcp timestamping is enabled or off) ?
0
Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

 

Author Comment

by:sunhux
ID: 40452898
The closest I get with nmap:

D:\nmap-4.62>nmap |find/i "timestamp"
  -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes


D:\nmap-4.62>nmap -PP localhost

Starting Nmap 4.62 ( http://nmap.org ) at 2014-11-20 01:12
Skipping SYN Stealth Scan against localhost (127.0.0.1) because Windows does not
 support scanning your own machine (localhost) this way.
0 ports scanned on localhost (127.0.0.1)

Nmap done: 1 IP address (1 host up) scanned in 0.328 seconds
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40453946
Check this out as it tested for uptime using nmap, snmpwalk and rsysinfo (and also hping3)
https://maciejkola.wordpress.com/security-tips-2/why-uptime-can-be-dangerous/
NMAP
root@tester# nmap -v -O victim.com
Starting Nmap 6.01 ( http://nmap.org ) at 2012-09-25 20:29 CEST
Initiating Ping Scan at 20:29
(…) Uptime guess: 15.414 days (since Mon Sep 10 10:23:32 2012)

Open in new window

SNMP:

root@tester# snmpwalk -v 1 -c public victim.com .1.3.6.1.2.1.25.1.1.0
iso.3.6.1.2.1.25.1.1.0 = Timeticks: (156851524) 18 days, 3:41:55.24

Open in new window

RPC:

root@tester# rsysinfo victim.com
System Information for: victim.com

uptime:   18 days,  6:27, load average: 0.04 0.03 0.00

Open in new window

0
 

Author Comment

by:sunhux
ID: 40496578
The syntax I have for my Windows version of snmpwalk & nmap don't have those options
0
 
LVL 62

Assisted Solution

by:btan
btan earned 500 total points
ID: 40497404
it is better then to get the non windows instead since hping is already not avail as well. I saw another tool called nemesis that is a network packet crafting and injection utility for UNIX-like and Windows systems. I did not explore further though
http://nemesis.sourceforge.net/
http://nemesis.sourceforge.net/manpages/nemesis-icmp.1.html
http://nemesis.sourceforge.net/manpages/nemesis-tcp.1.html
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This video will demonstrate how to find the puppet warp tool from the edit menu and where to put the points to edit.
Video by: Tony
This video teaches viewers how to export a project from Adobe Premiere Pro and the various file types involved.

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now