Defining Hping Packet Generator as a Security Tool

Hping is a tool system administrators can use to find and fix problems in their networks. You can also use it to think like a hacker and see what an intruder might see before launching an attack.

In today's environment, preventing an attack is much easier than recovering from one. Hping can help you in your prevention efforts.

To illustrate this point, here is an example of a situation where Hping could be useful.

A global ransomware attack in 2017 claimed at least 200,000 worldwide victims, and most were encouraged to pay their hackers huge sums to regain file access. As the investigation began, officials had no idea if the hackers still had access to sensitive files or if they'd left the area for more lucrative targets.

Prevent an attack like this with Hping2 commands, and you could save both your company's reputation and a great deal of money.

What is Hping? A detailed definition

Hping is a TCP/IP packet assembler and analyser. It receives IP data, de-packets that data, and moves it to the linked device in the reverse order. It works on systems such as Linus, Solaris, macOS, and Windows. While the tool is no longer in active development, plenty of people download and access it each day.

Hping works a bit like a standard ping command. Use that command, and you will:

  • Transmit. You will send an Internet Control Message Protocol (ICMP) echo request. 
  • Wait. The target for your ping should return your message. 
  • Analyse. You'll get a great deal of data, including information about how many bytes were sent, how many arrived, and how long the trip took.
  • Repeat. You'll go through this process a few times, just to ensure the connection remains consistent.

Use Hping, and you'll send a similar message as outlined above. But you'll be able to send more information with each request.

Hping requests allow you to build and send custom TCP/IP packets. You'll get replies in return to test Layer 3 connectivity between devices. Layer 3 offers switching and routing technologies to create logical paths to transmit data from place to place. A Layer 3 switch works a bit like both a switch and a router. You typically use it for very fast connections between systems.

Hping also allows you to spoof the source IP address, so your message can seem as though it appears from almost anywhere. It may even seem like a random note that you can’t make sense of. And this functionality makes Hping a hacker's dream.

Can Hping commands help you understand hackers?

To a hacker, accurate information is critical. The more they know about your system and how it works, the more effective their attacks. They need to know about your vulnerabilities, your gaps, and your systems. Hping commands help them quite a bit. But that same tool helps you too.

Run Hping commands on your own system, and you'll see just what hackers see when they run tests on your system to check for vulnerabilities.

Hackers say they use Hping to find out about your:

  • Operating system
  • Open ports
  • Running services 
  • Installed and running applications

You could watch for unusual scans and requests. Or, you could do what some system administrators suggest and use the tool against your own system. Find out where you're vulnerable, and you're a step ahead of hackers.

Get help with Okta

Understanding your threats is just part of your job as a system administrator. You must also patch and amend any problems you find. If coding isn't your strong suit, this work can seem intimidating.

Let Okta help. Learn more about Okta ThreatInsight or all the ways you can secure every identity at your organisation.

References

How to Catch Hackers? Old-School Sleuthing, With a Digital Twist. (May 2017). The New York Times.

Home. Hping.

To Catch a Hacker: Toward a Comprehensive Strategy to Identify, Pursue, and Punish Malicious Cyber Actors. (October 2018). Third Way.

Using hping3 for Reconnaissance. Hackers Arise.

SolutionBase: See What Hackers See With This Utility. (April 2004). TechRepublic.