# hping -- am I doing it right?

## dE_logics

I'm trying to send fragmented IP packets to a test machine in a virtualized environment. These are my hping parameters (assuming I'm sending a 72 byte datagram in chunks of 24 bytes) - 

hping3 --count 1 -i u1 -V --id 62219 --ipproto 6 --morefrag -g 0 --destport 80 -S -d 24 $DEST

hping3 --count 1 -i u1 -V --id 62219 --ipproto 6 --morefrag -g 3 --destport 80 -S -d 24 $DEST

hping3 --count 1 -i u1 -V --id 62219 --ipproto 6 -g 6 --destport 80 -S -d 24 $DEST

I'm testing my understanding here so am I doing it right?.. will the packet be reassembled in the Destination?

----------

## dE_logics

The actual question is, which I'm really ambiguous about -- what should be the value of the protocol in this case. TCP is ok?

----------

## Yuu

Hi,

I'm not a network expert and I don't know hping well, but I'll try to answer to the things that I know : if you're sending a 72 byte datagram, it should be UDP (User Datagram Protocol), not TCP

also, I think that the destination machine will try to reassemble your packets

Surprisingly, I thought that hping can only send pings (it would be ICMP only), but it seems that I was wrong  :Embarassed: 

Also, you could use a network analyser (wireshark, tcpdump, etc) to check if your data is well sended/received.

Note for network experts : as I said, I could be wrong on some things that I said, correct me if that is the case.

----------

## dE_logics

Ok, I'll also try and set the proto to UDP. Apparently I did find a flaw. Hping was adding tcp headers also in the above listed commands, the following will not - 

hping3 --ttl 1200 --rawip --count 2 -i u1 -V --id 62219 --ipproto 6 --morefrag -g 0 -d 1400 -q --interface vboxnet0 $DEST

hping3 --ttl 1200 --rawip --count 2 -i u1 -V --id 62219 --ipproto 6 -g 174 -d 2 -q --interface vboxnet0 $DEST

Also I've changed the data size here... 1400 bytes which is reasonable.

According to RFC specifications, the ipproto should be UDP if the encapsulated protocol is UDP. I've set it to TCP (6) cause I want the destination to assume it to be TCP (with some data bytes).

----------

## dE_logics

Basically I want the receiving host to tell me if the fragmented packets are ok or not... a sort of packet checker.

----------

