Send ICMP Nasty Garbage Packets to Network Hosts With sing Utility

Generally, I prefer to use nmap command for ICMP network scanning to probe all my network devices. By finding out unprotected devices you can improve network security and troubleshoot network problems. Recently, I discovered a cool utility called sing. It allows you to sends ICMP packets fully customized from command line. It allows you to do ICMP network scanning. Now you must be wondering, why perform ICMP network scanning? You can troubleshoot many network related problems without leaving your desk. For example,


  1. Find out using record route IP option to see the route that takes to
  2. Find out remote server / network device operating system
  3. Diagnosing data-dependent problems in a network
  4. Test firewall security for invalid and garbage ICMP packets
  5. ICMP message types that generate responses from target routers / firewalls / IDS and other hosts
  6. Try to spoof router address and see how overall network reacts and many other things

This tool is not for a new UNIX / Linux user. It requires some sort of understanding for Internet hosts – communication layers and ICMP router discovery messages etc.

sing utility

sing allows you to replace the ping command but adding certain enhancements. From the man page:
The main purpose is to replace the niceful ping command with certain enhancenments as the ability to send/read IP spoofed packets, send MAC spoofed packets, send in addition to the ECHO REQUEST type sent by default, many other ICMP types as Echo Reply, Address Mask Request, Timestamp, Information Request,Router Solicitation and Router Advertisement.

Install sing utility

Type the following command at a shell prompt:
$ sudo apt-get install sing
Note: Redhat (RHEL) / CentOS / Fedora Linux user, grab sing rpm here.

sing command examples

Let us see some real life examples. Please note that sing command requires root level privileged access.

Task: Send broadcast ICMP echo request messages

$ sudo sing -echo
#sing -echo

Task: Usual ping command

$ sing

Task: Using Record Route IP Option to see the route that takes to

# sing -R

Task: See if is running the Solaris OS

# sing -mask -O

Task: Send ICMP timestamp request messages

# sing -tstamp

Task: Test routing – Useful for diagnosing data-dependent problems in a network

Send echos with data pattern IsSiNg and fragments of 8 bytes to the host using loose source routing via and
# sing -p IsSiNg -F 8

Task: send ICMP address mask request messages (used to find out a host network mask)

# sing -mask
This tool offers tons of other options, I recommend reading man page for more information.

Recommended Readings:

🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source & DevOps topics via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04

1 comment… add one
  • mark Nov 27, 2015 @ 11:05

    Does not work anymore at least on 64 bit RH7

    [root@bfs-x4150-24-xm5 ~]# ping -c 1
    PING ( 56(84) bytes of data.
    64 bytes from ( icmp_seq=1 ttl=55 time=15.4 ms ping statistics —
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 15.409/15.409/15.409/0.000 ms

    [root@bfs-x4150-24-xm5 ~]# sing
    SING: Unable to select an interface to route throughout

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.