Generally, I prefer to use nmap command for ICMP network scanning to probe all my network devices. By finding out unprotected devices you can improve network security and troubleshoot network problems. Recently, I discovered a cool utility called sing. It allows you to sends ICMP packets fully customized from command line. It allows you to do ICMP network scanning. Now you must be wondering, why perform ICMP network scanning? You can troubleshoot many network related problems without leaving your desk. For example,
- Find out using record route IP option to see the route that takes to vpn.nixcraft.in
- Find out remote server / network device operating system
- Diagnosing data-dependent problems in a network
- Test firewall security for invalid and garbage ICMP packets
- ICMP message types that generate responses from target routers / firewalls / IDS and other hosts
- Try to spoof router address and see how overall network reacts and many other things
This tool is not for a new UNIX / Linux user. It requires some sort of understanding for Internet hosts – communication layers and ICMP router discovery messages etc.
sing allows you to replace the ping command but adding certain enhancements. From the man page:
The main purpose is to replace the niceful ping command with certain enhancenments as the ability to send/read IP spoofed packets, send MAC spoofed packets, send in addition to the ECHO REQUEST type sent by default, many other ICMP types as Echo Reply, Address Mask Request, Timestamp, Information Request,Router Solicitation and Router Advertisement.
Install sing utility
Type the following command at a shell prompt:
$ sudo apt-get install sing
Note: Redhat (RHEL) / CentOS / Fedora Linux user, grab sing rpm here.
sing command examples
Let us see some real life examples. Please note that sing command requires root level privileged access.
Task: Send broadcast ICMP echo request messages
$ sudo sing -echo 192.168.1.255
#sing -echo 192.168.1.255
Task: Usual ping command
$ sing 192.168.1.1
Task: Using Record Route IP Option to see the route that takes to vpn.nixcraft.in
# sing -R vpn.nixcraft.in
Task: See if server.nixcraft.in is running the Solaris OS
# sing -mask -O server.nixcraft.in
Task: Send ICMP timestamp request messages
# sing -tstamp 10.1.3.77
Task: Test routing – Useful for diagnosing data-dependent problems in a network
Send echos with data pattern IsSiNg and fragments of 8 bytes to the host dc2box.nixcraft.in using loose source routing via router1.mum.vsnl.nixcraft.in and router1.blr.vsnl.nixcraft.in:
# sing -p IsSiNg -F 8 email@example.com@dc2box.nixcraft.in
Task: send ICMP address mask request messages (used to find out a host network mask)
# sing -mask 10.1.2.22
This tool offers tons of other options, I recommend reading man page for more information.
- ICMP Protocol Wikipedia page
- man page sing
- sing project home page