Fping

 < Day Day Up > 



The standard Ping program that comes with most every TCP/IP stack is designed to operate on a single host. While this is useful, using Ping to diagnose a large network can be a painstaking process. A user would have to issue separate commands for each host and wait for Ping to return the results.

Fping was born to resolve this issue. Fping, which stands for “fast pinger,” is a utility freely available for Unix from http://www.fping.com/. A Windows application that is similar to fping but not an identical port of the Unix fping is also available from http://www.kwakkelflap.com/ but is not covered in this chapter.

Implementation

Fping sends ICMP echo requests to a list of IP addresses, provided either on standard input or from a file, in a parallelized fashion. It sends out Pings in a “round-robin” fashion without waiting for a response. When responses are eventually returned, fping notes whether the host is alive or not and waits for more responses, all the while continuing its Ping sweep. This type of asynchronous operation allows fping to perform much better than a manual or scripted Ping of a large number of hosts. Before fping, Pinging an entire network would require writing a shell script to issue a Ping to each individual host, one at a time, and record the response. The Ping output from this script would still have to be sorted through and interpreted by the user. Fping not only gets the job done faster, but it interprets the Ping responses it receives and displays them in a report formatted to the user’s liking.

Following is a sampling of fping’s output after running it on a class C subnet of 192.168.1.0. By running the command fping –a –g 192.168.1.1 192.168.1.254 –s >hosts, we can see what other hosts are up and running on our subnet and save those IP addresses to a file called hosts. Additionally, the –s flag prints a summary of fping’s activity, as well as an indication of how long the scan took. If we added a –n flag to the command and the IP addresses resolved to hostnames, fping would have written the hostnames to the file instead of the IP addresses.

    254 targets       3 alive     251 unreachable       0 unknown addresses         143 timeouts     397 ICMP Echos sent       3 ICMP Echo Replies received     294 other ICMP received      0.10 ms (min round trip time)  0.62 ms (avg round trip time)  1.02 ms (max round trip time)  11.921 sec (elapsed real time)     [root@originix fping-2.4b_2_to]# cat hosts 192.168.1.1 192.168.1.100 192.168.1.101 

If we break down the command line further, the –a flag tells fping to tell us which hosts are alive via standard output. The –g flag replaces the gping utility (covered shortly) by generating the list of IP addresses for fping to scan. In this case, a list of IP addresses from 192.168.1.1 to 192.168.1.254 is fed to fping. In addition to the –g flag, fping can have its scan list of IP addresses fed in via standard input or specified in a file using the –f flag. A complete list of fping’s command-line options as of version 2.4b2, which you can access by typing fping at the command line, follows:

fping Options

Description

-a

Lists targets that responded

-A

Lists targets by address instead of hostname

-b <num>

Sends <num> bytes of data per ICMP packet (default 56)

-B <f>

Tells fping to wait <f> times longer for a reply after each successive failed request (default 1.5)

-c <num>

Number of pings to send to each target (default 1)

-C <num>

Same as above but prints additional statistics for each host

-e

Displays elapsed time on return packets

-f <file>

Reads the target list from <file> ( use “-” for standard input)

-g

Tells fping to generate a target list by specifying the start and end address (ex. ./fping -g 192.168.1.0 192.168.1.255) or an IP/subnet mask (ex. ./fping -g 192.168.1.0/24)

-i <num>

Interval (in milliseconds) to wait between pings (default 25)

-l

Sends pings forever

-m

Pings multiple interfaces on target host

-n

Displays targets by name (-d is equivalent)

-p <num>

Interval (in milliseconds) between pings to an individual target (in looping and counting modes, default 1000)

-q

Don’t show per-target/per-ping results

-Q <num>

Same as -q, but show summary every <num> seconds

-r <num>

When a host doesn’t respond, retries the host <num> times (default 3)

-s

Displays summary statistics

-t <num>

Timeout (in milliseconds) for individual targets (default 500)

-u

Displays targets that are unreachable

-v

Displays version number

In the past, the fping utility has been accompanied by a utility called gping. The gping utility takes care of the messy job of generating a large list of IP addresses for fping to scan. Imagine wanting to scan a class B network (65,534 hosts) and having to type in each IP address manually! You’d have to write a script to automate the process, which would be tedious and difficult for people without shell programming experience. The –g flag replicates gping’s functionality, strengthening fping as a stand-alone tool.

Note 

The gping utility mentioned here should not be confused with other utilities that share the “gping” name, like the Gnome Gping utility or the Graphical Ping tool from ispwizard.com.

The benefits of fping should be obvious. In around 10 seconds, we determined how many neighbors are currently on our LAN and what their IP addresses are, giving us the first vital piece of information necessary in mapping our network. But you should keep in mind that this tool can have the same benefits for nosey outsiders who are poking around looking for networks to harvest.



 < Day Day Up > 



Anti-Hacker Tool Kit
Anti-Hacker Tool Kit, Third Edition
ISBN: 0072262877
EAN: 2147483647
Year: 2004
Pages: 189

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net