What is Ping Sweep

Hello friends, In our hacking class that was help on Sunday, we have discussed several things like how to find an IP address( that i already explained in detail), the other term that we discussed is Ping Sweep. Today i will share what is ping sweep and how it helps in reconnaissance or simply information gathering phase. We will cover all topics that were discussed in CME hacking class in detail everyday. So keep reading..

What is Ping Sweep? 
First of all you should know what is ping, Ping is basically a system's network based utility which is used to identify that host is alive or dead or technically you can call it as echo reply. By alive i mean that host( computer, system, network, website etc..) is active and by dead means host is in shutdown mode.
Note: Anything can be a host like website, computer system, printer, network or any device.

Now what is Ping Sweep, basically ping sweep is basically a information gathering technique which is used to identify live hosts by pinging them. Let's understand it more technically, Ping Sweep is also called Ping scan or ICMP sweep (Internet Control message protocol) or 2 way handshake protocol. It is two way handshake protocol because one host sends data(packets) and other host validates the data and return the acknowledgement (basically packets) that ping is successful or not. 

Ping Sweep can be used for several purposes:
1. Normal Ping Sweep
Once we have the IP address of the host we can ping that IP address and check whether host is alive or not. Once the packets are received correctly then it confirms that host is alive and we can proceed our attack further on the host (or Victim). 
For normal Ping sweep there are lot of tools available, some are fping, gping, Nmap or you can directly do this using looping shell script on both windows and linux platforms. 
Below how its done on windows:
Go to START ---> RUN ---> CMD ----> then type PING 127.0.0.1 (IP address of host).
Below is snapshot of PING:
Sample of Successful ping Sweep


2. Flood Pinging : 
Its a kind of denial of service attack, it occurs when you flood a lot of pings to a website or simply a host. This results in that normal or legitimate user will not be able to access that website because every host (website or victim network) has certain maximum capacity limit when flooding of pings cross that limit, it jams the network and host stops responding. This is done by making automated scripts or you can directly do this using flood pinging software's like server attack etc. Flood pinging is sometimes also called ping of death as it make the host behaves like a dead host which does not respond to anything.
Note: This will work only if attackers bandwidth is more than host. But doing this in groups can do the trick.

Normally what happens, only few website owners opts for unlimited bandwidth plans as they are too costly. So they opt for plans like 10Gb bandwidth etc. Now if you do this from your 2 or 4 Mbps connections its vain. But when you do this in group means now suppose you and your group has 20 members. Now if you launch the same attack from 20 computers having 2 Mbps connection means 40 mbps at a time. But now you are thinking bandwidth is 10Gb and we only reached 40mbps, here the trick, hackers creates multiple connections around 1000 from one PC and 20 means 20000 connections at a time. What this will result, it will slowdown websites database and other functionality and website will stop responding.
For doing this on victim( means an IP address of PC), what you need is just a connection faster than him, if you don't have do that in group.

Flood Pinging is highly helpful in Session Hijacking, that i will explain laterzzz so keep reading and keep learning, as learning is the only key to become a elite.

I hope you all liked this post, if you have any queries ask me in form of comments..



14 comments:

  1. Thnx Sir.....Sir kindly publish Latest phisher package(gmail,hotmail,yahoo)..regards

    ReplyDelete
  2. to improve running this type of attack i would normally increase the packet size and set a -t value to give a better understanding of how this command can be used here are the options available under windows cmd

    Options:
    -t Ping the specified host until stopped.
    To see statistics and continue - type Control-Break;
    To stop - type Control-C.

    -a Resolve addresses to hostnames.

    -n count Number of echo requests to send.

    -l size Send buffer size.

    -f Set Don't Fragment flag in packet (IPv4-only).

    -i TTL Time To Live.

    -v TOS Type Of Service (IPv4-only. This setting has been deprecated
    and has no effect on the type of service field in the IP Head
    er).

    -r count Record route for count hops (IPv4-only).

    -s count Timestamp for count hops (IPv4-only).

    -j host-list Loose source route along host-list (IPv4-only).

    -k host-list Strict source route along host-list (IPv4-only).

    -w timeout Timeout in milliseconds to wait for each reply.

    -R Use routing header to test reverse route also (IPv6-only).

    -S srcaddr Source address to use.

    -4 Force using IPv4.

    -6 Force using IPv6.

    So a typical line would look something like the following
    ping 127.0.0.1 -l 65500 -t

    Note: many firewalls if configured correctly can put a fairly easy stop to this type of attack at least in terms of web hosts. eg. if its getting x number of echo requests from ip subnet 192.168.1.2/128 it will class it as an attack and block that subnet for a period of time allowing an administrator to (retaliate) or setup proper reporting if not already done so

    then you can report the attackers to their ISP/police in some countries they will actually cancel their accounts until their computer is no longer the source of an attack

    But its nice to see the old ping of death still mentioned although it has been many years since it was effective to launch such an attack as an individual generally most attacks are performed by bot nets and it is then called a DDOS or Distributed Denial Of Service Attack because their is now more then one network performing the attack.

    ReplyDelete
  3. good evening sir, another thing i learned
    and the new thing is that group ping, it's really awesome and
    thank you guys for your share
    love you guys
    bye

    ReplyDelete
  4. awesome post!!



    James

    ReplyDelete
  5. prvn prasher


    impressive

    ReplyDelete
  6. Thanks sir for ths useful information.i have made a program in c++ dat z doing flood pinging for me.bt i am using dis in my college lab.so it has a low speed n it dsnt work properly

    ReplyDelete
  7. Pl tell how to connect to telnet?

    ReplyDelete
  8. How can we find out our own system ip address?

    ReplyDelete
  9. you are do a great job.

    ReplyDelete
  10. Sir Plz Publish some special articles on The Host File Directing The Redirection and about Proxy Servers .How to connect to differnt public proxy servers.What is proxy bouncing .What are the special tools for for it .How to Hide oUR IP adddress.
    How it can be done along with demonstrations of each topic.

    ReplyDelete

Please do not spam.

Copyright © 2012 Learn How to Hack - Best Online Ethical Hacking Website All Right Reserved
Designed by Hackingloops.