First thing of note. Thanks to Salvatore Sanfilippo for the hping tool.

It's h elped me to better understand some network concepts. Much more info. can be fou nd at the 'mother' site: http://www.hping.org. There is also a wiki at http://wiki.hping.org. Usage for Windows version of hping: Here's a URL for how to use hping (Unix and Windows version, except revisions wi th Windows version listed below): http://www.hping.org/manpage.html Some differences in argument parameters and behavior compared to the Unix versio n are as follows: 1. When hping is run in listen mode on Unix, memory paging is disabled. I haven' t implemented this in the native Windows version. If I get all fired up at some point, maybe I'll try to figure it out. 2. There is an option to choose the network interface to use under Unix. I haven 't seen a simple way that Windows defines the network interfaces (i.e. eth0, ppp 0, ...). Thus, I've used the IP address as an I.D. for a specific interface. 3. Under Unix, pressing ctrl-z once will increment a port or ttl value (dependin g on context) and pressing it twice will decrement it. I've changed this to ctrl -z will increment, ctrl-a will decrement. 4. The option for sending packets at a specified interval is done using microsec onds in Unix. For example: hping -i u10000. Under Windows I've changed this to m illiseconds. Thus, the equivalent to the command above would be: hping -i m100 ( 10 packets per second).

Compile: I compiled hping using the free Dev-C++ compiler, and had to link these librarie s: libwinmm.a libws2_32.a libwsock32.a libwpcap.a libiphlpapi.a Using Microsoft Visual C++ you'll have to link: winmm.lib ws2_32.lib wsock32.lib wpcap.lib iphlpapi.lib NOTE: I have been able to successfully compile with the Borland and Visual C++ compile

rs. However, when attempting to send packets I get a 10049 socket error code on a `sendto'. I'm guessing it has something to do with how these compilers deal with structs, but have not looked into it. Any ideas and/or help would be much appreciated. ANOTHER NOTE: Also, the new SP2 for Windows XP appears to be causing some issues. Here's a li nk explaining some changes to raw sockets. http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx#EHA A Some people have reported some problems with Windows XP SP2. TCP packets don't get sent out (10004 error). UDP and ICMP appear to be fine. (However, you cann ot spoof an IP with UDP packets). I'd like to get more feedback from other peop le on how it is working on Windows XP SP2 machines. SCAN MODE: In regards to hping2-rc3-win32 version. I have implemented the scan mode for wi ndows now. The only switch that won't work is scanning for `known' ports. The argument would be something like: `hping --scan known <hostname>' I haven't looked too hard into how to implement it, but for now it doesn't work. I wanted to get something out for the scan mode as it's a very useful function . Any comments can be sent to rgturpin@epop3.com