Difference between revisions of "ping"

From Noah.org
Jump to navigationJump to search
Line 5: Line 5:
  
 
I usually use nmap instead of ping to check the state of a given host and port.
 
I usually use nmap instead of ping to check the state of a given host and port.
 +
See also [http://www.noah.org/wiki/index.php/Traceroute#tcptraceroute tcptraceroute] for checking host:port.
 
Nmap is essential for diagnosing network problems, but using the default port-scan mode  
 
Nmap is essential for diagnosing network problems, but using the default port-scan mode  
 
can be problematic because a lot of servers have automated [http://en.wikipedia.org/wiki/Intrusion-detection_system Intrusion Detection System] tools. These will trigger if they see that you are scanning a range of ports. Typically this will cause the system to block your IP address thus adding to your network diagnosis problems. The trick is to tell nmap to use a stealth scan and to just check a single remote port. This is usually good enough to not trigger an [http://en.wikipedia.org/wiki/Intrusion-detection_system IDS]. The following will stealthily check the state of port 22 (SSH) without sending a PING:
 
can be problematic because a lot of servers have automated [http://en.wikipedia.org/wiki/Intrusion-detection_system Intrusion Detection System] tools. These will trigger if they see that you are scanning a range of ports. Typically this will cause the system to block your IP address thus adding to your network diagnosis problems. The trick is to tell nmap to use a stealth scan and to just check a single remote port. This is usually good enough to not trigger an [http://en.wikipedia.org/wiki/Intrusion-detection_system IDS]. The following will stealthily check the state of port 22 (SSH) without sending a PING:

Revision as of 20:34, 4 August 2007


nmap "ping"

I usually use nmap instead of ping to check the state of a given host and port. See also tcptraceroute for checking host:port. Nmap is essential for diagnosing network problems, but using the default port-scan mode can be problematic because a lot of servers have automated Intrusion Detection System tools. These will trigger if they see that you are scanning a range of ports. Typically this will cause the system to block your IP address thus adding to your network diagnosis problems. The trick is to tell nmap to use a stealth scan and to just check a single remote port. This is usually good enough to not trigger an IDS. The following will stealthily check the state of port 22 (SSH) without sending a PING:

nmap -P0 -sS -p22 www.example.com

This is a similar check for port 80 (http):

nmap -P0 -sS -p80 www.example.com