hping3 is a command-line TCP/IP packet assembler and analyzer that extends ping functionality with TCP, UDP, ICMP, and raw IP packet support. It’s widely used for firewall testing, advanced port scanning, network performance testing, and security auditing where custom packet crafting is required.
📑 Table of Contents
Security professionals rely on hping3 for firewall rule testing, traceroute alternatives through firewalls, OS fingerprinting, and network path MTU discovery. Its ability to craft arbitrary packets makes it an essential tool for understanding how networks handle various traffic types.
Key Features
- Packet Crafting – Create custom TCP/UDP/ICMP packets
- Firewall Testing – Test firewall rules and responses
- Port Scanning – SYN, FIN, Xmas, and custom scans
- Traceroute – TCP-based traceroute through firewalls
- OS Fingerprinting – Identify remote operating systems
- File Transfer – Transfer files over ICMP or UDP
Installation
sudo apt install hping3 # Debian/Ubuntu
sudo dnf install hping3 # Fedora/RHELBasic Usage Examples
# TCP SYN ping
sudo hping3 -S 192.168.1.1 -p 80
# TCP traceroute
sudo hping3 -S -p 80 --traceroute example.com
# SYN flood (testing only)
sudo hping3 -S --flood -p 80 target
# Port scan
sudo hping3 --scan 1-1024 192.168.1.1
# ICMP ping
sudo hping3 --icmp 192.168.1.1
# Set TTL
sudo hping3 -S -p 80 -t 64 192.168.1.1Use Cases
- Penetration Testing – Test network security
- Firewall Auditing – Verify firewall rules
- Network Troubleshooting – Diagnose connectivity issues
- Performance Testing – Measure network latency
Was this article helpful?