312-50V10 · Question #870
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which o
The correct answer is B. Hping. When ICMP is disabled on a network, a tester needs a tool capable of sending TCP-based packets to probe host availability. Hping is a packet-crafting tool that supports TCP, UDP, and ICMP, making it the correct choice here.
Question
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?
Options
- ATraceroute
- BHping
- CTCP ping
- DBroadcast ping
How the community answered
(13 responses)- B92% (12)
- D8% (1)
Why each option
When ICMP is disabled on a network, a tester needs a tool capable of sending TCP-based packets to probe host availability. Hping is a packet-crafting tool that supports TCP, UDP, and ICMP, making it the correct choice here.
Traceroute maps the hop-by-hop path to a destination using ICMP or UDP by default and is a route-tracing utility, not a tool designed to probe direct host availability over TCP.
Hping is a command-line network tool designed to craft and send custom TCP/IP packets, including TCP SYN packets directed at specific ports, effectively functioning as a TCP-based ping. Unlike standard ping which depends solely on ICMP, hping can elicit responses from a host over TCP even when ICMP is filtered or disabled, making it the standard tool for this purpose in penetration testing.
TCP ping describes a technique or concept rather than a named, standalone security testing tool available as a distinct option in this context - hping is the actual tool that implements TCP-based host probing.
Broadcast ping sends ICMP echo requests to a subnet broadcast address to discover live hosts, but it still relies on ICMP, which is stated to be disabled in this scenario.
Concept tested: TCP-based host probing using hping
Source: https://linux.die.net/man/8/hping3
Topics
Community Discussion
No community discussion yet for this question.