nping

Ping a specified host using ICMP if the user is allowed to, otherwise using TCP

$ nping [example.com]

$ nping --icmp --privileged [example.com]

$ nping --udp [example.com]

$ nping --tcp --dest-port [443] [example.com]

$ nping --count [10] [example.com]

$ nping --delay [5s] [example.com]

$ nping --interface [eth0] [example.com]

$ nping [10.0.0.1-10]

nping [<Options>] [<target specification>]

--tcp
    Generate TCP packets. Allows setting TCP flags, sequence numbers, and options.

--udp
    Generate UDP packets. Can specify source and destination ports.

--icmp
    Generate ICMP packets. Supports various ICMP types (echo request, timestamp, etc.).

--arp
    Generate ARP requests or replies. Useful for network discovery and spoofing.

--eth
    Generate raw Ethernet frames. Provides the lowest level of control.

-c <count>
    Stop after sending <count> packets.

-p <port>, --dest-port <port>
    Set the destination port for TCP or UDP packets.

--source-port <port>
    Set the source port for TCP or UDP packets.

--data <hex string>
    Append a custom hexadecimal string as raw data payload to packets.

--data-string <string>
    Append an ASCII string as raw data payload to packets.

--ttl <ttl>
    Set the IP Time-to-Live field for outgoing packets.

--rate <rate>
    Send packets at a specified rate (e.g., 100/s for 100 packets per second, 1k/s, 10m for 10 minutes duration).

--delay <time>
    Wait the specified <time> (e.g., 500ms, 1s) between sending packets.

--privileged
    Run with escalated privileges (e.g., to craft arbitrary IP headers or use raw sockets). This is often required for advanced packet crafting.

--echo-client
    Run in echo client mode, sending probes to an nping echo server and measuring response times.

--echo-server
    Run in echo server mode, listening for and responding to nping echo clients.

-v
    Increase verbosity level. Use -vv for even more details about packets sent and received.

-S <IP>, --source-ip <IP>
    Set the source IP address for outgoing packets. Requires privileges.

nping is a versatile open-source command-line utility, part of the Nmap suite, designed for generating and analyzing network packets. It allows users to craft custom packets across various protocols, including TCP, UDP, ICMP, and ARP, with granular control over header fields and data payloads.

nping can be used for network stack stress testing, firewall rule verification, network performance measurement (latency, jitter), and security auditing. Beyond simple packet generation, nping can also measure response times, act as an echo client or server, and even simulate denial-of-service attacks by controlling packet rates and counts. Its flexibility makes it an invaluable tool for network administrators, security professionals, and developers alike, offering capabilities far beyond a traditional ping utility.

nping often requires root or administrator privileges to perform raw socket operations, such as crafting custom IP, TCP, UDP, ICMP, ARP, or Ethernet headers.

Misuse of nping can generate high volumes of traffic, potentially disrupting network services or violating network usage policies. Users should exercise caution and ensure they have proper authorization before using it on any network.

nping includes a unique 'echo mode' that allows it to function as both a client and a server. This enables accurate measurement of network latency and jitter between two points, providing more detailed insights than a standard ping by supporting various protocols (TCP, UDP, ICMP) and custom payloads. It's ideal for precise network performance diagnostics.

Beyond basic ICMP, nping offers comprehensive support for crafting packets across multiple network layers. This includes:

• ARP (Address Resolution Protocol)
• Ethernet (raw frames)
• IP (with options for fragmentation, source routing, custom IDs)
• ICMP (various types and codes)
• TCP (with fine-grained control over flags like SYN, ACK, RST, FIN; sequence numbers; window size; and options like MSS, Window Scale, SACK)
• UDP (with custom source/destination ports and data).

nping was developed by the Nmap Project and first publicly released as part of Nmap 5.00 in July 2009. It was conceived to address the need for a highly flexible and powerful packet generator and response analyzer, going beyond the capabilities of traditional tools like ping and even hping3, while seamlessly integrating with the Nmap ecosystem. Its development aimed to provide network professionals with precise control over network traffic for testing, troubleshooting, and security assessments.

ping(8), hping3(8), nmap(1), netcat(1), tcpdump(8)