We previously discussed the use of hping3 to perform layer 3 ICMP discovery. In addition to this function, hping3 can also be used to perform UDP and TCP host discovery. However, as discussed earlier, hping3 was developed to perform targeted requests, and some scripting is required to use it as an effective scanning tool. This recipe will demonstrate how to use hping3 to perform layer 4 discovery with both TCP and UDP protocols.
Using hping3 to perform layer 4 discovery does not require a lab environment, as many systems on the Internet will reply to both TCP and UDP traffic. However, it is highly recommended that you perform any type of network scanning exclusively in your own lab unless you are thoroughly familiar with the legal regulations imposed by any governing authorities to whom you are subject. If you wish to perform this technique within your lab, you will need to have at least one system that will respond to TCP and/or UDP...