A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:
Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Manual Page - nemesis-icmp(1)

Manual Reference Pages  - NEMESIS-ICMP (1)

NAME
nemesis-icmp - ICMP Protocol (The Nemesis Project)

CONTENTS

Synopsis
Description
ICMP Options
Icmp Timestamp Options
Icmp Original Datagram Options
Ip Options
Data Link Options
Diagnostics
Bugs

SYNOPSIS
nemesis-icmp [-vZ?] [-a ICMP-timestamp-request-reply-transmit-time ] [-b original-destination-IP-address ] [-B original-source-IP-address ] [-c ICMP-code ] [-d Ethernet-device ] [-D destination-IP-address ] [-e ICMP-ID ] [-f original-IP-fragmentation ] [-F fragmentation-options ] [-G preferred-gateway ] [-H source-MAC-address ] [-i ICMP-type ] [-I IP-ID ] [-j original-IP-TOS ] [-J original-IP-TTL ] [-l original-IP-options-file ] [-m ICMP-mask ] [-M destination-MAC-address ] [-o ICMP-timestamp-request-transmit-time ] [-O IP-options-file ] [-p original-IP-protocol ] [-P payload-file ] [-q ICMP-injection-mode ] [-r ICMP-timestamp-request-reply-received-time ] [-S source-IP-address ] [-t IP-TOS ] [-T IP-TTL ]

DESCRIPTION
The Nemesis Project is designed to be a command line-based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

nemesis-icmp provides an interface to craft and inject ICMP packets allowing the user to specify any portion of an ICMP packet as well as lower-level IP packet information.

ICMP Options
-c ICMP-type Specify the ICMP-code within the ICMP header.
-e ICMP-ID Specify the ICMP-ID within the ICMP header.
-G preferred-gateway Specify the preferred-gateway-IP-address for ICMP redirect injection.
-i ICMP-type Specify the ICMP-type within the ICMP header.
-m address-mask Specify the IP-address-mask for ICMP address mask packets.
-P payload-file This will case nemesis-icmp to use the specified payload-file as the payload when injecting ICMP packets. For packets injected using the raw interface (where -d is not used), the maximum payload size is 65387 bytes. For packets injected using the link layer interface (where -d IS used), the maximum payload size is 1352 bytes. Payloads can also be read from stdin by specifying ’-P -’ instead of a payload file.

Windows systems are limited to a maximum payload size of 1352 bytes for ICMP packets.

-q ICMP-injection-mode Specify the ICMP-injection-mode to use when injecting. Valid modes are: 


-qE (ICMP echo) 

-qM (ICMP address mask) 

-qU (ICMP unreachable) 

-qX (ICMP time exceeded) 

-qR (ICMP redirect) 

-qT (ICMP timestamp)

Only one mode may be specified at a time.

-s ICMP-sequence-number Specify the ICMP-sequence-number within the ICMP header.
-v verbose-mode Display the injected packet in human readable form. Use twice to see a hexdump of the injected packet with printable ASCII characters on the right. Use three times for a hexdump without decoded ASCII.

ICMP TIMESTAMP OPTIONS
-a ICMP-timestamp-request-reply-transmit-time Specify the ICMP-timestamp-request-reply-transmit-time (the time a reply to an ICMP timestamp request was transmitted) within the ICMP timestamp header.
-o ICMP-timestamp-request-transmit-time Specify the ICMP-timestamp-request-transmit-time (the time an ICMP timestamp request was transmitted) within the ICMP timestamp header.
-r ICMP-timestamp-request-reply-received-time Specify the ICMP-timestamp-request-reply-received-time (the time a reply to an ICMP timestamp request was received) within the ICMP timestamp header.

ICMP ORIGINAL DATAGRAM OPTIONS
-b original-destination-IP-address Specify the original-destination-IP-address within an ICMP unreachable, redirect or time exceeded packet.
-B original-source-IP-address Specify the original-source-IP-address within an ICMP unreachable, redirect or time exceeded packet.
-f original-fragmentation-options Specify the original-IP-fragmentation-options within an ICMP unreachable, redirect or time exceeded packet. For more information reference the ’-F’ command line switch.
-j original-IP-TOS Specify the original-IP-type-of-service (TOS) within an ICMP unreachable, redirect or time exceeded packet.
-J original-IP-TTL Specify the original-IP-time-to-live (TTL) within an ICMP unreachable, redirect or time exceeded packet.
-l original-IP-options-file This will cause nemesis-icmp to use the specified original-IP-options-file as the options when building the original IP header for the injected ICMP unreachable, redirect or time exceeded packet. IP options can be up to 40 bytes in length. The IP options file must be created manually based upon the desired options. IP options can also be read from stdin by specifying ’-O -’ instead of an IP-options-file.
-p original-IP-protocol Specify the original-IP-protocol within an ICMP unrechable, redirect or time exceeded packet.

IP OPTIONS
-D destination-IP-address Specify the destination-IP-address within the IP header.
-F fragmentation-options (-F[D],[M],[R],[offset]) Specify the fragmentation options: 


-FD (don’t fragment) 

-FM (more fragments) 

-FR (reserved flag) 

-F <offset>

within the IP header. IP fragmentation options can be specified individually or combined into a single argument to the -F command line switch by separating the options with commas (eg. ’-FD,M’) or spaces (eg. ’-FM 223’). The IP fragmentation offset is a 13-bit field with valid values from 0 to 8189. Don’t fragment (DF), more fragments (MF) and the reserved flag (RESERVED or RB) are 1-bit fields.

NOTE: Under normal conditions, the reserved flag is unset.

-I IP-ID Specify the IP-ID within the IP header.
-O IP-options-file This will cause nemesis-icmp to use the specified IP-options-file as the options when building the IP header for the injected packet. IP options can be up to 40 bytes in length. The IP options file must be created manually based upon the desired options. IP options can also be read from stdin by specifying ’-O -’ instead of an IP-options-file.
-S source-IP-address Specify the source-IP-address within the IP header.
-t IP-TOS Specify the IP-type-of-service (TOS) within the IP header. Valid type of service values: 

2  (Minimize monetary cost)
4  (Maximize reliability)
8  (Maximize throughput)
24 (Minimize delay)

NOTE: Under normal conditions, only one type of service is set within a packet. To specify multiple types, specify the sum of the desired values as the type of service.

-T IP-TTL IP-time-to-live (TTL) within the IP header.

DATA LINK OPTIONS
-d Ethernet-device Specify the name (for UNIX-like systems) or the number (for Windows systems) of the Ethernet-device to use (eg. fxp0, eth0, hme0, 1).
-H source-MAC-address Specify the source-MAC-address (XX:XX:XX:XX:XX:XX).
-M destination-MAC-address Specify the destintion-MAC-address (XX:XX:XX:XX:XX:XX).
-Z list-network-interfaces Lists the available network interfaces by number for use in link-layer injection.

NOTE: This feature is only relevant to Windows systems.

DIAGNOSTICS
Nemesis-icmp returns 0 on a successful exit, 1 if it exits on an error.

BUGS
Send concise and clearly written bug reports to jeff@snort.org

AUTHOR
Jeff Nathan <jeff@snort.org>

Originally developed by Mark Grimes <mark@stateful.net>

SEE ALSO
nemesis-arp(1), nemesis-dns(1), nemesis-ethernet(1), nemesis-igmp(1), nemesis-ip(1), nemesis-ospf(1), nemesis-rip(1), nemesis-tcp(1), nemesis-udp(1)
Top of page | 

NEMESIS-ICMP (1) 16 May 2003

Generated by manServer 1.07 from /usr/local/man/man1/nemesis-icmp.1 using man macros.

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast