Intro
hping was recommend to me as a tool to stage a mock DOS test against one of our servers. I found that I did not have it installed on my CentOS 6 instance and could not find it with a yum search. I’m sure there is an rpm for it somewhere, but I figured it would be just as easy to compile it myself as to find the rpm. I was wrong. It probably was a _little_ harder to compile it, but I learned some things in doing so. So I’ll share my experience. It wasn’t too bad. I have nothing original to add here to what you find elsewhere, except that I didn’t find anywhere else with all these problems documented in one place. So I’ve produced this blog post as a convenient reference.
I’ve also faced this same situation on SLES – can’t find a package for hping anywhere – and found the same recipe below works to compile hping3.
The Details
I downloaded the source, hping3-20051105.tar.gz, from hping.org. Try a ./configure and…
error can not find the byte order for this architecture, fix bytesex.h |
After a few quick searches I began to wonder what the byte order is in the Amazon cloud. Inspired I wrote this C program to find out and remove all doubt:
/* returns true if system is big_endian. See http://unixpapa.com/incnote/byteorder.html - DrJ */ #include<stdio.h> main() { printf("Hello World"); int ans = am_big_endian(); printf("am_big_endian value: %d",ans); } int am_big_endian() { long one= 1; return !(*((char *)(&one))); } |
This program makes me realize a) how much I dislike C, and b) how I will never be a C expert no matter how much I dabble.
The program returns 0 so the Amazon cloud has little endian byte order as we could have guessed. All Intel i386 family chips are little endian it seems. Back to bytesex.h. I edited it so that it has:
#define BYTE_ORDER_LITTLE_ENDIAN /* # error can not find the byte order for this architecture, fix bytesex.h */ |
Now I can run make. Next error:
pcap.h No such file or directory. |
I installed libpcap-devel with yum to provide that header file:
$ yum install libpcap-devel
Next error:
net/bpf.h no such file or directory |
For this I did:
$ ln -s /usr/include/pcap-bpf.h /usr/include/net/bpf.h
TCL
Next error:
/usr/bin/ld: cannot find -ltcl |
I decided that I wouldn’t need TCL anyways to run in simple command-line fashion, so I excised it:
./configure --no-tcl |
Then, finally, it compiled OK with some warnings.
hping3 for Raspberry Pi
On the Raspberry Pi it was simple to install hping3:
$ sudo apt-get install hping3
That’s it!
Raspberry Pi’s are pretty slow to generate serious traffic, but if you have a bunch I suppose they could amount to something in total.
Conclusion
Now I’m ready to go to use hping3 for a SYN_FLOOD simulated attack or whatever else we want to test.