Hping3 ile Paket Üretimi ve Tcpdump ile İzleme
Bu makalede hping3 aracı ile bazı paketler oluşturup tcpdump ile oluşturduğumuz ve gönderdiğimiz paketleri görüntüleyeceğiz. Bu makalenin ilişkili olduğu diğer makaleler şu şekildedir:


Uygulama 

Ubuntu IP      : 172.18.2.5
Kali Makina IP : 172.19.4.108

i) ICMP Paket Üretimi

Ubuntu 

hping3 --icmp 172.19.4.108

Kali 
tcpdump -i eth0 -t -n icmp

Output:

IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 0, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 0, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 256, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 256, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 512, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 512, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 768, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 768, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 1024, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 1024, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 1280, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 1280, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 1536, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 1536, length 8
IP 172.18.2.5 > 172.19.4.108: ICMP echo request, id 45324, seq 1792, length 8
IP 172.19.4.108 > 172.18.2.5: ICMP echo reply, id 45324, seq 1792, length 8

ii) SYN Paket Üretimi

Ubuntu 

hping3 --syn 172.19.4.108			// SYN paketleri gönderir.

Kali 

tcpdump -i eth0 -t -n "tcp[13] & tcp-syn != 0"

Output:

IP 172.18.2.5.2746 > 172.19.4.108.0: Flags [S], seq 1062084714, win 512, length 0
IP 172.18.2.5.2747 > 172.19.4.108.0: Flags [S], seq 1844087843, win 512, length 0
IP 172.18.2.5.2748 > 172.19.4.108.0: Flags [S], seq 617315076, win 512, length 0
IP 172.18.2.5.2749 > 172.19.4.108.0: Flags [S], seq 1265406527, win 512, length 0
IP 172.18.2.5.2750 > 172.19.4.108.0: Flags [S], seq 1675050461, win 512, length 0
IP 172.18.2.5.2751 > 172.19.4.108.0: Flags [S], seq 314983707, win 512, length 0
IP 172.18.2.5.2752 > 172.19.4.108.0: Flags [S], seq 1160676415, win 512, length 0
IP 172.18.2.5.2753 > 172.19.4.108.0: Flags [S], seq 1086958469, win 512, length 0
IP 172.18.2.5.2754 > 172.19.4.108.0: Flags [S], seq 488145846, win 512, length 0
IP 172.18.2.5.2755 > 172.19.4.108.0: Flags [S], seq 1560952838, win 512, length 0
IP 172.18.2.5.2756 > 172.19.4.108.0: Flags [S], seq 2113414560, win 512, length 0
IP 172.18.2.5.2757 > 172.19.4.108.0: Flags [S], seq 1929615477, win 512, length 0
IP 172.18.2.5.2758 > 172.19.4.108.0: Flags [S], seq 1440115727, win 512, length 0
IP 172.18.2.5.2759 > 172.19.4.108.0: Flags [S], seq 1629263934, win 512, length 0 ...

hpin3 devamlı SYN paketi üretir ve Kali'ye bunları gönderir. Kali gelen paketlerini dinler ve SYN bayrağı olarak bu paketleri filtreler. Böylece tcpdump sadece gelen syn paketlerini gösterir.

iii) RST Paket Üretimi

Ubuntu 

hping3 --rst 172.19.4.108				// RST paketleri gönderir

Kali 

tcpdump -i eth0 -t -n "tcp[13] & tcp-rst != 0"

Output:

IP 172.18.2.5.2286 > 172.19.4.108.0: Flags [R], seq 1395614016, win 512, length 0
IP 172.18.2.5.2287 > 172.19.4.108.0: Flags [R], seq 1424463796, win 512, length 0
IP 172.18.2.5.2288 > 172.19.4.108.0: Flags [R], seq 197670793, win 512, length 0
IP 172.18.2.5.2289 > 172.19.4.108.0: Flags [R], seq 940310500, win 512, length 0
IP 172.18.2.5.2290 > 172.19.4.108.0: Flags [R], seq 473082393, win 512, length 0
IP 172.18.2.5.2291 > 172.19.4.108.0: Flags [R], seq 2074567585, win 512, length 0
IP 172.18.2.5.2292 > 172.19.4.108.0: Flags [R], seq 180092868, win 512, length 0
IP 172.18.2.5.2293 > 172.19.4.108.0: Flags [R], seq 1486511321, win 512, length 0
IP 172.18.2.5.2294 > 172.19.4.108.0: Flags [R], seq 1796537166, win 512, length 0
IP 172.18.2.5.2295 > 172.19.4.108.0: Flags [R], seq 1532575471, win 512, length 0
IP 172.18.2.5.2296 > 172.19.4.108.0: Flags [R], seq 1244045085, win 512, length 0
IP 172.18.2.5.2297 > 172.19.4.108.0: Flags [R], seq 2000750259, win 512, length 0
IP 172.18.2.5.2298 > 172.19.4.108.0: Flags [R], seq 475735829, win 512, length 0

iv) UDP Paket Üretimi

Ubuntu 

hping3 --udp 172.19.4.108

Kali 

tcpdump -i eth0 -t -n udp

Output:

IP 172.18.2.5.1252 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1253 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1254 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1255 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1256 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1257 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1258 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1259 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1260 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1261 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1262 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1263 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1264 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1265 > 172.19.4.108.0: UDP, length 0
IP 172.18.2.5.1266 > 172.19.4.108.0: UDP, length 0

Yararlanılan Kaynaklar

  • http://www.rationallyparanoid.com/articles/tcpdump.html
  • http://www.tcpdump.org/tcpdump_man.html
  • http://ask.xmodulo.com/capture-tcp-syn-ack-fin-packets-tcpdump.html
  • https://superuser.com/questions/587302/how-to-make-tcpdump-to-display-ip-and-port- number-but-not-hostname-and-protocol
Bu yazı 18.03.2026 tarihinde, saat 14:50:58'de yazılmıştır. 18.03.2026 tarihi ve 12:21:06 saatinde ise güncellenmiştir.
Yazar : Hasan Fatih ŞİMŞEK Görüntülenme Sayısı : 5
Yorumlar
Henüz yorum girilmemiştir.
Yorum Ekle
*
* (E-posta adresiniz yayınlanmayacaktır.)
*
*

#Arşiv

#Giriş
ID :
Şifre :