init - PoC

2025-10-27 20:12:00 +01:00 · 2025-10-27 20:12:00 +01:00 · 3484b45045
commit 3484b45045
146 changed files with 10657 additions and 0 deletions
--- a/items/2023-03-05_long_icmp-echo-requests-reference-guide.md
+++ b/items/2023-03-05_long_icmp-echo-requests-reference-guide.md
@ -0,0 +1,224 @@
+# ICMP echo requests on Linux and Windows - Reference Guide
+
+Just as a heads-up, this is going to be a quick reference guide for the use of the ICMP echo request - or better known as `PING`. I have to look up some options multiple times a week, so I thought it is beneficial to write it up in a post like this. I might add more options at some point, but those are the most important ones in my experience.
+
+In a nutshell: ICMP echo requests can be used to check the reachability of two hosts on layer 3. This is indispensable in any troubleshooting session if the network is involved.
+
+**Side note**: All Linux references should work on **MacOS** too.
+
+# Simple ping without any options <a href="#ping" id="ping">#</a>
+
+Linux: 
+: `ping 10.10.20.1`
+
+**Results**
+
+```markdown
+
+kuser@pleasejustwork:~$ ping 10.10.20.1
+PING 10.10.20.1 (10.10.20.1) 56(84) bytes of data.
+64 bytes from 10.10.20.1: icmp_seq=1 ttl=255 time=0.594 ms
+64 bytes from 10.10.20.1: icmp_seq=2 ttl=255 time=0.489 ms
+64 bytes from 10.10.20.1: icmp_seq=3 ttl=255 time=0.501 ms
+64 bytes from 10.10.20.1: icmp_seq=4 ttl=255 time=0.504 ms
+64 bytes from 10.10.20.1: icmp_seq=5 ttl=255 time=0.534 ms
+^C
+--- 10.10.20.1 ping statistics ---
+5 packets transmitted, 5 received, 0% packet loss, time 4075ms
+rtt min/avg/max/mdev = 0.489/0.524/0.594/0.037 ms
+```
+
+Windows - Cmd Line:
+: `ping 10.10.20.1`
+
+**Results**
+
+```markdown
+C:\Users\windows-sucks>ping 10.10.20.1
+
+Pinging 10.10.20.1 with 32 bytes of data:
+Reply from 10.10.20.1: bytes=32 time<1ms TTL=255
+Reply from 10.10.20.1: bytes=32 time<1ms TTL=255
+Reply from 10.10.20.1: bytes=32 time<1ms TTL=255
+Reply from 10.10.20.1: bytes=32 time<1ms TTL=255
+
+Ping statistics for 10.10.20.1:
+    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
+Approximate round trip times in milli-seconds:
+    Minimum = 0ms, Maximum = 0ms, Average = 0ms
+```
+
+Windows - Powershell - Test-Connection:
+: `Test-Connection 10.10.20.1`
+
+**Side note**: this will take longer. The internet says it takes longer since the output is a Win32_PingStatus object you can work with. You can get a quick `True` or `False` with the `-Quiet` argument.
+
+**Side note**: Not all options are available for PS 5.1. You can check your current version with `$PSVersionTable.PSVersion`.
+
+**Results**
+
+```markdown
+PS C:\Users\windows-sucks> Test-Connection -Computername 10.10.20.1
+
+Source        Destination     IPV4Address      IPV6Address                              Bytes    Time(ms)
+------        -----------     -----------      -----------                              -----    --------
+DESKTOP-GP... 10.10.20.1                                                                32       0
+DESKTOP-GP... 10.10.20.1                                                                32       0
+DESKTOP-GP... 10.10.20.1                                                                32       0
+DESKTOP-GP... 10.10.20.1                                                                32       0
+```
+
+Notable Mention: Windows - Powershell 5.1+ - Test-NetConnection:
+: `Test-NetConnection 10.10.20.1` / `tnc 10.10.20.1`
+: `Test-NetConnection` can be abbreviated with `tnc`
+
+`Test-NetConnection` on only suited for ping requests without any options. I'll write about `Test-Connection` in the rest of the post since it offers more options.
+
+**Results**
+
+```markdown
+PS C:\Users\windows-sucks> Test-NetConnection 10.10.20.1                                                                                                                                                       ComputerName           : 10.10.20.1
+RemoteAddress          : 10.10.20.1
+InterfaceAlias         : Ethernet
+SourceAddress          : 10.10.20.54
+PingSucceeded          : True
+PingReplyDetails (RTT) : 0 ms
+```
+
+## Continuous ping requests <a href="#cont" id="cont">#</a>
+
+Linux:
+: *continuous pings by default*
+
+Windows - Cmd Line:
+: `/t` or `-t`
+: *Can be interrupted with `CTRL` + `c`*
+
+Windows - Powershell 7.2+ - Test-Connection:
+: `-Repeat`
+
+
+## Number of ping requests <a href="#number" id="number">#</a>
+
+Sets the number of pings
+
+Linux:
+: `-c NUMBER`
+: Default is continuous ping
+
+Windows - Cmd Line:
+: `/n NUMBER` / `-n NUMBER`
+: Default is 4
+
+Windows - Powershell 5.1+ - Test-Connection:
+: `-Count NUMBER`
+: Default is 4
+
+## Using a specific interface <a href="#interface" id="interface">#</a>
+
+Linux: 
+: `-I INTERFACE-NAME`
+: *just use the name of the specific interface you want to use*
+
+Windows - Cmd Line:
+:  `-S SOURCE-IP`
+: *you have to choose the IP of the interface to use it for a ping*
+
+
+## domain name resolution <a href="#resolution" id="resolution">#</a>
+
+You get results faster if you can avoid domain name resolution.  
+
+Linux:
+: *does the name resolution by default. Use `-n` to avoid it*
+: `-n`
+
+Windows - Cmd Line:
+: *check IP for domain name*
+: `/a` / `-a`
+
+
+## Avoid output / quiet mode <a href="#quiet" id="quiet">#</a>
+
+Linux:
+: `-q`
+: only shows the start and end summary
+
+Windows - Cmd Line:
+: `ping 10.10.20.2 > nul 2>&1`
+: *no output at all*
+
+Windows - Powershell 5.1+ - Test-Connection:
+: `-Quiet`
+: Just outputs `True` / `False`
+
+
+## Add timestamp <a href="#timestamp" id="timestamp">#</a>
+
+Linux:
+: `-D`
+: adds the timestamp in front of it in the UNIX format.
+
+Windows:
+: *haven't found an option. There are multiple ways with bash scripting*
+
+
+## Packet Size <a href="#size" id="size">#</a>
+
+Linux:
+: `-s NUMBER`
+: data bytes. The default is 56 bytes + 8 bytes ICMP header data.
+
+Windows - Cmd Line:
+: `/l NUMBER` / `-l NUMBER`
+: data bytes. The default is 32 bytes + 8 bytes ICMP header data. Max is 65527.
+
+Windows - Powershell 5.1+ - Test-Connection:
+: `-BufferSize NUMBER`
+: data bytes. The default is 32 bytes + 8 bytes ICMP header data.
+
+
+## TTL / Time to live <a href="#ttl" id="ttl">#</a>
+
+Sets the IP Time to live!
+
+Linux:
+: `-t NUMBER`
+
+Windows - Cmd Line:
+: `/i NUMBER` / `-i NUMBER`
+
+Windows - Powershell 5.1+ - Test-Connection:
+: `-MaxHops NUMBER`
+: *default is 128*
+
+
+## Sets "Don't Fragment" bit <a href="#df" id="df">#</a>
+
+Sets the DF flag in the IP header.
+
+Linux:
+: `-M hint`
+
+Windows - Cmd Line:
+: `/f` / `-f`
+
+Windows - Powershell 7.2+ - Test-Connection:
+: `-DontFragment`
+
+
+## IP Protocol 4 or 6 <a href="#protocol" id="protocol">#</a>
+
+Linux:
+: `-4` *# IPv4*
+: `-6` *# IPv6*
+
+Windows - Cmd Line:
+: `/4` / `-4` *# IPv4*
+: `/6` / `-6` *# IPv6*
+
+Windows - Powershell 7.2+ - Test-Connection:
+: `-IPv4` *# IPv4*
+: `-IPv6` *# IPv6*
+
+---