How to specify a big sequence number in hping2?

Hello.
I try to fake a TCP packet with hping2.
But how to specify a sequence number which is larger than 0x7FFFFFFF?
For example, when I try to specify 2666666666 as the sequence number,
hping2 always use 2147483647.
Is there any special way?

With regards,
Zheng Da

On 18 Nov 2006, in the Usenet newsgroup comp.os.linux.networking, in article
<(E-Mail Removed). com>, Zheng Da wrote:

>I try to fake a TCP packet with hping2.
>But how to specify a sequence number which is larger than 0x7FFFFFFF?
>For example, when I try to specify 2666666666 as the sequence number,
>hping2 always use 2147483647.

1. hping2 _may_ be unmaintained. The latest version is hping2.0.0-rc3.tar.gz
which is from May 2004. The prior release was hping2.0.0-rc2.tar.gz from
November 2002. "hping3-20051105.tar.gz" is supposed to be the replacement.

2. hping2 rc3 does accept a "-M 2666666666" or "--setseq 2666666666" here,
and that sequence number is in the resulting packet. Could this be a problem
with your application? Note that the man page is incorrect, and identifies
the option as '--tcpseq' rather than '--setseq'.

3. hping2 is supposed to work on Linux, *BSD and Solaris (and there is a win32
port). Which are you using? Your headers seem to imply FC3 of FC4.

>Is there any special way?

I was able to do so directly from the command line.

Old guy

"Moe Trin write:
"
> On 18 Nov 2006, in the Usenet newsgroup comp.os.linux.networking, in article
> <(E-Mail Removed). com>, Zheng Da wrote:
>
> >I try to fake a TCP packet with hping2.
> >But how to specify a sequence number which is larger than 0x7FFFFFFF?
> >For example, when I try to specify 2666666666 as the sequence number,
> >hping2 always use 2147483647.
>
> 1. hping2 _may_ be unmaintained. The latest version is hping2.0.0-rc3.tar.gz
> which is from May 2004. The prior release was hping2.0.0-rc2.tar.gz from
> November 2002. "hping3-20051105.tar.gz" is supposed to be the replacement.
OK, I will try hping3.
>
> 2. hping2 rc3 does accept a "-M 2666666666" or "--setseq 2666666666" here,
> and that sequence number is in the resulting packet. Could this be a problem
> with your application? Note that the man page is incorrect, and identifies
> the option as '--tcpseq' rather than '--setseq'.
I'm not very sure. I should try next time when I go to the lab.
>
> 3. hping2 is supposed to work on Linux, *BSD and Solaris (and there is a win32
> port). Which are you using? Your headers seem to imply FC3 of FC4.
I used it in the lab, the system should be FC, but I don't know its
version.
>
> >Is there any special way?
>
> I was able to do so directly from the command line.
>
> Old guy
Thank you

With regards
Zheng Da

On 19 Nov 2006, in the Usenet newsgroup comp.os.linux.networking, in article
<(E-Mail Removed) .com>, Zheng Da wrote:

>Moe Trin write:

>> 1. hping2 _may_ be unmaintained. The latest version is hping2.0.0-rc3.tar.gz
>> which is from May 2004. The prior release was hping2.0.0-rc2.tar.gz from
>> November 2002. "hping3-20051105.tar.gz" is supposed to be the replacement.

>OK, I will try hping3.

I'm not sure that the changes are that significant.

>> 3. hping2 is supposed to work on Linux, *BSD and Solaris (and there is a
>> win32 port). Which are you using? Your headers seem to imply FC3 of FC4.

>I used it in the lab, the system should be FC, but I don't know its
>version.

Standard mechanism: 'cat /etc/*release /etc/*version' which will show
the version or release file (different distributions use different file
names).

Old guy

I use hping3 in Debian, and don't have this problem.
I'm not sure which causes the problem, but thank you.

"Moe Trin write:
"
> On 19 Nov 2006, in the Usenet newsgroup comp.os.linux.networking, in article
> <(E-Mail Removed) .com>, Zheng Da wrote:
>
> >Moe Trin write:
>
> >> 1. hping2 _may_ be unmaintained. The latest version is hping2.0.0-rc3.tar.gz
> >> which is from May 2004. The prior release was hping2.0.0-rc2.tar.gz from
> >> November 2002. "hping3-20051105.tar.gz" is supposed to be the replacement.
>
> >OK, I will try hping3.
>
> I'm not sure that the changes are that significant.
>
> >> 3. hping2 is supposed to work on Linux, *BSD and Solaris (and there is a
> >> win32 port). Which are you using? Your headers seem to imply FC3 of FC4.
>
> >I used it in the lab, the system should be FC, but I don't know its
> >version.
>
> Standard mechanism: 'cat /etc/*release /etc/*version' which will show
> the version or release file (different distributions use different file
> names).
>
> Old guy