Have a Bash with the Zing network utility

Zinger

Fail Early

Sometimes the Zing Bash script fails, following the Fail Early principle in the design. The three examples that follow include no host address, no IP address, or no activity on a port on the network: (1) zinging the Microsoft hostname without the www prefix, (2) failing to look up an IP address from the host, and (3) zinging the localhost with no activity at an IP address on a port.

Host Address Fail. The DNS reverse lookup to find an IP address fails, so the Bash script terminates:

zing.bash -c 4 -op 2 -p 80,443 microsoft.com
Warning: Inverse name lookup failed for microsoft.com; unable to continue!

After adding the www prefix, the script succeeds just fine. In this example, the Zing Bash script couples to the idiosyncratic features of the particular implementation of the netcat tool (Listing 4).

Listing 4

Host Address Success

zing.bash -c 4 -op 2 -p 80,443 www.microsoft.com
ZING: 23.207.41.178 / www.microsoft.com / a23-207-41-178.deploy.static.akamaitechnologies.com on 80 is: Active. Continue.
Port: 80: op 1.1. www.microsoft.com [23.207.41.178] Time: 33 ms.
Port: 80: op 1.2. www.microsoft.com [23.207.41.178] Time: 66 ms.
[...]
ZING: 23.207.41.178 / www.microsoft.com / a23-207-41-178.deploy.static.akamaitechnologies.com on 443 is: Active. Continue.
Port: 443: op 1.1. www.microsoft.com [23.207.41.178] Time: 32 ms.
Port: 443: op 1.2. www.microsoft.com [23.207.41.178] Time: 61 ms.
[...]
--- ZING: host at IP address: 23.207.41.178
--- host name: www.microsoft.com / a23-207-41-178.deploy.static.akamaitechnologies.com
--- for 4 ops at limit of 2 per op; statistics:
Time for min/avg/max/stddev=30/126/282/82.65-ms

IP Address Fail. Trying to use bing.com causes a failure, even with the www prefix. Again, the Zing Bash script fails early and exits:

zing.bash -c 4 -op 2 -p 80,443 bing.com
Warning: Inverse name lookup failed for bing.com; unable to continue!

Finally, with the DNS utility dig and the resulting IPv4 address, the zing to Bing works (Listings 5 and 6).

Listing 5

Host Address Failure for bing.com

zing.bash -c 4 -op 2 -p 80,443 www.bing.com
Warning: Inverse name lookup failed for www.bing.com; unable to continue!
dig
bing.com.               571     IN      A       204.79.197.200
bing.com.               571     IN      A       13.107.21.200

Listing 6

Zing the IPv4 address found with dig

zing.bash -c 4 -op 2 -p 80,443 204.79.197.200
ZING: 204.79.197.200 / a-0001.a-msedge.net / a-0001.a-msedge.net on 80 is: Active. Continue.
Port: 80: op 1.1. a-0001.a-msedge.net [204.79.197.200] Time: 34 ms.
Port: 80: op 1.2. a-0001.a-msedge.net [204.79.197.200] Time: 64 ms.
[...]
ZING: 204.79.197.200 / a-0001.a-msedge.net / a-0001.a-msedge.net on 443 is: Active. Continue.
Port: 443: op 1.1. a-0001.a-msedge.net [204.79.197.200] Time: 38 ms.
Port: 443: op 1.2. a-0001.a-msedge.net [204.79.197.200] Time: 70 ms.
[...]
--- ZING: host at IP address: 204.79.197.200
--- host name: a-0001.a-msedge.net / a-0001.a-msedge.net
--- for 4 ops at limit of 2 per op; statistics:
Time for min/avg/max/stddev=31/68/38/2.44-ms

By zinging the second IPv4 address revealed by dig, the zing succeeds in reaching the host on the Internet (Listing 7).

Listing 7

Zing the alternate IPv4 address

zing.bash -c 4 -op 2 -p 80,443 13.107.21.200
ZING:80/ 13.107.21.200 / Warning:
Error: on 80 is: Active. Continue.
Port: 80: op 1.1. 13.107.21.200 80 Time: 33 ms.
Port: 80: op 1.2. 13.107.21.200 80 Time: 66 ms.
[...]
ZING:80/ 13.107.21.200 / Warning:
Error: on 443 is: Active. Continue.
Port: 443: op 1.1. 13.107.21.200 443 Time: 34 ms.
Port: 443: op 1.2. 13.107.21.200 443 Time: 72 ms.
[...]
--- ZING: host at IP address:80
--- host name: 13.107.21.200 / Warning:
Error:
--- for 4 ops at limit of 2 per op; statistics:
Time for min/avg/max/stddev=31/66/36/2.12-ms

Zinging an Inactive Localhost. Another failure case is simply no activity by a host at an IP address on a port. In this example, I used my own computer system, localhost, and attempted to zing HTTP port 80 and HTTPS port 443:

zing.bash -c 4 -op 2 -p 80,443 localhost
Warning: No host address or name using localhost for the host!
ZING: 127.0.0.1 / localhost / localhost on 80 is: Inactive! Aborting.

The Zing Bash script cannot find the localhost IP address in the DNS check, reports this outcome, and continues to zing the first HTTP port 80. Hence the Zing Bash script found the IP address, just not with the DNS query – again an idiosyncratic response by netcat.

I am not running a web server, Python RESTful application, or any other service on those ports on my computer system. Once an IP address is found, the Zing Bash script continues and then Fails Early when it sees no activity on the port the script is zinging.

Conclusion

The multipurpose netcat network utility demonstrates its versatility and universality as the core of the Zing Bash shell script. Writing the Zing network utility as a Bash shell script highlights certain features and limitations compared with the binary compiled versions in Java, C#, and Golang. The use of netcat is a classic engineering trade-off of a simpler implementation to eliminate compiling a binary; yet, the Bash script that implements the Zing network utility is coupled to the idiosyncrasies of the particular netcat implementation. For example, the netcat utility on the macOS platform does not support TCP/IPv4 or TCP/IPv6 address distinctions. Yet netcat in the Windows Linux subsystem does have that particular feature.

The implementation of the Zing network utility as a Bash shell script with netcat also demonstrates and illustrates the power of the Bash shell scripting language and shell scripting in general: the power of a Turing-complete [7] programming language, but the flexibility of a Bash shell script. As a shell script, the Zing network utility is modifiable by the user, so the user has full control and can customize the Zing Bash shell script without a recompile.

Infos

  1. "Introducing the Zing zero-packet network utility" by William F. Gilreath, Linux Magazine , issue 265, December 2022, pg. 54, https://www.linux-magazine.com/Issues/2022/265/Zing
  2. Stiawan, D., Suryani, M.E., Susanto, I., Mohd, Y., Aldalaien, M.N., Alsharif, N., and Budiarto, R. Ping flood attack pattern recognition using a K-means algorithm in an Internet of Things (IoT) network. IEEE Access , 2021;9:116475-116484.
  3. Zing: https://github.com/wgilreath/zing
  4. "Netcat – The Admin's Best Friend" by Chris Binnie, ADMIN , August 2012. https://www.admin-magazine.com/Articles/Netcat-The-Admin-s-Best-Friend, Accessed March 25, 2023.
  5. Yerrid, K.C. Instant Netcat Starter . Packt Publishing Ltd., 2013
  6. The GNU Netcat project: https://netcat.sourceforge.net/
  7. Turing completeness: https://en.wikipedia.org/wiki/Turing_completeness

The Author

William F. Gilreath is a senior software engineer, computer scientist, and writer. He describes himself as a writer of code, equations, and poems and as a lover of cats. Find more about him online at https://www.wfgilreath.xyz.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Netcat – The Admin’s Best Friend

    With the seemingly unlimited number of Linux packages available today in repositories, sometimes it’s easy to get lost and miss out on the really high quality packages – those that offer the most impressive functionality.

  • Pen Testing with netcat

    Once you have successfully exploited a target machine, you might be faced with a dilemma common among penetration testers: Do I have shell access or terminal access? These are not the same, and careful knowledge must be used when interacting with a shell compared with a terminal.

  • Customizing PortSentry

    Do you have a sentry to keep an eye on your servers? We’ll show you how to customize PortSentry’s response to suspicious activity.

  • Protect Your Servers with Nmap

    If you've ever had to test the security of your servers, you've almost certainly come across the ever-flexible Nmap (Network Mapper) – used by sys admins to help protect their servers and diagnose problems.

  • Hacking Mutillidae II
    Ethical hacking against the Mutillidae II vulnerable application can improve your security knowledge.
comments powered by Disqus