command-87198_640.jpg
前言
大家都应该熟悉ping这个网络诊断工具,它用来检测网络是否连通以及目的主机是否在线。然而唯一缺点是它只支持ICMP协议。因此,大多数主机都会防火墙过滤ICMP数据包,不过,Linux下也有跟他类似的ping工具,本文将会介绍一些常见的工具。
ping
作为所有系统默认自带的 ping ,它同样也很重要。通过 man ping 来查看ping的帮助手册
ping [-aAbBdDfhLnOqrRUvV46] [-c count] [-F flowlabel] [-i interval] [-I interface]
[-l preload] [-m mark] [-M pmtudisc_option] [-N nodeinfo_option] [-w deadline] [-W
timeout] [-p pattern] [-Q tos] [-s packetsize] [-S sndbuf] [-t ttl] [-T timestamp
option] [hop ...] destination
常用的也就是 -c(发送数据包的数量),-s(发送数据的字节大小),-I(网络接口)
> ping baidu.com -c 2 -s 64
PING baidu.com (111.13.101.208) 64(92) bytes of data.
72 bytes from 111.13.101.208 (111.13.101.208): icmp_seq=1 ttl=55 time=44.2 ms
72 bytes from 111.13.101.208 (111.13.101.208): icmp_seq=2 ttl=55 time=43.4 ms
--- baidu.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1017ms
rtt min/avg/max/mdev = 43.490/43.873/44.257/0.436 ms
假如我要ping一个主机的IPv6地址,那么可以这样做(必须指定 -I eth0)
> ping -I eth0 fe80::2605:fff:fe41:e387 -c 2
PING fe80::2605:fff:fe41:e387(fe80::2605:fff:fe41:e387) from fe80::2cca:ff77:78dc:1025%eth0 eth0: 56 data bytes
64 bytes from fe80::2605:fff:fe41:e387%eth0: icmp_seq=1 ttl=255 time=1.67 ms
64 bytes from fe80::2605:fff:fe41:e387%eth0: icmp_seq=2 ttl=255 time=4.43 ms
--- fe80::2605:fff:fe41:e387 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.671/3.054/4.438/1.384 ms
或者 ping6 -I eth0 fe80::2605:fff:fe41:e387 -c 2
fping
相对来说fping比ping要高级点(也是通过ICMP协议来发送数据包的),他可以向多个目标主机发送ping,也可以指定一个主机列表文件。其中,fping的 -g 选项比较重要
-g, --generate generate target list (only if no -f specified)
(give start and end IP in the target list, or a CIDR address)
(ex. fping -g 192.168.1.0 192.168.1.255 or fping -g 192.168.1.0/24)
fping --help
Usage: fping [options] [targets...]
Probing options:
-4, --ipv4 only ping IPv4 addresses
-6, --ipv6 only ping IPv6 addresses
-b, --size=BYTES amount of ping data to send, in bytes (default: 56)
-B, --backoff=N set exponential backoff factor to N (default: 1.5)
-c, --count=N count mode: send N pings to each target
-f, --file=FILE read list of targets from a file ( - means stdin)
-g, --generate generate target list (only if no -f specified)
(give start and end IP in the target list, or a CIDR address)
(ex. fping -g 192.168.1.0 192.168.1.255 or fping -g 192.168.1.0/24)
-H, --ttl=N set the IP TTL value (Time To Live hops)
-I, --iface=IFACE bind to a particular interface
-l, --loop loop mode: send pings forever
-m, --all use all IPs of provided hostnames (e.g. IPv4 and IPv6), use with -A
-M, --dontfrag set the Don't Fragment flag
-O, --tos=N set the type of service (tos) flag on the ICMP packets
-p, --period=MSEC interval between ping packets to one target (in ms)
(in loop and count modes, default: 1000 ms)
-r, --retry=N number of retries (default: 3)
-R, --random random packet data (to foil link data compression)
-S, --src=IP set source address
-t, --timeout=MSEC individual target initial timeout (default: 500 ms,
except with -l/-c/-C, where it's the -p period up to 2000 ms)
Output options:
-a, --alive show targets that are alive
-A, --addr show targets by address
-C, --vcount=N same as -c, report results in verbose format
-D, --timestamp print timestamp before each output line
-e, --elapsed show elapsed time on return packets
-i, --interval=MSEC interval between sending ping packets (default: 10 ms)
-n, --name show targets by name (-d is equivalent)
-N, --netdata output compatible for netdata (-l -Q are required)
-o, --outage show the accumulated outage time (lost packets * packet interval)
-q, --quiet quiet (don't show per-target/per-ping results)
-Q, --squiet=SECS same as -q, but show summary every n seconds
-s, --stats print final stats
-u, --unreach show targets that are unreachable
-v, --version show version
用法如下
> fping -I eth0 -b 64 -f list_targets -a -q -s
192.168.1.16 : xmt/rcv/%loss = 2/2/0%, min/avg/max = 58.0/74.1/90.1
192.168.1.15 : xmt/rcv/%loss = 2/0/100%
192.168.1.110 : xmt/rcv/%loss = 2/2/0%, min/avg/max = 1.48/3.39/5.31
3 targets
2 alive
1 unreachable
0 unknown addresses
1 timeouts (waiting for response)
6 ICMP Echos sent
4 ICMP Echo Replies received
0 other ICMP received
1.48 ms (min round trip time)
38.7 ms (avg round trip time)
90.1 ms (max round trip time)
2.022 sec (elapsed real time)
-b 指定发送数据字节大小
-f 指定一个目标主机列表文件,每行一个地址
-a 只显示可以ping通的目标主机
-q 安静模式,不显示在ping时的每个主机的结果
-s 最后显示总计结果
-r 重试次数,默认:3
还可以指定 -g 来扫描局域网下所有主机
> fping -asgq 192.168.1.0/24
192.168.1.1
192.168.1.11
192.168.1.6
192.168.1.16
192.168.1.3
192.168.1.5
192.168.1.12
192.168.1.9
192.168.1.105
192.168.1.108
192.168.1.110
254 targets
11 alive
243 unreachable
0 unknown addresses
243 timeouts (waiting for response)
983 ICMP Echos sent
11 ICMP Echo Replies received
964 other ICMP received
0.04 ms (min round trip time)
88.2 ms (avg round trip time)
268 ms (max round trip time)
11.633 sec (elapsed real time)
通过 -u 可以显示主机不可达的地址,如: fping -usgq 192.168.1.0/24
hping3
这个hping3就比较强大的,它支持的协议有TCP,UDP,ICMP,支持使用tcl脚本。
主要用途:
- 测试防火墙规则
- 测试入侵检测系统(IDS)
- 测试TCP/IP模式的安全漏洞
对于一些主机的防火墙过滤了ICMP数据包,那么我们可以使用hping3发送TCP数据包来判断主机是否存活
> hping3 -h
usage: hping3 host [options]
-h --help show this help
-v --version show version
-c --count packet count
-i --interval wait (uX for X microseconds, for example -i u1000)
--fast alias for -i u10000 (10 packets for second)
--faster alias for -i u1000 (100 packets for second)
--flood sent packets as fast as possible. Don't show replies.
-n --numeric numeric output
-q --quiet quiet
-I --interface interface name (otherwise default routing interface)
-V --verbose verbose mode
-D --debug debugging info
-z --bind bind ctrl+z to ttl (default to dst port)
-Z --unbind unbind ctrl+z
--beep beep for every matching packet received
Mode
default mode TCP
-0 --rawip RAW IP mode
-1 --icmp ICMP mode
-2 --udp UDP mode
-8 --scan SCAN mode.
Example: hping --scan 1-30,70-90 -S www.target.host
-9 --listen listen mode
IP
-a --spoof spoof source address
--rand-dest random destionation address mode. see the man.
--rand-source random source address mode. see the man.
-t --ttl ttl (default 64)
-N --id id (default random)
-W --winid use win* id byte ordering
-r --rel relativize id field (to estimate host traffic)
-f --frag split packets in more frag. (may pass weak acl)
-x --morefrag set more fragments flag
-y --dontfrag set don't fragment flag
-g --fragoff set the fragment offset
-m --mtu set virtual mtu, implies --frag if packet size > mtu
-o --tos type of service (default 0x00), try --tos help
-G --rroute includes RECORD_ROUTE option and display the route buffer
--lsrr loose source routing and record route
--ssrr strict source routing and record route
-H --ipproto set the IP protocol field, only in RAW IP mode
ICMP
-C --icmptype icmp type (default echo request)
-K --icmpcode icmp code (default 0)
--force-icmp send all icmp types (default send only supported types)
--icmp-gw set gateway address for ICMP redirect (default 0.0.0.0)
--icmp-ts Alias for --icmp --icmptype 13 (ICMP timestamp)
--icmp-addr Alias for --icmp --icmptype 17 (ICMP address subnet mask)
--icmp-help display help for others icmp options
UDP/TCP
-s --baseport base source port (default random)
-p --destport [+][+]<port> destination port(default 0) ctrl+z inc/dec
-k --keep keep still source port
-w --win winsize (default 64)
-O --tcpoff set fake tcp data offset (instead of tcphdrlen / 4)
-Q --seqnum shows only tcp sequence number
-b --badcksum (try to) send packets with a bad IP checksum
many systems will fix the IP checksum sending the packet
so you'll get bad UDP/TCP checksum instead.
-M --setseq set TCP sequence number
-L --setack set TCP ack
-F --fin set FIN flag
-S --syn set SYN flag
-R --rst set RST flag
-P --push set PUSH flag
-A --ack set ACK flag
-U --urg set URG flag
-X --xmas set X unused flag (0x40)
-Y --ymas set Y unused flag (0x80)
--tcpexitcode use last tcp->th_flags as exit code
--tcp-mss enable the TCP MSS option with the given value
--tcp-timestamp enable the TCP timestamp option to guess the HZ/uptime
Common
-d --data data size (default is 0)
-E --file data from file
-e --sign add 'signature'
-j --dump dump packets in hex
-J --print dump printable characters
-B --safe enable 'safe' protocol
-u --end tell you when --file reached EOF and prevent rewind
-T --traceroute traceroute mode (implies --bind and --ttl 1)
--tr-stop Exit when receive the first not ICMP in traceroute mode
--tr-keep-ttl Keep the source TTL fixed, useful to monitor just one hop
--tr-no-rtt Don't calculate/show RTT information in traceroute mode
ARS packet description (new, unstable)
--apd-send Send the packet described with APD (see docs/APD.txt)
可以通过一下选项指定发送数据包的协议
| 选项 | 选项全称 | 描述 |
|---|---|---|
| -0 | --rawip | 发送原始IP数据包 |
| -1 | --icmp | 发送ICMP数据包 |
| -2 | --udp | 发送UDP数据包 |
| -8 | --scan | 扫描模式 |
| -9 | --listen | 监听模式 |
<font color=red>注意,默认是发送TCP数据包</font>
hping3 支持在发送数据包同时设置TCP标识
| 选项 | 描述 |
|---|---|
| -S | SYN |
| -F | FIN |
| -R | RST |
| -P | PUSH |
| -A | ACK |
| -U | URG |
| -X | XMAS |
| -Y | YMAS |
发送TCP数据包
> hping3 -I eth0 -V --syn 192.168.1.110 -c 2
using eth0, addr: 192.168.1.108, MTU: 1500
HPING 192.168.1.110 (eth0 192.168.1.110): S set, 40 headers + 0 data bytes
len=46 ip=192.168.1.110 ttl=64 DF id=10106 tos=0 iplen=40
sport=0 flags=RA seq=0 win=0 rtt=7.7 ms
seq=0 ack=1839333390 sum=88b4 urp=0
len=46 ip=192.168.1.110 ttl=64 DF id=10157 tos=0 iplen=40
sport=0 flags=RA seq=1 win=0 rtt=7.6 ms
seq=0 ack=439379179 sum=1ca3 urp=0
--- 192.168.1.110 hping statistic ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 7.6/7.7/7.7 ms
端口检测
-p 指定目的端口
> hping3 -I eth0 -S -p 3306 192.168.1.110 -c 2
HPING 192.168.1.110 (eth0 192.168.1.110): S set, 40 headers + 0 data bytes
len=46 ip=192.168.1.110 ttl=64 DF id=0 sport=3306 flags=SA seq=0 win=29200 rtt=31.8 ms
len=46 ip=192.168.1.110 ttl=64 DF id=0 sport=3306 flags=SA seq=1 win=29200 rtt=7.7 ms
--- 192.168.1.110 hping statistic ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 7.7/19.7/31.8 ms
注意其中的 win=29200 表示开放该端口
Scan模式
通过 -8/--scan 来开启扫描模式。
所谓扫描模式,通过一个端口组,对主机进行端口扫描。
hping3 给出了两个关键字代表多个端口。
| 关键字 | 描述 |
|---|---|
| all | 表示 0-65535 的端口 |
| known | 表示已知本地端口,这些端口位于/etc/services文件 |
例1,扫描 0-65535 的端口
> hping3 --scan 'all' -S 192.168.1.110
Scanning 192.168.1.110 (192.168.1.110), port all
65536 ports to scan, use -V to see all the replies
+----+-----------+---------+---+-----+-----+-----+
|port| serv name | flags |ttl| id | win | len |
+----+-----------+---------+---+-----+-----+-----+
3306 mysql : .S..A... 64 0 29200 46
80 http : .S..A... 64 0 29200 46
All replies received. Done.
Not responding ports: (1 tcpmux) (2 nbp) (3 ) (4 echo) (6 zip) (8 ) (9 discard) (10 ) (11 systat) (13 daytime) (14 )
......
......
例2,扫描 1-5555的端口和已知端口
> hping3 -8 '1-5555,known' -S 192.168.1.17
Scanning 192.168.1.17 (192.168.1.17), port 1-5555,known
5641 ports to scan, use -V to see all the replies
+----+-----------+---------+---+-----+-----+-----+
|port| serv name | flags |ttl| id | win | len |
+----+-----------+---------+---+-----+-----+-----+
21 ftp : .S..A... 64 0 5840 44
22 ssh : .S..A... 64 0 5840 44
23 telnet : .S..A... 64 0 5840 44
25 smtp : .S..A... 64 0 5840 44
53 domain : .S..A... 64 0 5840 44
80 http : .S..A... 64 0 5840 44
111 sunrpc : .S..A... 64 0 5840 44
139 netbios-ssn: .S..A... 64 0 5840 44
445 microsoft-d: .S..A... 64 0 5840 44
512 exec : .S..A... 64 0 5840 44
513 login : .S..A... 64 0 5840 44
514 shell : .S..A... 64 0 5840 44
1099 rmiregistry: .S..A... 64 0 5840 44
1524 ingreslock : .S..A... 64 0 5840 44
2049 nfs : .S..A... 64 0 5840 44
2121 iprop : .S..A... 64 0 5840 44
3306 mysql : .S..A... 64 0 5840 44
3632 distcc : .S..A... 64 0 5840 44
5432 postgresql : .S..A... 64 0 5840 44
6000 x11 : .S..A... 64 0 5840 44
6667 ircd : .S..A... 64 0 5840 44
6697 ircs-u : .S..A... 64 0 5840 44
All replies received. Done.
Not responding ports:
发送随机原IP地址的数据包
--rand-source/--rand-dest 用于伪造原/目的IP地址,这可以在很大程度上不让我们自己的IP地址被对方检测到
> hping3 --udp -S 192.168.1.17 -c 5 --rand-source
HPING 192.168.1.17 (eth0 192.168.1.17): udp mode set, 28 headers + 0 data bytes
ICMP Port Unreachable from ip=192.168.1.17 name=192.168.1.17
status=0 port=2475 seq=0
ICMP Port Unreachable from ip=192.168.1.17 name=192.168.1.17
status=0 port=2476 seq=1
ICMP Port Unreachable from ip=192.168.1.17 name=192.168.1.17
status=0 port=2477 seq=2
ICMP Port Unreachable from ip=192.168.1.17 name=192.168.1.17
status=0 port=2478 seq=3
--- 192.168.1.17 hping statistic ---
5 packets transmitted, 4 packets received, 20% packet loss
round-trip min/avg/max = 3.5/4.1/5.8 ms
然而这个的问题是丢包率增大。
可以在目主机上执行 tcpdump -nn -v -t udp 来查看收发包情况。
nping
nping是 Nmap 的一个 网络数据包生成工具。支持 TCP、UDP、ICMP、ARP 协议,多个主机的多个端口。功能类似与hping3
Nping 0.7.60 ( https://nmap.org/nping )
Usage: nping [Probe mode] [Options] {target specification}
TARGET SPECIFICATION:
Targets may be specified as hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.*.1-24
PROBE MODES:
--tcp-connect : Unprivileged TCP connect probe mode.
--tcp : TCP probe mode.
--udp : UDP probe mode.
--icmp : ICMP probe mode.
--arp : ARP/RARP probe mode.
--tr, --traceroute : Traceroute mode (can only be used with
TCP/UDP/ICMP modes).
TCP CONNECT MODE:
-p, --dest-port <port spec> : Set destination port(s).
-g, --source-port <portnumber> : Try to use a custom source port.
TCP PROBE MODE:
-g, --source-port <portnumber> : Set source port.
-p, --dest-port <port spec> : Set destination port(s).
--seq <seqnumber> : Set sequence number.
--flags <flag list> : Set TCP flags (ACK,PSH,RST,SYN,FIN...)
--ack <acknumber> : Set ACK number.
--win <size> : Set window size.
--badsum : Use a random invalid checksum.
UDP PROBE MODE:
-g, --source-port <portnumber> : Set source port.
-p, --dest-port <port spec> : Set destination port(s).
--badsum : Use a random invalid checksum.
ICMP PROBE MODE:
--icmp-type <type> : ICMP type.
--icmp-code <code> : ICMP code.
--icmp-id <id> : Set identifier.
--icmp-seq <n> : Set sequence number.
--icmp-redirect-addr <addr> : Set redirect address.
--icmp-param-pointer <pnt> : Set parameter problem pointer.
--icmp-advert-lifetime <time> : Set router advertisement lifetime.
--icmp-advert-entry <IP,pref> : Add router advertisement entry.
--icmp-orig-time <timestamp> : Set originate timestamp.
--icmp-recv-time <timestamp> : Set receive timestamp.
--icmp-trans-time <timestamp> : Set transmit timestamp.
ARP/RARP PROBE MODE:
--arp-type <type> : Type: ARP, ARP-reply, RARP, RARP-reply.
--arp-sender-mac <mac> : Set sender MAC address.
--arp-sender-ip <addr> : Set sender IP address.
--arp-target-mac <mac> : Set target MAC address.
--arp-target-ip <addr> : Set target IP address.
IPv4 OPTIONS:
-S, --source-ip : Set source IP address.
--dest-ip <addr> : Set destination IP address (used as an
alternative to {target specification} ).
--tos <tos> : Set type of service field (8bits).
--id <id> : Set identification field (16 bits).
--df : Set Don't Fragment flag.
--mf : Set More Fragments flag.
--ttl <hops> : Set time to live [0-255].
--badsum-ip : Use a random invalid checksum.
--ip-options <S|R [route]|L [route]|T|U ...> : Set IP options
--ip-options <hex string> : Set IP options
--mtu <size> : Set MTU. Packets get fragmented if MTU is
small enough.
IPv6 OPTIONS:
-6, --IPv6 : Use IP version 6.
--dest-ip : Set destination IP address (used as an
alternative to {target specification}).
--hop-limit : Set hop limit (same as IPv4 TTL).
--traffic-class <class> : : Set traffic class.
--flow <label> : Set flow label.
ETHERNET OPTIONS:
--dest-mac <mac> : Set destination mac address. (Disables
ARP resolution)
--source-mac <mac> : Set source MAC address.
--ether-type <type> : Set EtherType value.
PAYLOAD OPTIONS:
--data <hex string> : Include a custom payload.
--data-string <text> : Include a custom ASCII text.
--data-length <len> : Include len random bytes as payload.
ECHO CLIENT/SERVER:
--echo-client <passphrase> : Run Nping in client mode.
--echo-server <passphrase> : Run Nping in server mode.
--echo-port <port> : Use custom <port> to listen or connect.
--no-crypto : Disable encryption and authentication.
--once : Stop the server after one connection.
--safe-payloads : Erase application data in echoed packets.
TIMING AND PERFORMANCE:
Options which take <time> are in seconds, or append 'ms' (milliseconds),
's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m, 0.25h).
--delay <time> : Adjust delay between probes.
--rate <rate> : Send num packets per second.
MISC:
-h, --help : Display help information.
-V, --version : Display current version number.
-c, --count <n> : Stop after <n> rounds.
-e, --interface <name> : Use supplied network interface.
-H, --hide-sent : Do not display sent packets.
-N, --no-capture : Do not try to capture replies.
--privileged : Assume user is fully privileged.
--unprivileged : Assume user lacks raw socket privileges.
--send-eth : Send packets at the raw Ethernet layer.
--send-ip : Send packets using raw IP sockets.
--bpf-filter <filter spec> : Specify custom BPF filter.
OUTPUT:
-v : Increment verbosity level by one.
-v[level] : Set verbosity level. E.g: -v4
-d : Increment debugging level by one.
-d[level] : Set debugging level. E.g: -d3
-q : Decrease verbosity level by one.
-q[N] : Decrease verbosity level N times
--quiet : Set verbosity and debug level to minimum.
--debug : Set verbosity and debug to the max level.
EXAMPLES:
nping scanme.nmap.org
nping --tcp -p 80 --flags rst --ttl 2 192.168.1.1
nping --icmp --icmp-type time --delay 500ms 192.168.254.254
nping --echo-server "public" -e wlan0 -vvv
nping --echo-client "public" echo.nmap.org --tcp -p1-1024 --flags ack
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
TCP扫描
> nping --tcp -c 1 192.168.1.110 192.168.1.108 -p 22,3306 --flags=syn
Starting Nping 0.7.60 ( https://nmap.org/nping ) at 2018-04-05 11:08 CST
SENT (0.0428s) TCP 192.168.1.108:39046 > 192.168.1.110:22 S ttl=64 id=19287 iplen=40 seq=1799430370 win=1480
RCVD (0.0465s) TCP 192.168.1.110:22 > 192.168.1.108:39046 SA ttl=64 id=0 iplen=44 seq=2225990095 win=29200 <mss 1460>
SENT (1.0437s) TCP 192.168.1.108:39046 > 192.168.1.108:22 S ttl=64 id=19287 iplen=40 seq=1799430370 win=1480
SENT (2.0449s) TCP 192.168.1.108:39046 > 192.168.1.110:3306 S ttl=64 id=19287 iplen=40 seq=1799430370 win=1480
RCVD (2.0897s) TCP 192.168.1.110:3306 > 192.168.1.108:39046 SA ttl=64 id=0 iplen=44 seq=3017639874 win=29200 <mss 1460>
SENT (3.0468s) TCP 192.168.1.108:39046 > 192.168.1.108:3306 S ttl=64 id=19287 iplen=40 seq=1799430370 win=1480
Statistics for host 192.168.1.110:
| Probes Sent: 2 | Rcvd: 2 | Lost: 0 (0.00%)
|_ Max rtt: 44.817ms | Min rtt: 3.653ms | Avg rtt: 24.235ms
Statistics for host 192.168.1.108:
| Probes Sent: 2 | Rcvd: 0 | Lost: 2 (100.00%)
|_ Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
Raw packets sent: 4 (160B) | Rcvd: 2 (92B) | Lost: 2 (50.00%)
Nping done: 2 IP addresses pinged in 4.09 seconds
arping
arping用在本地局域网中,判断目标主机是否在线。
Usage: arping [-fqbDUAV] [-c count] [-w timeout] [-I device] [-s source] destination
-f : quit on first reply
-q : be quiet
-b : keep broadcasting, don't go unicast
-D : duplicate address detection mode
-U : Unsolicited ARP mode, update your neighbours
-A : ARP answer mode, update your neighbours
-V : print version and exit
-c count : how many packets to send
-w timeout : how long to wait for a reply
-I device : which ethernet device to use
-s source : source ip address
destination : ask for what ip address
如下判断 192.168.1.110 主机是否在线
> arping -c 2 192.168.1.110 -w 1
ARPING 192.168.1.110 from 192.168.1.108 eth0
Unicast reply from 192.168.1.110 [24:05:0F:41:E3:87] 61.513ms
Unicast reply from 192.168.1.110 [24:05:0F:41:E3:87] 1.864ms
Sent 2 probes (1 broadcast(s))
Received 2 response(s)
netcat
对于netcat(nc),我只想介绍其中一个功能——扫描主机端口
> nc -zvn -w 1 192.168.1.110 1-5555
(UNKNOWN) [192.168.1.110] 3306 (mysql) open
(UNKNOWN) [192.168.1.110] 80 (http) open
(UNKNOWN) [192.168.1.110] 22 (ssh) open
结尾
以上是一些比较常用ping工具了,当然还有更强的的如nmap :)
bye~
网友评论