fping-a 显示存活的主机(相反参数-u)-g 网段方式扫描-f 通过文件读取格式:fping -u -g 192.168.12.1/24hpingyum -y install hping3.x86_64 实用的端口扫描 网络检测,可以用不同的协议、服务类型(TOS)、IP分片 手工探测MTU(最大传输单元)路径 先进的路由跟踪,支持所有的协议 远程操作系统探测 远程的运行时间探测 TCP/IP堆栈审计 usage: hping host [options] -h --help show this help -v --version show version -c --count packet count -i --interval wait (uX for X microseconds, for example -i u1000) --fast alias for -i u10000 (10 packets for second) --faster alias for -i u1000 (100 packets for second) --flood sent packets as fast as possible. Don't show replies. -n --numeric numeric output -q --quiet quiet -I --interface interface name (otherwise default routing interface) -V --verbose verbose mode -D --debug debugging info -z --bind bind ctrl+z to ttl (default to dst port) -Z --unbind unbind ctrl+z --beep beep for every matching packet receivedMode default mode TCP -0 --rawip RAW IP mode -1 --icmp ICMP mode -2 --udp UDP mode -8 --scan SCAN mode. Example: hping --scan 1-30,70-90 -S www.target.host -9 --listen listen modeIP -a --spoof spoof source address --rand-dest random destionation address mode. see the man. --rand-source random source address mode. see the man. -t --ttl ttl (default 64) -N --id id (default random) -W --winid use win* id byte ordering -r --rel relativize id field (to estimate host traffic) -f --frag split packets in more frag. (may pass weak acl) -x --morefrag set more fragments flag -y --dontfrag set dont fragment flag -g --fragoff set the fragment offset -m --mtu set virtual mtu, implies --frag if packet size > mtu -o --tos type of service (default 0x00), try --tos help -G --rroute includes RECORD_ROUTE option and display the route buffer --lsrr loose source routing and record route --ssrr strict source routing and record route -H --ipproto set the IP protocol field, only in RAW IP modeICMP -C --icmptype icmp type (default echo request) -K --icmpcode icmp code (default 0) --force-icmp send all icmp types (default send only supported types) --icmp-gw set gateway address for ICMP redirect (default 0.0.0.0) --icmp-ts Alias for --icmp --icmptype 13 (ICMP timestamp) --icmp-addr Alias for --icmp --icmptype 17 (ICMP address subnet mask) --icmp-help display help for others icmp optionsUDP/TCP -s --baseport base source port (default random) -p --destport [+][+]<port> destination port(default 0) ctrl+z inc/dec -k --keep keep still source port -w --win winsize (default 64) -O --tcpoff set fake tcp data offset (instead of tcphdrlen / 4) -Q --seqnum shows only tcp sequence number -b --badcksum (try to) send packets with a bad IP checksum many systems will fix the IP checksum sending the packet so you'll get bad UDP/TCP checksum instead. -M --setseq set TCP sequence number -L --setack set TCP ack -F --fin set FIN flag -S --syn set SYN flag -R --rst set RST flag -P --push set PUSH flag -A --ack set ACK flag -U --urg set URG flag -X --xmas set X unused flag (0x40) -Y --ymas set Y unused flag (0x80) --tcpexitcode use last tcp->th_flags as exit code --tcp-timestamp enable the TCP timestamp option to guess the HZ/uptimeCommon -d --data data size (default is 0) -E --file data from file -e --sign add 'signature' -j --dump dump packets in hex -J --print dump printable characters -B --safe enable 'safe' protocol -u --end tell you when --file reached EOF and prevent rewind -T --traceroute traceroute mode (implies --bind and --ttl 1) --tr-stop Exit when receive the first not ICMP in traceroute mode --tr-keep-ttl Keep the source TTL fixed, useful to monitor just one hop --tr-no-rtt Don't calculate/show RTT information in traceroute modeARS packet description (new, unstable) --apd-send Send the packet described with APD (see docs/APD.txt)格式:ping -c 4 -n -i 2 192.168.12.1traceroute默认使用的udp协议-d 使用Socket层级的排错功能。-f 设置第一个检测数据包的存活数值TTL的大小。-F 设置勿离断位。-g 设置来源路由网关,最多可设置8个。-i 使用指定的网络界面送出数据包。-I 使用ICMP回应取代UDP资料信息。-m 设置检测数据包的最大存活数值TTL的大小。-n 直接使用IP地址而非主机名称。-p 设置UDP传输协议的通信端口。-r 忽略普通的Routing Table,直接将数据包送到远端主机上。-s 设置本地主机送出数据包的IP地址。-t 设置检测数据包的TOS数值。-v 详细显示指令的执行过程。-w 设置等待远端主机回报的时间。-x 开启或关闭数据包的正确性检验格式:traceroute www.baidu.commtrMtr是 Linux中有一个非常棒的网络连通性判断工具,它结合了ping, traceroute,nslookup 的相关特性。格式:mtr www.baidu.comnmapncat防止SYN攻击方法1、关闭ICMP协议请求sysctl -w net.ipv4.icmp_echo_ignore_all=12、通过iptables防止扫描iptables -A FORWARD -p tcp -syn -m limit -limit 1/s -limit-burst 5 -j ACCEPTiptables -A FORWARD -p tcp -tcp-flags SYN,ACK,FIN,RST RST -m limit -limit 1/s -j ACCEPTiptables -A FORWARD -p icmp-icmp-type echo-requet -m limit-limit 1/s -j ACCEPTnmapNmap是一款网络扫描和主机检测的非常有用的工具。Nmap是不局限于仅仅收集信息和枚举,同时可以用来作为一个漏洞探测器或安全扫描器。它可以适用于winodws,linux,mac等操作系统默认扫描端口范围0-1024及常用服务端口-p 0-40000 指定端口nmap -sT -p 0-40000 192.168.12.254ICMP协议类型(-P) ping扫描 简单、快速、有效TCP SYN扫描(-sS) TCP半开放扫描 高效、不易被检测、通用TCPconnect()扫描(-sT) TCP全开放扫描 真实、结果可靠UDP扫描(-sU) UDP协议扫描 有效透过防火墙策略格式:扫描整个子网nmap 192.168.12.1/24 ncat组合参数-w设置的超时时间 -z一个输入输出模式 -v 显示命令执行过程基于tcp协议(默认)nc -v -z -w2 192.168.12.254 1-50(端口范围)基于udp协议-unc -v -u -z -w2 192.168.12.254 1-50
转载于:https://www.cnblogs.com/zclzhao/p/5201880.html
