第2章 fping應用

主機掃描命令 fping 作用： 批量的給目標主機發(fā)送ping請求，測試主機的存活情況 特點： 并行發(fā)送、結果易讀。 fping安裝步驟 一、獲取源碼包(http://fping.org)

常用參數(shù)介紹

-a 只顯示出存活的主機(相反參數(shù)-u) 1、通過標準輸入方式 fping+IP1+IP2 -g 支持主機段的方式 192.168.1.1 192.168.1.255 192.168.1.0/24 2、通過讀取一個文件中P內(nèi)容 方式：fping -f filename [root@centos-6 ~]# fping 8.8.8.8 223.5.5.5 223.5.5.5 is alive 8.8.8.8 is alive [root@centos-6 ~]# fping -a 8.8.8.8 223.5.5.5 223.5.5.5 8.8.8.8 [root@centos-6 ~]# fping -a -g 10.0.1.1 10.0.1.66 10.0.1.1 10.0.1.60 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.2 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.3 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.3 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.4 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.4 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.5 ICMP Host Unreachable from 10.0.1.60 for ICMP Echo sent to 10.0.1.5 其他主機icmp無法到達 [root@cs7-play ~]# fping -hUsage: fping [options] [targets...]-a show targets that are alive-A show targets by address-b n amount of ping data to send, in bytes (default 56)-B f set exponential backoff factor to f-c n count of pings to send to each target (default 1)-C n same as -c, report results in verbose format-D print timestamp before each output line-e show elapsed time on return packets-f file read list of targets from a file ( - means stdin) (only if no -g specified)-g generate target list (only if no -f specified)(specify the start and end IP in the target list, or supply a IP netmask)(ex. fping -g 192.168.1.0 192.168.1.255 or fping -g 192.168.1.0/24)-H n Set the IP TTL value (Time To Live hops)-i n interval between sending ping packets (in millisec) (default 25)-I if bind to a particular interface-l loop sending pings forever-m ping multiple interfaces on target host-n show targets by name (-d is equivalent)-O n set the type of service (tos) flag on the ICMP packets-p n interval between ping packets to one target (in millisec)(in looping and counting modes, default 1000)-q quiet (don't show per-target/per-ping results)-Q n same as -q, but show summary every n seconds-r n number of retries (default 3)-s print final stats-S addr set source address-t n individual target initial timeout (in millisec) (default 500)-T n ignored (for compatibility with fping 2.4)-u show targets that are unreachable-v show versiontargets list of targets to check (if no -f specified)

第3章 hping應用

特點：支持使用的TCP/IP數(shù)據(jù)包組裝、分析工具 官方站點：http://www.hping.org 安裝之前的準備： yum -y install gcc libpcap-devel tcl-devel libpcap-devel安裝不上的話去官網(wǎng)下載安裝包手動安裝 ./configure && make && make install 建立軟鏈接：ln -sf?/usr/include/pcap-bpf.h /usr/include/net/bpf.h yum install -y epel-release? yum install hping3 -y?

Hping常用參數(shù)

一、對制定目標端口發(fā)起tcp探測 -p 端口 -S 設置TCP模式SYN包 二、偽造來源IP,模擬Ddos攻擊。 -a 偽造IP地址 忽略icmp包 [root@centos-7 ~]# sysctl -w net.ipv4.icmp_echo_ignore_all=1 net.ipv4.icmp_echo_ignore_all = 1[root@centos-6 ~]# hping -p 22 -S 10.0.1.10 HPING 10.0.1.10 (eth1 10.0.1.10): S set, 40 headers + 0 data bytes len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=0 win=29200 rtt=0.6 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=1 win=29200 rtt=0.4 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=2 win=29200 rtt=0.6 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=3 win=29200 rtt=0.4 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=4 win=29200 rtt=0.3 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=5 win=29200 rtt=0.3 ms ^C --- 10.0.1.10 hping statistic --- 6 packets transmitted, 6 packets received, 0% packet loss round-trip min/avg/max = 0.3/0.4/0.6 ms [root@centos-6 ~]# ping 10.0.1.10 PING 10.0.1.10 (10.0.1.10) 56(84) bytes of data. ^C --- 10.0.1.10 ping statistics --- 15 packets transmitted, 0 received, 100% packet loss, time 14172ms[root@centos-6 ~]# fping -u 10.0.1.10 10.0.1.10[root@centos-6 ~]# hping -p 22 -S 10.0.1.10 HPING 10.0.1.10 (eth1 10.0.1.10): S set, 40 headers + 0 data bytes len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=0 win=29200 rtt=0.6 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=1 win=29200 rtt=0.3 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=2 win=29200 rtt=0.3 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=3 win=29200 rtt=0.5 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=4 win=29200 rtt=0.5 ms len=46 ip=10.0.1.10 ttl=64 DF id=0 sport=22 flags=SA seq=5 win=29200 rtt=0.4 ms ^C --- 10.0.1.10 hping statistic --- 6 packets transmitted, 6 packets received, 0% packet loss round-trip min/avg/max = 0.3/0.4/0.6 ms 偽造發(fā)送包 [root@centos-6 ~]# hping -p 22 -S 10.0.1.10 -a 10.0.1.66 HPING 10.0.1.10 (eth1 10.0.1.10): S set, 40 headers + 0 data bytes [root@centos-7 ~]# tcpdump -np -ieth1 src host 10.0.1.66 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes 06:48:39.862942 IP 10.0.1.66.femis > 10.0.1.10.ssh: Flags [S], seq 1667558992, win 512, length 0 06:48:40.863042 IP 10.0.1.66.powerguardian > 10.0.1.10.ssh: Flags [S], seq 701797966, win 512, length 0 06:48:41.863324 IP 10.0.1.66.prodigy-intrnet > 10.0.1.10.ssh: Flags [S], seq 723565960, win 512, length 0 06:48:42.863251 IP 10.0.1.66.pharmasoft > 10.0.1.10.ssh: Flags [S], seq 1068083137, win 512, length 0 06:48:43.863535 IP 10.0.1.66.dpkeyserv > 10.0.1.10.ssh: Flags [S], seq 1386484520, win 512, length 0 06:48:44.863755 IP 10.0.1.66.answersoft-lm > 10.0.1.10.ssh: Flags [S], seq 1894541823, win 512, length 0 06:48:45.864261 IP 10.0.1.66.hp-hcip > 10.0.1.10.ssh: Flags [S], seq 1854398663, win 512, length 0 06:48:46.864519 IP 10.0.1.66.1783 > 10.0.1.10.ssh: Flags [S], seq 754640729, win 512, length 0 06:48:47.864785 IP 10.0.1.66.finle-lm > 10.0.1.10.ssh: Flags [S], seq 432832534, win 512, length 0 06:48:48.864992 IP 10.0.1.66.windlm > 10.0.1.10.ssh: Flags [S], seq 1672102746, win 512, length 0 06:48:49.865081 IP 10.0.1.66.funk-logger > 10.0.1.10.ssh: Flags [S], seq 182615851, win 512, length 0 06:48:50.865966 IP 10.0.1.66.funk-license > 10.0.1.10.ssh: Flags [S], seq 1113500186, win 512, length 0

總結

以上是生活随笔為你收集整理的第2章 fping、hping应用的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。