×ðÁú¿­Ê±¹ÙÍøµÇ¼

linuxÉó²é±¨ÎÄÊÇʲôÏÂÁî

linuxÉó²é±¨ÎĵÄÏÂÁ1¡¢tvpdumpÏÂÁÊÇÒ»¸öºÜÊÇÇ¿Ê¢µÄÍøÂçÆÊÎö¹¤¾ß£¬¿ÉÒÔ²¶»ñ¾­ÓÉÍøÂç½Ó¿ÚµÄÊý¾Ý°ü£¬²¢½«ÆäÊä³ö»òÉúÑÄΪÎļþ£»2¡¢tsharkÏÂÁÊÇ¡°wireshark¡±µÄÏÂÁîÐа汾£¬¿ÉÒÔÓÃÓÚץȡÆÊÎöºÍÏÔʾÍøÂçÊý¾Ý°ü£»3¡¢ngrepÏÂÁÊÇÒ»¿îÇ¿Ê¢µÄÍøÂçÊý¾Ý°ü¹ýÂ˹¤¾ß£¬¿ÉÒÔƾָ֤¶¨µÄ±í´ïʽËÑË÷ºÍÏÔʾÍøÂçÊý¾Ý°ü¡£

±¾ÎIJÙ×÷ÇéÐΣºlinux 6.4.3ϵͳ¡¢DELL G3µçÄÔ¡£

ÔÚʹÓÃLinuxϵͳ¾ÙÐÐÍøÂç¹ÊÕÏÅŲ顢ÍøÂçÇå¾²ÆÊÎöµÈÊÂÇéÀú³ÌÖУ¬¾­³£ÐèÒªÉó²éÍøÂçÊý¾Ý°üµÄÄÚÈÝ¡£LinuxÌṩÁËһЩÏÂÁ¿ÉÒÔ×ÊÖúÎÒÃÇÉó²é±¨ÎĵÄÏêϸÐÅÏ¢¡£±¾ÎĽ«ÏÈÈÝһЩ³£ÓõÄÏÂÁî¼°ÆäʹÓÃÒªÁ죬×ÊÖú¶ÁÕ߸üºÃµØÃ÷È·ºÍʹÓÃÕâЩÏÂÁî¡£

Ò»¡¢tcpdumpÏÂÁî

tcpdumpÊÇÒ»¸öºÜÊÇÇ¿Ê¢µÄÍøÂçÆÊÎö¹¤¾ß£¬¿ÉÒÔ²¶»ñ¾­ÓÉÍøÂç½Ó¿ÚµÄÊý¾Ý°ü£¬²¢½«ÆäÊä³ö»òÉúÑÄΪÎļþ¡£ÒÔÏÂÊÇ tcpdump µÄ»ù±¾Ó÷¨£º

1. ÏÂÁîÃûÌãº

tcpdump [Ñ¡Ïî] [±í´ïʽ]

2. ³£ÓÃÑ¡Ï

– -i£ºÖ¸¶¨¼à¿ØµÄÍøÂç½Ó¿Ú£¬Èç eth0 »ò enp0s3¡£

– -c£ºÖ¸¶¨Òª×¥È¡µÄÊý¾Ý°üÊýÄ¿¡£

– -w£º½«²¶»ñµ½µÄÊý¾Ý°üÉúÑĵ½ÎļþÖС£

– -r£º´ÓÎļþÖжÁÈ¡Êý¾Ý°ü²¢¾ÙÐÐÆÊÎö¡£

– -X£ºÒÔ16½øÖƺÍASCIIÃûÌÃÏÔʾÊý¾Ý°ü¡£

– -n£º½ûÓöÔIPµØµãºÍ¶Ë¿ÚµÄÆÊÎö¡£

– -s£ºÉèÖÃÊý¾Ý°üµÄץȡ³¤¶È¡£

3. ʾÀýÓ÷¨£º

– ¼à¿ØÖ¸¶¨ÍøÂç½Ó¿ÚµÄËùÓÐÊý¾Ý°ü£º

tcpdump -i eth0

– ¼à¿ØÖ¸¶¨IPµØµãµÄÊý¾Ý°ü£º

tcpdump host 192.168.0.1

– ¼à¿ØÖ¸¶¨¶Ë¿ÚµÄÊý¾Ý°ü£º

tcpdump port 80

– ¼à¿ØÖ¸¶¨Ô´µØµãºÍÄ¿µÄµØµãµÄÊý¾Ý°ü£º

tcpdump src 192.168.0.2 and dst 192.168.0.3

– ¼à¿ØÖ¸¶¨Ô´¶Ë¿ÚºÍÄ¿µÄ¶Ë¿ÚµÄÊý¾Ý°ü£º

tcpdump src port 1234 and dst port 5678

– ½«×¥È¡µ½µÄÊý¾Ý°üÉúÑĵ½ÎļþÖУº

tcpdump -i eth0 -w capture.pcap

– ´ÓÎļþÖжÁÈ¡Êý¾Ý°ü²¢¾ÙÐÐÆÊÎö£º

tcpdump -r capture.pcap

– ÒÔ16½øÖƺÍASCIIÃûÌÃÏÔʾÊý¾Ý°ü£º

tcpdump -X

¶þ¡¢tsharkÏÂÁî

tshark ÊÇ Wireshark µÄÏÂÁîÐа汾£¬¿ÉÒÔÓÃÓÚץȡ¡¢ÆÊÎöºÍÏÔʾÍøÂçÊý¾Ý°ü¡£ÒÔÏÂÊÇ tshark µÄ»ù±¾Ó÷¨£º

1. ÏÂÁîÃûÌãº

tshark [Ñ¡Ïî] [¹ýÂËÌõ¼þ]

2. ³£ÓÃÑ¡Ï

– -i£ºÖ¸¶¨¼à¿ØµÄÍøÂç½Ó¿Ú¡£

– -c£ºÖ¸¶¨Òª×¥È¡µÄ°üÊýÄ¿¡£

– -w£º½«×¥È¡µÄÊý¾Ý°üÉúÑĵ½ÎļþÖС£

– -r£º´ÓÎļþÖжÁÈ¡Êý¾Ý°ü²¢¾ÙÐÐÆÊÎö¡£

– -V£ºÒÔÏêϸµÄ·½·¨ÏÔʾÿ¸öÊý¾Ý°üµÄÏêϸÐÅÏ¢¡£

– -T£ºÖ¸¶¨ÊäÌØÊâʽΪÎı¾¡¢json¡¢pdmlµÈ¡£

– -Y£ºÉèÖùýÂËÌõ¼þ¡£

3. ʾÀýÓ÷¨£º

– ¼à¿ØÖ¸¶¨ÍøÂç½Ó¿ÚµÄËùÓÐÊý¾Ý°ü£º

tshark -i eth0

– ¼à¿ØÖ¸¶¨IPµØµãµÄÊý¾Ý°ü£º

tshark host 192.168.0.1

– ¼à¿ØÖ¸¶¨¶Ë¿ÚµÄÊý¾Ý°ü£º

tshark port 80

– ¼à¿ØÖ¸¶¨Ô´µØµãºÍÄ¿µÄµØµãµÄÊý¾Ý°ü£º

tshark src 192.168.0.2 and dst 192.168.0.3

– ¼à¿ØÖ¸¶¨Ô´¶Ë¿ÚºÍÄ¿µÄ¶Ë¿ÚµÄÊý¾Ý°ü£º

tshark src port 1234 and dst port 5678

– ½«×¥È¡µ½µÄÊý¾Ý°üÉúÑĵ½ÎļþÖУº

tshark -i eth0 -w capture.pcap

– ´ÓÎļþÖжÁÈ¡Êý¾Ý°ü²¢¾ÙÐÐÆÊÎö£º

tshark -r capture.pcap

– ÒÔÏêϸµÄ·½·¨ÏÔʾÊý¾Ý°ü£º

tshark -V

Èý¡¢ngrepÏÂÁî

ngrep ÊÇÒ»¿îÇ¿Ê¢µÄÍøÂçÊý¾Ý°ü¹ýÂ˹¤¾ß£¬¿ÉÒÔƾָ֤¶¨µÄ±í´ïʽËÑË÷ºÍÏÔʾÍøÂçÊý¾Ý°ü¡£ÒÔÏÂÊÇ ngrep µÄ»ù±¾Ó÷¨£º

1. ÏÂÁîÃûÌãº

ngrep [Ñ¡Ïî] ±í´ïʽ

2. ³£ÓÃÑ¡Ï

– -i£ººöÂÔ¾Þϸд¡£

– -q£ºÖ»ÏÔʾƥÅäµÄÊý¾Ý°ü¡£

– -W£ºÉèÖÃץȡµÄ×Ö½ÚÊý¡£

– -d£ºÖ¸¶¨Òª¼àÌýµÄÍøÂç½Ó¿Ú¡£

– -O£ºÏÔʾÊý¾Ý°üµÄÆ«ÒÆÁ¿¡£

– -x£ºÒÔ16½øÖÆÏÔʾÊý¾Ý°ü¡£

– -A£ºÏÔʾƥÅäÊý¾Ý°üµÄºóÐøÊý¾Ý¡£

3. ʾÀýÓ÷¨£º

– ¼àÌýÖ¸¶¨ÍøÂç½Ó¿ÚµÄËùÓÐÊý¾Ý°ü£º

ngrep -d eth0

– ËÑË÷Ö¸¶¨IPµØµãµÄÊý¾Ý°ü£º

ngrep host 192.168.0.1

– ËÑË÷Ö¸¶¨¶Ë¿ÚµÄÊý¾Ý°ü£º

ngrep port 80

– ËÑË÷Ö¸¶¨Ô´µØµãºÍÄ¿µÄµØµãµÄÊý¾Ý°ü£º

ngrep src 192.168.0.2 and dst 192.168.0.3

– ËÑË÷Ö¸¶¨Ô´¶Ë¿ÚºÍÄ¿µÄ¶Ë¿ÚµÄÊý¾Ý°ü£º

ngrep src port 1234 and dst port 5678

– ÉèÖÃץȡµÄ×Ö½ÚÊý£º

ngrep -W 100

– ÒÔ16½øÖÆÏÔʾƥÅäµÄÊý¾Ý°ü£º

ngrep -x

С½á£º

LinuxϵͳÌṩÁËһЩǿʢµÄÏÂÁÈçtcpdump¡¢tsharkºÍngrep£¬¿ÉÒÔ×ÊÖúÎÒÃÇÉó²é±¨ÎĵÄÏêϸÐÅÏ¢¡£ÏàʶÕâЩÏÂÁîµÄ»ù±¾Ó÷¨£¬¹ØÓÚÍøÂç¹ÊÕÏÅŲ顢ÍøÂçÇå¾²ÆÊÎöºÍÍøÂçÊý¾Ý°üÆÊÎöµÈÊÂÇéºÜÊÇÓÐ×ÊÖú¡£Ëæ×ÅʹÓõÄÉîÈëºÍÂÄÀúµÄ»ýÀÛ£¬¶ÁÕß¿ÉÒÔ¸üºÃµØʹÓÃÕâЩ¹¤¾ßÀ´½â¾öÏÖʵµÄÎÊÌâ¡£

ÒÔÉϾÍÊÇlinuxÉó²é±¨ÎÄÊÇʲôÏÂÁîµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡

ÃâÔð˵Ã÷£ºÒÔÉÏչʾÄÚÈÝȪԴÓÚÏàÖúýÌå¡¢ÆóÒµ»ú¹¹¡¢ÍøÓÑÌṩ»òÍøÂçÍøÂçÕûÀí£¬°æȨÕùÒéÓë±¾Õ¾Î޹أ¬ÎÄÕÂÉæ¼°¿´·¨Óë¿´·¨²»´ú±í×ðÁú¿­Ê±¹ÙÍøµÇ¼ÂËÓÍ»úÍø¹Ù·½Ì¬¶È£¬Çë¶ÁÕß½ö×ö²Î¿¼¡£±¾ÎĽӴýתÔØ£¬×ªÔØÇë˵Ã÷À´ÓÉ¡£ÈôÄúÒÔΪ±¾ÎÄÇÖÕ¼ÁËÄúµÄ°æȨÐÅÏ¢£¬»òÄú·¢Ã÷¸ÃÄÚÈÝÓÐÈκÎÉæ¼°ÓÐÎ¥¹«µÂ¡¢Ã°·¸Ö´·¨µÈÎ¥·¨ÐÅÏ¢£¬ÇëÄúÁ¬Ã¦ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼ʵʱÐÞÕý»òɾ³ý¡£

Ïà¹ØÐÂÎÅ

ÁªÏµ×ðÁú¿­Ê±¹ÙÍøµÇ¼

18523999891

¿É΢ÐÅÔÚÏß×Éѯ

ÊÂÇéʱ¼ä£ºÖÜÒ»ÖÁÖÜÎ壬9:30-18:30£¬½ÚãåÈÕÐÝÏ¢

QR code
ÍøÕ¾µØͼ