linux主机要联网,当然要配置网络。以下我们就来了解一下一些基本的网络参数该如何配置
一、配置网络接口和路由
①linux系统中的网络接口类型和命名规则:
以太网:eth#,如eth0,eth1...
PPP网络:ppp#
loopback:lo,本地回环接口。常用于系统内部测试,其IP固定为127.0.0.1
②ifconfig:是一个用来查看、配置、启用或禁用网络接口的工具,极为常用。
用法:
■ifconfig [-a]:-a选项表示显示所有接口信息,不指定则只显示处于激活状态的接口信息
■ifconfig IFNAME:显示指定接口的信息
■ifconfig IFNAME [del] IP:给指定接口配置IP地址,del表示删除IP地址
长格式:ifconfig IFNAME IP netmask MASK 例如 ifconfig eth0 192.168.10.2 netmask 255.255.255.0
短格式:ifconfig IFNAME IP/MASK(一般为掩码位数) 例如 ifconfig eth0 192.168.10.2/24
■ifconfig IFNAME hw ether HARD_ADDRESS:修改指定接口的MAC地址
■ifconfig IFNAME up/down:启用或关闭接口
■ifconfig IFNAME [-]arp:开机或关闭arp功能,带-表示关闭
■ifconfig IFNAME mtu #:设置能通过的MTU(最大数据传输单元)大小
③ifup/ifdown IFNAME:启用或关闭接口
注:这两个命令是依照接口配置文件ifcfg-eth#来进行启动或关闭的
[root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:40:35:9D inet addr:192.168.30.3 Bcast:192.168.30.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe40:359d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:60057 errors:0 dropped:0 overruns:0 frame:0 TX packets:41967 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5893244 (5.6 MiB) TX bytes:4412775 (4.2 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:188 errors:0 dropped:0 overruns:0 frame:0 TX packets:188 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:16220 (15.8 KiB) TX bytes:16220 (15.8 KiB) [root@localhost ~]# ifconfig eth0 192.168.30.4/24 #修改eth0的IP地址 [root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:40:35:9D inet addr:192.168.30.4 Bcast:192.168.30.255 Mask:255.255.255.0 ... [root@localhost ~]# ifconfig eth0 down [root@localhost ~]# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 ... [root@localhost ~]# ifconfig eth0 up [root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:40:35:9D inet addr:192.168.30.4 Bcast:192.168.30.255 Mask:255.255.255.0 ... [root@localhost ~]# ifdown eth0 [root@localhost ~]# ifup eth0 #ifup会根据接口配置文件里的设置启用接口,可对比以上用ifconfig启用接口发现二者的区别 ... [root@localhost ~]# ifconfig #注意用ifup启用接口后接口IP地址变回192.168.30.3 eth0 Link encap:Ethernet HWaddr 00:0C:29:40:35:9D inet addr:192.168.30.3 Bcast:192.168.30.255 Mask:255.255.255.0 ...
④route:显示或设置linux内核中的网络路由表
查看:route [-neC]
-n:显示数字格式的地址(不要DNS反解)
-e:显示更多的信息
-C:显示路由缓存
设置:
增加路由条目:route add [-host HOST_IP/-net NET_ADDRESS] gw NEXT_HOP [dev DEVICE]
删除路由条目:route del [-host HOST_IP/-net NET_ADDRESS]
设置或删除默认网关:route add/del default gw IP_ADDRESS,也可写作route add/del -net 0.0.0.0 gw IP_ADDRESS
-host:目标为主机
-net:目标为网络,-net 0.0.0.0表示目标为任意地址
gw:gateway,网关
dev:指定由哪块网卡连接出去时使用该设置
例 route add -host 172.16.100.3 gw 192.168.1.254
route add -net 10.0.0.0/8 gw 192.168.1.254
[root@localhost ~]# route add -host 172.16.12.3 gw 192.168.30.254 [root@localhost ~]# route add -net 10.0.0.0/8 gw 192.168.30.254 [root@localhost ~]# route -n #Gateway若显示为0.0.0.0则表示目标网络为本地网络,无需网关 Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.16.12.3 192.168.30.254 255.255.255.255 UGH 0 0 0 eth0 192.168.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 10.0.0.0 192.168.30.254 255.0.0.0 UG 0 0 0 eth0 0.0.0.0 192.168.30.2 0.0.0.0 UG 0 0 0 eth0 [root@localhost ~]# route del -host 172.16.12.3 [root@localhost ~]# route del -net 10.0.0.0/8 [root@localhost ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 0.0.0.0 192.168.30.2 0.0.0.0 UG 0 0 0 eth0
⑤ip:一款强大的网络配置工具,综合了ifconfig和route命令的功能
选项:
-s:显示更详细的信息
用法:
ip link show [DEVICE]:查看所有接口或指定接口的信息
ip link set DEVICE {up/down/arp {on/off}/name NAWNAME/alias NAME/mtu MTU}
[root@localhost ~]# ip link set eth0 down #关闭eth0 [root@localhost ~]# ip link show #可以看到eth0的状态已为"down" 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state down qlen 1000 link/ether 00:0c:29:40:35:9d brd ff:ff:ff:ff:ff:ff [root@localhost ~]# ip link set eth0 up
ip addr show/flush [dev DEVICE]
ip addr add/del ADDRESS [dev DEVICE] [label IFALIAS] [broadcast BCAST_ADDRESS]
注:使用ip addr给接口新增IP地址无需附于接口别名上,且不会覆盖已有地址,这个新增的地址不会在ifconfig命令中显示,要使用ip addr show查看 ;使用label IFALIAS定义接口别名
[root@localhost ~]# ip addr add 192.168.30.10/24 dev eth0 #直接给eth0新增IP地址 [root@localhost ~]# ip addr add 192.168.30.20/24 dev eth0 label eth0:0 #定义接口别名 [root@localhost ~]# ip addr show eth0 #显示eth0的ip地址信息 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:35:9d brd ff:ff:ff:ff:ff:ff inet 192.168.30.3/24 brd 192.168.30.255 scope global eth0 inet 192.168.30.10/24 scope global secondary eth0 inet 192.168.30.20/24 scope global secondary eth0:0 inet6 fe80::20c:29ff:fe40:359d/64 scope link valid_lft forever preferred_lft forever [root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:40:35:9D inet addr:192.168.30.3 Bcast:192.168.30.255 Mask:255.255.255.0 ... eth0:0 Link encap:Ethernet HWaddr 00:0C:29:40:35:9D inet addr:192.168.30.20 Bcast:0.0.0.0 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 ... [root@localhost ~]# ip addr flush dev eth0 #清除eth0上的IP地址 [root@localhost ~]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:40:35:9d brd ff:ff:ff:ff:ff:ff [root@localhost ~]# ipup eth0
ip route list/flush:列出或清空路由表
ip route add DESTINATION [via NEXT_HOP] [src SOURCE_ADDRESS] [dev DEVICE]
ip route del DESTINATION
[root@localhost ~]# ip route add 10.0.0.0/8 via 192.168.30.254 dev eth0 #添加路由 [root@localhost ~]# ip route list 192.168.30.0/24 dev eth0 proto kernel scope link src 192.168.30.3 169.254.0.0/16 dev eth0 scope link metric 1002 10.0.0.0/8 via 192.168.30.254 dev eth0 default via 192.168.30.2 dev eth0 [root@localhost ~]# ip route del 10.0.0.0/8
⑥网络接口配置文件
我们除了使用命令配置网络参数外,还可直接配置文件。
linux中网络接口的配置文件位于/etc/sysconfig/network-scripts/目录下,有两类:
配置IP、掩码和网关:
以太网:ifcfg-IFNAME
PPP:ifcfg-ppp#
配置路由:route-IFNAME
■ifcfg-IFNAME配置文件的格式:
DEVICE=IFNAME: 此配置文件所关联到的设备,设备名称要与本文件名ifcfg-后面的保持一致;
BOOTPROTO={bootp|dhcp|static|none}
HWADDR:当前设备的MAC地址;
NM_CONTROLLED={yes|no}: 是否接受NetworkManager服务脚本来配置此设备,默认为yes,因此服务脚本不好用,建议设为no
ONBOOT={yes|no}: 是否在开机过程中,自动激活此接口
TYPE={Ethernet|Bridge}: 网络接口类型,首字母必须大写
UUID=
IPADDR:如果前面的bootproto设为dhcp,则在此指定的IP地址无效
NETMASK=
GATEWAY=
DNS1:首选DNS地址
DNS2:备用DNS地址
IPV6INIT={yes|no}:
USERCTL={yes|no}: 是否允许普通用户控制此接口,一般为no
PEERDNS={yes|no}: 是否接受DHCP服务器指派的DNS服务器地址,如果为yes,DHCP服务器指派的DNS地址会修改/etc/resolv.conf。默认为yes
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 HWADDR=00:0C:29:40:35:9D TYPE=Ethernet UUID=0a45cf2b-169a-4820-82c4-ad3510abffc7 ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static IPADDR=192.168.30.3 NETMASK=255.255.255.0 GATEWAY=192.168.30.2 DNS1=8.8.8.8
■route-IFNAME文件格式:
格式1:每行一个路由条目
DESTINATION via NETX_HOP 例如 10.0.0.0/8 via 172.16.0.1
格式2: 每三行一组,定义一个路由条目,以下的#表示组编号
ADDRESS#=DESTINATION
NETMASK#=MASK
GATEWAY#=GW
如ADDRESS0=10.0.0.0
NETMASK0=255.255.255.0
GATEWAY0=172.16.0.1
注:以上两种格式不能混用
⑦如何在一个网络接口上配置多个ip
方法1:使用ip addr add ADDRESS dev DEVICE的方式直接在接口上新增IP
方法2:通过网络接口的别名来实现。IFNAME:#,例如eth0:0,eth0:1...
可使用命令或配置文件(ifcfg-IFNAME:#)配置(别名不支持使用DHCP配置)
⑧使用文本图形界面配置网络参数
TUI:system-config-network-tui
GUI:system-config-network-gui #需额外安装
setup
修改的结果会保存至相应的配置文件中
在ssh中使用文本图形界面配置网络参数时先将unicoding设为UTF-8
注意:使用命令配置的信息直接送往内核并立即生效,但不会永久有效(重启服务或系统会失效);配置文件里的设置是持久有效的,修改配置文件后需要重启服务才能生效
二、网络服务脚本
Centos 5:/etc/rc.d/init.d/network
Centos 6:/etc/rc.d/init.d/network
/etc/rc.d/init.d/NetworkManager(不支持桥接网络)
linux系统中的服务脚本位于/etc/rc.d/init.d目录下,该目录有一软链接/etc/init.d,其中的多数脚本都用于控制linux后台进程,接受参数{start|stop|restart|status}
网络服务控制:
/etc/init.d/network start|stop|restart|status
service network start|stop|restart|status #Centos 7不支持
配置某服务是否开机自动运行:
chkconfig SERNAME on/off
查看所有的或指定的服务开机启动设置情况:
chkconfig --list [SERNAME]
#服务脚本和chkconfig命令的内容会在后续博客中详解
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eh0 ... [root@localhost ~]# service network restart #重启网络服务 Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining if ip address 192.168.30.3 is already in use for device eth0... [root@localhost ~]# service network status #查看网络服务状态 Configured devices: lo eth0 Currently active devices: lo eth0 [root@localhost ~]# chkconfig --list network #显示network在2-5运行级别下是开机自动运行的 network 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@localhost ~]# chkconfig network off #关闭network开机自动运行 [root@localhost ~]# chkconfig --list network network 0:off 1:off 2:off 3:off 4:off 5:off 6:off
三、配置主机名
hostname:查看或修改主机名
查看:hostname [-adifs]
-a:显示主机别名
-d:显示DNS域名
-f:显示FQDN名称
-i:显示主机的ip地址
设置:hostname HOSTNAME
配置文件:/etc/sysconfig/network
深入理解hostname:使用hostname查看的主机名直接取自于内核参数/proc/sys/kernel/hostname,而这个内核参数的值是Linux启动时通过/etc/rc.d/rc.sysinit到/etc/sysconfig/network读取的,hostname命令设置的主机名只是即时有效,若想系统重启后仍有效,必须修改/etc/sysconfig/network中HOSTNAME的值。hostname与/etc/hosts中的配置没有关系
[root@localhost ~]# hostname #查看主机名 localhost.localdomain [root@localhost ~]# hostname excellence #临时修改主机名 [root@localhost ~]# hostname excellence [root@localhost ~]# echo brilliant > /proc/sys/kernel/hostname [root@localhost ~]# hostname brilliant [root@localhost ~]# vim /etc/sysconfig/network NETWORKING=yes #networking为网络服务总开关 HOSTNAME=personality NTPSERVERARGS=iburst
四、有关域名解析
①本地域名解析:/etc/hosts
②配置DNS服务器地址:/etc/resolv.conf
③域名查询工具(以下三个工具的用法详见博客http://9124573.blog.51cto.com/9114573/1721345)
dig
host
nslookup
五、其它网络管理相关工具
①ping: 使用ICMP协议测试主机之间的连通性
用法:ping [option]... HOST
常用选项:
-c:指定发送报文的个数
-i:发送报文的间隔时间,默认为1秒
-f:极限检测
-w:ping命令从发出到结束的总时长
-W:等待响应报文的超时时长,该选项常用于检测不可达主机
例 ping -c 1 -W 1 192.168.1.107 &> /dev/null & # 结尾的&表示将进程送到后台执行
[root@localhost ~]# ping www.baidu.com PING www.a.shifen.com (115.239.211.112) 56(84) bytes of data. 64 bytes from 115.239.211.112: icmp_seq=1 ttl=128 time=7.77 ms 64 bytes from 115.239.211.112: icmp_seq=2 ttl=128 time=5.19 ms ... [root@localhost ~]# ping -c 4 -i 0.5 192.168.1.107 PING 192.168.1.107 (192.168.1.107) 56(84) bytes of data. 64 bytes from 192.168.1.107: icmp_seq=1 ttl=128 time=0.985 ms 64 bytes from 192.168.1.107: icmp_seq=2 ttl=128 time=0.666 ms 64 bytes from 192.168.1.107: icmp_seq=3 ttl=128 time=1.23 ms 64 bytes from 192.168.1.107: icmp_seq=4 ttl=128 time=1.21 ms --- 192.168.1.107 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 1505ms rtt min/avg/max/mdev = 0.666/1.025/1.233/0.229 ms [root@localhost ~]# ping -c 1 -W 1 192.168.1.107 &> /dev/null & [1] 11772 [root@localhost ~]# echo $? 0
②traceroute:追踪网络数据包的路由途径,预设数据包大小是40Bytes
用法:traceroute [-n] HOST
[root@localhost ~]# traceroute www.baidu.com traceroute to www.baidu.com (115.239.210.27), 30 hops max, 60 byte packets # 显示经过了30跳 1 192.168.30.2 (192.168.30.2) 0.120 ms 0.143 ms 0.106 ms 2 * * * 3 * * * ...
③mtr:网络连通性判断工具,结合了ping, traceroute,nslookup的相关特性
用法:mtr HOST
④netstat: 显示Linux中网络系统的状态信息
用法:netstat [option]...
常用选项:
-t:tcp协议相关
-u:udp协议相关
-n:显示数字格式的地址
-l: listen,显示处于监听状态的连接
-a:所有状态的连接
-p:显示会话中的进程程序名及进程号
-e:显示扩展信息
-r:routing,显示路由表。netstat -rn同route -n
常用组合选项:-tunl,-tanp
[root@localhost ~]# netstat -tunl Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN ... udp 0 0 :::1008 :::* udp 0 0 :::54713 :::* [root@localhost ~]# netstat -tanp Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1257/rpcbind tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1472/sshd tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1336/cupsd ... [root@localhost ~]# netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.30.2 0.0.0.0 UG 0 0 0 eth0 [root@localhost ~]# netstat -o state established '( sport = :22 )' Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State Timer tcp 0 52 192.168.30.10:ssh 192.168.30.1:59029 ESTABLISHED on (0.24/0/0)
⑤ss:类似netstat的工具,比netstat更新。ss的优势在于它能够显示更多更详细的信息,且比netstat更快速更高效,建议优先使用此命令。其用法与选项同netstat很相近,不再赘述
选项:
-m:套接字相关的内存使用信息
-o state {established,fin_wait_1, fin_wait_2, listening} '( dport = # or sport = # )',例如-o state established '( sport = :22 )'
[root@localhost ~]# ss -tlnp State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 :::111 :::* users:(("rpcbind",1257,11)) LISTEN 0 128 *:111 *:* users:(("rpcbind",1257,8)) LISTEN 0 128 :::22 :::* users:(("sshd",1472,4)) ... [root@localhost ~]# ss -o state established '( sport = :ssh )' Recv-Q Send-Q Local Address:Port Peer Address:Port 0 52 192.168.30.10:ssh 192.168.30.1:59029 timer:(on,239ms,0) 0 0 192.168.30.10:ssh 192.168.30.1:58054 timer:(keepalive,44sec,8)
⑥ethtool:显示或设置网络接口参数
用法:ethtool [option]... IFNAME
常用选项:
-S: 显示网络接口的统计数据
[root@localhost ~]# ethtool eth0 Settings for eth0: Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supported pause frame use: No Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: No Advertised auto-negotiation: Yes Speed: 1000Mb/s #千兆速率 Duplex: Full #全双工 Port: Twisted Pair ... [root@localhost ~]# ethtool -S eth0 NIC statistics: rx_packets: 58798 #接收到的包数 tx_packets: 41085 #发送的包数 rx_bytes: 6022407 tx_bytes: 4301086 rx_broadcast: 0 ...
⑦tcpdump:抓包工具
用法:tcpdump [选项] [参数]
常用选项:
-i:指定网络接口
-n:显示数字格式的地址
-c:指定数据包数量
-w:把捕获的包数据写入指定文件中,这些包数据可随后通过-r选项读取并分析
-r:从指定文件中读取包数据
关键字:
关于类型的关键字:host,net,port。默认为host
确定方向的关键字:src,dst,src or dst,src and dst。默认为src or dst
协议关键字:ip,tcp,udp,arp,rarp,fddi(光纤上的特定网络协议)...若不指定,默认监听所有协议数据包
还可使用逻辑语句指定更为精细的过滤条件:
与:and,&&
或:or,||
非:not,!
使用示例:
tcpdump [-i IFNAME]:捕获指定网络接口的数据包,缺省为第一个网络接口。例如tcpdump -i eth0
tcpdump host HOST:捕获所有进入或离开指定主机的数据包,例如tcpdump host 192.168.30.20
tcpdump host 192.168.30.20 and \(192.168.30.2 or 192.168.30.5 \):捕获主机192.168.30.20与192.168.30.2或192.168.30.5的通信
tcpdump ip host 192.168.30.20 and ! 192.168.30.10:捕获主机192.168.30.20与除192.168.30.2之外的所有主机通信的IP报文
tcpdump src host 192.168.30.20:捕获192.168.30.20发出的数据包
tcpdump -w /tmp/ssh_catch tcp port 22 and host 192.168.30.20:监视指定主机的tcp22端口,将捕获的信息写入/tmp/ssh_catch
[root@localhost ~]# tcpdump host 192.168.30.20 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 20:26:18.351695 IP 192.168.30.20 > 192.168.1.106: ICMP echo request, id 54024, seq 4, length 64 20:26:18.352814 IP 192.168.1.106 > 192.168.30.20: ICMP echo reply, id 54024, seq 4, length 64 20:26:18.353878 IP 192.168.30.20.ssh > 192.168.30.1.52839: Flags [P.], seq 2865629077:2865629177, ack 2088396297, win 279, length 100 ... 33 packets captured 33 packets received by filter 0 packets dropped by kernel [root@localhost ~]# tcpdump host 192.168.30.20 and tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 20:37:08.777632 IP 192.168.30.20 > 61.135.169.121: ICMP echo request, id 59656, seq 4, length 64 20:37:08.812496 IP 61.135.169.121 > 192.168.30.20: ICMP echo reply, id 59656, seq 4, length 64 ... [root@localhost ~]# tcpdump tcp port 22 and host 192.168.30.20 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 21:09:06.159710 IP 192.168.30.1.52839 > 192.168.30.20.ssh: Flags [P.], seq 2088406025:2088406061, ack 2865660321, win 251, length 36 21:09:06.199776 IP 192.168.30.20.ssh > 192.168.30.1.52839: Flags [.], ack 36, win 279, length 0 ...
⑧nmap:是一款开放源代码的网络探测和安全审核工具,用于快速扫描一个网络或一台主机开放的端口,还能探测远程主机的操作系统类型。该工具需额外安装
用法:nmap [扫描类型] [通用选项] [扫描目标]
■常用扫描类型:
-sP:ping扫描,因该选项会跳过端口扫描,所以适合于检测指定网段内在线的主机
-sT:TCP connect()扫描
-sS:TCP同步扫描(TCP SYN),因为不必打开一个完整的TCP连接,所以这项技术通常称为半开扫描(half-open)
-sU:UDP端口扫描
-sV:探测服务版本信息
-sA:通过TCP ACK扫描,探测主机是否使用了防火墙或包过滤器
■通用选项:
-v:给出详细信息
-O:激活操作系统检测
-A:使用各种高级扫描选项(系统探测、版本探测,路由追踪...)
-F:快速扫描
■扫描目标相关选项:
-iL:从指定文件中读取扫描目标
-iR:让nmap自己随机挑选主机进行扫描
-p:指定要进行扫描的端口号的范围,如-p 22-80,3306
--exclude:排除指定主机
--excludefile:排除指定文件中的主机
使用示例:
nmap www.magedu.com #使用主机名扫描
nmap -v 192.168.30.20 #使用IP地址扫描,并显示详细信息
nmap -O 192.168.30.20 172.16.30.5 #扫描多个主机,并探测其操作系统类型
nmap 192.168.30.1,3,20 #扫描同一网段内的多个主机
namp -sV 192.168.30.10-50 #探测一段范围内的主机的服务版本信息
nmap -F 192.168.30.* #快速扫描某个网段
namp -sP 192.168.30.0/24 # 扫描指定网段内在线的主机
nmap -iL nmap.txt #扫描指定文件中列出的主机地址
nmap 192.168.30.* --exclude 192.168.30.20 #排除指定主机
nmap -p 80,3306 192.168.30.20 #扫描指定端口
[root@localhost ~]# nmap 192.168.30.20 Starting Nmap 5.51 ( http://nmap.org ) at 2015-10-24 23:49 CST Nmap scan report for 192.168.30.20 Host is up (0.00064s latency). Not shown: 999 filtered ports PORT STATE SERVICE 22/tcp open ssh MAC Address: 00:0C:29:BD:68:23 (VMware) Nmap done: 1 IP address (1 host up) scanned in 38.12 seconds [root@localhost ~]# nmap -O 192.168.30.5 192.168.30.20 Starting Nmap 5.51 ( http://nmap.org ) at 2015-10-25 00:00 CST Nmap scan report for 192.168.30.5 Host is up (0.00024s latency). All 1000 scanned ports on 192.168.30.5 are filtered MAC Address: 00:0C:29:31:3D:B7 (VMware) Too many fingerprints match this host to give specific OS details Network Distance: 1 hop Nmap scan report for 192.168.30.20 ... No exact OS matches for host (test conditions non-ideal). Network Distance: 1 hop OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 2 IP addresses (2 hosts up) scanned in 13.17 seconds [root@localhost ~]# nmap -sP 192.168.30.0/24 Starting Nmap 5.51 ( http://nmap.org ) at 2015-10-25 00:02 CST Nmap scan report for 192.168.30.1 Host is up (0.00024s latency). MAC Address: 00:50:56:C0:00:08 (VMware) Nmap scan report for 192.168.30.2 ... Nmap done: 256 IP addresses (5 hosts up) scanned in 2.79 seconds [root@localhost ~]# nmap -p 22,80 192.168.30.20 Starting Nmap 5.51 ( http://nmap.org ) at 2015-10-25 00:04 CST Nmap scan report for 192.168.30.20 Host is up (0.00068s latency). PORT STATE SERVICE 22/tcp open ssh 80/tcp filtered http MAC Address: 00:0C:29:BD:68:23 (VMware) Nmap done: 1 IP address (1 host up) scanned in 0.44 seconds