Timetombs

泛义的工具是文明的基础,而确指的工具却是愚人的器物

66h / 116a
,更新于 2024-01-29T05:49:23Z+08:00 by   b0bb5af

[计算机网络] Tool

版权声明 - CC BY-NC-SA 4.0

1 dns

dig bing.com
nslookup bing.com

2 netsh

# port forward 127.0.0.1:12345 to http://www.nghttp2.org
netsh interface portproxy add v4tov4 listenport=12345 connectaddress=139.162.123.134 connectport=80

# show all
netsh interface portproxy show all

# delete all
netsh interface portproxy reset

# delete one
netsh interface portproxy delete v4tov4 listenport=12345

# help
netsh interface portproxy help

3 net-tools

apt install -y net-tools

3.1 netstat

short optionfull option
-h--help
-V--version
-n--numeric
--numeric-hosts
--numeric-ports
--numeric-users
-t--tcp
-u--udp
-x--unix

状态统计

netstat -n | awk '/^tcp/ {++S[$NF]} END {for(a in S) print a, S[a]}'

TIME_WAIT状态统计

netstat -n | awk '/TIME_WAIT/ {++S[$4]} END {for(a in S) print a, S[a]}' | sort -r -n -k2 -t' '

4 iproute2

apt install -y iproute2

4.1 ss

short optionfull option
-h--help
-V--version
-a--all
-n--numeric
-t--tcp
-u--udp
-x--unix
-4--ipv4
-6--ipv6
-H--no-header
ss -tan | awk 'NR>1 {++S[$1]} END {for (a in S) print a,S[a]}'

5 tcpdump

apt install -y tcpdump
optiondescription
-h, --helpshow help
--versionshow version
-APrint each packet (minus its link level header) in ASCII. Handy for capturing web pages.
-cExit after receiving count packets.
-s,--snapshot-lengthSnarf snaplen bytes of data from each packet
-S,--absolute-tcp-sequence-numbersPrint absolute, rather than relative, TCP sequence numbers.
# 抓包到文件
tcpdump port 80 -w http-80.pcap

# 解析80端口的100个包
tcpdump port 80 -A -c 100

参考 : https://www.tcpdump.org/manpages/tcpdump.1.html

6 wireshark

6.1 preferences

gui.column.format: 
	"#", "%m",
	"tcp.stream", "%Cus:tcp.stream:0:R",
	"time", "%t",
	"datetime", "%Yut",
	"s.mac", "%uhs",
	"s.ip", "%us",
	"s.port", "%uS",
	"protocol", "%p",
	"d.mac", "%uhd",
	"d.ip", "%ud",
	"d.port", "%uD",
	"length", "%L",
	"info", "%i"

7 手机抓包

  1. 设置共享的WLAN
    # 设置共享的WLAN
    netsh wlan set hostednetwork mode=allow ssid=ssid1 key=12345678
    
    # 启动共享的WLAN
    netsh wlan start hostednetwork
    
    # 停止共享的WLAN
    netsh wlan stop hostednetwork
    
  2. 共享联网的网卡给上述的WLAN的网卡
    共享联网的网卡给上述的WLAN

然后通过wireshark抓被共享的网卡即可。

上一篇 : [计算机网络] IO 模型
下一篇 : [计算机网络] DNS(Domain Name System)