本文共 1774 字,大约阅读时间需要 5 分钟。
在网络安全测试中,检查目标主机的TCP端口状态是非常重要的一环。以下是常用的三种测试方法以及它们的实际应用场景。
使用Telnet命令可以帮助我们测试端口的连接状态。以下是测试TCP端口的具体步骤:
$ echo "" | telnet 123.1.2.3 8100Trying 123.1.2.3...Connected to 123.1.2.3.Escape character is '^]'.Connection closed by foreign host.TCP端口关了:$ echo "" | telnet 123.1.2.3 8101Trying 123.1.2.3...telnet: connect to address 123.1.2.3: Connection refused
Ncat是一款强大的网络测试工具,支持IP� 산dee和多种测试模式。以下是使用Ncat测试TCP端口的示例:
$ nc -nzv 123.1.2.3 7205Ncat: Version 7.50 (https://nmap.org/ncat)Ncat: Connected to 123.1.2.3:7205Ncat: 0 bytes sent, 0 bytes received in 0.03 secondsTCP端口关了:$ nc -nzv 123.1.2.3 7206Ncat: Version 7.50 (https://nmap.org/ncat)Ncat: Connection timed out
Nmap是一个广泛使用的网络探测工具,支持通过标记化扫描(-sT)测试大量端口。以下是使用Nmap测试TCP端口的示例:
$ nmap -Pn -sT 123.1.2.3 -p 8100Starting Nmap 6.40 (http://nmap.org) at 2019-09-29 12:12 CSTNmap scan report for something.com (123.1.2.3)Host is up (0.0067s latency).PORT STATE SERVICE8100/tcp open xprint-serverNmap done: 1 IP address (1 host up) scanned in 0.07 seconds$ nmap -Pn -sT 123.1.2.3 -p 8101Starting Nmap 6.40 (http://nmap.org) at 2019-09-29 12:12 CSTNmap scan report for something.com (123.1.2.3)PORT STATE SERVICE8101/tcp filtered unknownNmap done: 1 IP address (1 host up) scanned in 2.08 seconds$ nmap -Pn -sT 123.1.2.3 -p 8000-8300Starting Nmap 6.40 (http://nmap.org) at 2019-09-29 12:11 CSTNmap scan report for something.com (123.1.2.3)Host is up (0.0083s latency).Not shown: 299 filtered portsPORT STATE SERVICE8081/tcp open blackice-icecap8100/tcp open xprint-serverNmap done: 1 IP address (1 host up) scanned in 10.00 seconds
在需要带源地址测试的情况下,可以通过指定源IP地址来进行测试。以下是常用的命令示例:
telnet -b source_ip destination_ip port
nc -s source_ip -zv destination_ip port
转载地址:http://ssjxz.baihongyu.com/