Linux中增强的Ping实用程序-Sing工具
时间:2020-03-05 15:29:40 来源:igfitidea点击:
Ping是一个很棒的实用程序,用于检查网络连接并解决与网络相关的问题。
它使用ICMP(Internet连接消息协议)数据包来检查系统是否已启动并正在运行。
但是我们不能对ping命令执行太多操作。
SING(发送ICMP垃圾邮件)工具与PING相似,对ping进行了某些增强。
“ sing”可以发送完全自定义的ICMP数据包,并具有许多功能,例如OS指纹识别,可以确定计算机上正在运行的OS。
本文介绍sing工具的常见用法。
Sing工具
使用Sing工具,我们可以
确定主机是否启动(如正常的ping命令)
发送具有欺骗性IP地址的数据包
发送具有欺骗性MAC地址的数据包
执行操作系统指纹确定主机/网络设备的操作系统。
模仿或模拟某个操作系统
自定义IP标头,例如ttl字段,设置/取消设置IP标头中的未使用位,设置/取消设置服务字段的类型(tos)等。
让我们检查一下Sing工具的常见用法
1.Sing一个主机
正常使用,如ping命令。
$sing 192.168.1.111 SINGing to 192.168.1.111 (192.168.1.111): 16 data bytes 16 bytes from 192.168.1.111: seq=0 ttl=64 TOS=0 time=206.140 ms 16 bytes from 192.168.1.111: seq=1 ttl=64 TOS=0 time=127.752 ms 16 bytes from 192.168.1.111: seq=2 ttl=64 TOS=0 time=152.000 ms ^C --- 192.168.1.111 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 127.752/161.964/206.140 ms
2.限制请求数
使用-c选项,可以限制ICMP请求的数量,以便在发送指定数量的请求后自动退出“唱歌”。
$sing -c 3 192.168.1.7 SINGing to 192.168.1.7 (192.168.1.7): 16 data bytes 16 bytes from 192.168.1.7: seq=0 ttl=128 TOS=0 time=773.990 ms 16 bytes from 192.168.1.7: seq=1 ttl=128 TOS=0 time=184.961 ms 16 bytes from 192.168.1.7: seq=2 ttl=128 TOS=0 time=209.010 ms --- 192.168.1.7 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 184.961/389.320/773.990 ms
3.欺骗IP地址
使用-S选项欺骗IP地址。
我们将不会得到答复,因为目标主机会将答复发送到欺骗的IP地址。
$sing -c 3 -S 192.168.1.111 192.168.1.7 SINGing to 192.168.1.7 (192.168.1.7): 16 data bytes --- 192.168.1.7 sing statistics -- 3 packets transmitted, 0 packets received, 100% packet loss
4.欺骗硬件/MAC地址
同样,我们将不会得到任何回复。
$sing -c 3 -MAC 00:FF:AC:33:1:B 192.168.1.111 SINGing to 192.168.1.111 (192.168.1.111): 16 data bytes --- 192.168.1.111 sing statistics -- 3 packets transmitted, 0 packets received, 100% packet loss
5.操作系统指纹
使用-O选项确定远程设备的操作系统:
$sing -c 3 -O 192.168.1.7 SINGing to 192.168.1.7 (192.168.1.7): 16 data bytes 16 bytes from 192.168.1.7: seq=0 ttl=128 TOS=0 time=117.090 ms 16 bytes from 192.168.1.7: seq=1 ttl=128 TOS=0 time=141.224 ms 16 bytes from 192.168.1.7: seq=2 ttl=128 TOS=0 time=165.401 ms --- 192.168.1.7 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 117.090/141.238/165.401 ms <*> Remote OS on 192.168.1.7 is a Windowk
$sing -c 3 -O 192.168.1.1 SINGing to 192.168.1.1 (192.168.1.1): 16 data bytes 16 bytes from 192.168.1.1: seq=0 ttl=254 TOS=66 time=128.475 ms 16 bytes from 192.168.1.1: seq=1 ttl=254 TOS=66 time=152.105 ms 16 bytes from 192.168.1.1: seq=2 ttl=254 TOS=66 time=175.606 ms --- 192.168.1.1 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 128.475/152.062/175.606 ms <*> Remote OS on 192.168.1.1 is a UNIX (Linux, Solaris, *BSD, HP-UX, etc.), <*> Cisco or similar network device
$sing -c 3 -O 192.168.1.10 SINGing to 192.168.1.10 (192.168.1.10): 16 data bytes Ouch!! 192.168.1.5 sings host 192.168.1.10 unreachable!! --- 192.168.1.10 sing statistics -- 3 packets transmitted, 0 packets received, 100% packet loss <*> Ouch!! I can't guess the remote OS without a reply! It gives interesting replies (output) when a host is unreachable.
6.模仿操作系统
使用-M选项,我们可以模拟操作系统。
-M选项的可能值为win,unix,linux,cisco,solaris或者shiva。
其中模仿Windows和Solaris:
$sing -c 3 -M win 192.168.1.7 SINGing to 192.168.1.7 (192.168.1.7): 48 data bytes 48 bytes from 192.168.1.7: seq=1 ttl=128 TOS=0 time=186.525 ms 48 bytes from 192.168.1.7: seq=2 ttl=128 TOS=0 time=210.081 ms 48 bytes from 192.168.1.7: seq=3 ttl=128 TOS=0 time=131.313 ms --- 192.168.1.7 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 131.313/175.973/210.081 ms
$sing -c 3 -M solaris 192.168.1.7 SINGing to 192.168.1.7 (192.168.1.7): 64 data bytes 64 bytes from 192.168.1.7: seq=0 ttl=128 TOS=0 time=188.626 ms 64 bytes from 192.168.1.7: seq=1 ttl=128 TOS=0 time=109.932 ms 64 bytes from 192.168.1.7: seq=2 ttl=128 TOS=0 time=134.814 ms --- 192.168.1.7 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 109.932/144.457/188.626 ms
7.安静模式
在安静模式下,除了启动和结束时的摘要行以外,什么都不会显示。
使用-q选项切换安静模式:
$sing -q -c 3 -O 192.168.1.111 SINGing to 192.168.1.111 (192.168.1.111): 16 data bytes --- 192.168.1.111 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 119.259/143.332/167.434 ms <*> Remote OS on 192.168.1.111 is a Windowk
8.手动序号
使用-seq选项,可以手动设置与回显请求和回复一起使用的回显序列号。
$sing -seq 24 -c 3 192.168.1.7 SINGing to 192.168.1.7 (192.168.1.7): 16 data bytes 16 bytes from 192.168.1.7: seq=24 ttl=128 TOS=0 time=169.860 ms 16 bytes from 192.168.1.7: seq=25 ttl=128 TOS=0 time=194.116 ms 16 bytes from 192.168.1.7: seq=26 ttl=128 TOS=0 time=320.699 ms --- 192.168.1.7 sing statistics -- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max = 169.860/228.225/320.699 ms
