ping的高级用法网络检查Advanced usage Ping network check.docx
《ping的高级用法网络检查Advanced usage Ping network check.docx》由会员分享,可在线阅读,更多相关《ping的高级用法网络检查Advanced usage Ping network check.docx(9页珍藏版)》请在冰点文库上搜索。
ping的高级用法网络检查AdvancedusagePingnetworkcheck
ping的高级用法(网络检查)(AdvancedusagePing(networkcheck))
AdvancedusageofPing
FortheWindowsunderthepingcommandIbelievewearefamiliarwith,butthePingcanfunctiontomostpeopleisnotalot,ofcourse,I'mnotsayingthatIcanmakethemostofthePing,IalsojustoftenusePingthistool,alsosummarizessomeexperience,andnowsharewithyou.
NowI'llrefertothehelpinstructionsforthepingcommandtotellyouaboutthetechniquesI'llusewhenI'musingPing.Pingisonlyinstalled
TheTCP/IPprotocolwillbeavailablelater:
Ping[-t][-a][-ncount][-llength][-f][-ittl][-vtos][-rcount][-scount][-jcomputer-list],[-kcomputer-list][-wtimeout]destination-list
Options:
-t,Ping,the,specified,host,stopped.To,see,statistics,and,continue-type,Control-Break,To,stop-type,until,Control-C.
KeepthePinglocalhostupuntilyoupressControl-C.
Thereisnospecialtechniqueforthisfunction,butitcanbeusedinconjunctionwithotherparameters,asmentionedbelow.
-a,Resolve,addresses,to,hostnames.
ResolutioncomputerNetBiosname.
Example:
C:
>ping-a192.168.1.21
Pinging,iceblood.yofor,[192.168.1.21],with,32,bytes,of,data:
Reply,from,192.168.1.21:
bytes=32,time<10ms,TTL=254
Reply,from,192.168.1.21:
bytes=32,time<10ms,TTL=254
Reply,from,192.168.1.21:
bytes=32,time<10ms,TTL=254
Reply,from,192.168.1.21:
bytes=32,time<10ms,TTL=254
Pingstatisticsfor192.168.1.21:
Packets:
Sent=4,Received=4,Lost=0(0%,loss),Approximate,round,trip,times,in,milli-seconds:
Minimum=0ms,Maximum=0ms,Average=0ms
FromaboveyoucanseethatIPis192.168.1.21andthecomputerNetBiosiscallediceblood.yofor.
-n,count,Number,of,echo,requests,to,send.
SendcountthespecifiednumberofEchopackets.
Bydefault,usuallyonlysendfourpacketsthroughthiscommandcansendthenumberoftheirowndefinition,isveryhelpfultomeasurethespeedofthenetwork,forexample,howmuchIwanttotestforsending50packetsbacktotheaveragetime,howmuchisthefastesttime,theslowesttimeishowmuchyoucangetthroughthefollowing:
C:
>ping-n50202.103.96.68
Pinging202.103.96.68with32bytesofdata:
Reply,from,202.103.96.68:
bytes=32,time=50ms,TTL=241
Reply,from,202.103.96.68:
bytes=32,time=50ms,TTL=241
Reply,from,202.103.96.68:
bytes=32,time=50ms,TTL=241
Requesttimedout.
..................
Reply,from,202.103.96.68:
bytes=32,time=50ms,TTL=241
replyfrom202.103.96.68:
bytes=32time=50msttl=241
pingstatisticsfor202.103.96.68:
packet:
sent=50,received=48,lost=2(4%loss),approximateroundtriptimesinmilliseconds.
minimum=40ms,maximum=51ms,average=46ms
从以上我就可以知道在给202.103.96.68发送50个数据包的过程当中,返回了48个,其中有两个由于未知原因丢失,这48个数据包当中返回速度最快为40ms,最慢为51ms,平均速度为46ms.
-lsizesendbuffersize.
定义echo数据包大小.
在默认的情况下windows的ping发送的数据包大小为32byt,我们也可以自己定义它的大小,但有一个大小的限制,就是最大只能发送65500byt,也许有人会问为什么要限制到65500byt,因为windows系列的系统都有一个安全漏洞(也许还包括其他系统)就是当向对方一次发送的数据包大于或等于65532时,对方就很有可能挡机,所以微软公司为了解决这一安全漏洞于是限制了ping的数据包大小.虽然微软公司已经做了此限制,但这个参数配合其他参数以后危害依然非常强大,比如我们就可以通过配合-t参数来实现一个带有攻击性的命令:
c:
\>ping-the192.168.1.2165500-t
pinging192.168.1.21with65500bytesofdata.
replyfrom192.168.1.21:
bytes=65500time<10msttl=254
replyfrom192.168.1.21:
bytes=65500time<10msttl=254
.............................
这样它就会不停的向192.168.1.21计算机发送大小为65500byt的数据包,如果你只有一台计算机也许没有什么效果,但如果有很多计算机那么就可以使对方完全瘫痪,我曾经就做过这样的试验,当我同时使用10台以上计算机ping一台win2000pro系统的计算机时,不到5分钟对方的网络就已经完全瘫痪,网络严重堵塞,和ftp服务完全停止,由此可见威力非同小可.
-fsetdon'tfragmentflaginpacket.
在数据包中发送"不要分段"标志.
在一般你所发送的数据包都会通过路由分段再发送给对方,加上此参数以后路由就不会再分段处理.
-ittltimetolive.
指定ttl值在对方的系统里停留的时间.
此参数同样是帮助你检查网络运转情况的.
-vhrttypeofservice.
将"服务类型"字段设置为hrt指定的值.
rcountrecordrouteforcounthops.
在"记录路由"字段中记录传出和返回数据包的路由.
在一般情况下你发送的数据包是通过一个个路由才到达对方的.
Butwhatroutediditgothrough?
Theparameterscanbesetthroughtherouteyouwanttodetectanumber,buttherestrictionsin9,thatistosayyoucanonlytracktothe9route,ifyouwanttodetectmore,canbeachievedthroughotherorders,Iwilllaterinthepapertoexplaintoyou.Herearesomeexamples:
C:
>ping-n1-r9202.96.105.101(sendapacket,themostrecorded9routing)
Pinging202.96.105.101with32bytesofdata:
Reply,from,202.96.105.101:
bytes=32,time=10ms,TTL=249
Route:
202.107.208.187->
202.107.210.214->
61.153.112.70->
61.153.112.89->
202.96.105.149->
202.96.105.97->
202.96.105.101->
202.96.105.150->
61.153.112.90
Pingstatisticsfor202.96.105.101:
Packets:
Sent=1,Received=1,Lost=0(0%,loss),
Approximate,round,trip,times,in,milli-seconds:
Minimum=10ms,Maximum=10ms,Average=10ms
FromaboveIcanseethatfrommycomputerto202.96.105.101,Ihavepassedthe202.107.208.187202.107.210.214,61.153.112.70,61.153.112.89,202.96.105.149,202.96.105.97routes.
-s,count,Timestamp,for,count,hops.
Specifiesthetimestampofthehopcountspecifiedbycount.
Thisparameterissimilarto-r,exceptthatthisparameterdoesnotrecordtheroutereturnedbythepacket,andrecordsonly4atmost.
-j,host-list,Loose,source,route,along,host-list.
Routingpacketsusingthecomputerlistspecifiedbycomputer-list.Acontinuouscomputercanbeseparatedbyanintermediategateway(routingsparsesources),andthemaximumnumberofIPallowedis9.
-k,host-list,Strict,source,route,along,host-list.
Routingpacketsusingthecomputerlistspecifiedbycomputer-list.Acontinuouscomputercannotbeseparatedbyanintermediategateway(routingstrictsources),andthemaximumnumberallowedbyIPis9.
-w,timeout,Timeout,in,milliseconds,to,wait,for,reply.,each
Specifiesatimeoutinterval,inmilliseconds.
Therearenoothertricksforthisparameter.
Otherskills:
pingcommandingeneralcanpingeachotherletthemreturntoyourTTLvaluesystem,determinethetypeofthetargethostisroughlyWindowsseriesorUNIX/Linuxseries,TTLreturnsageneralseriesofWindowssysteminvaluebetween100-130,andreturnstheTTLvalueofthesystemofUNIX/Linuxseriesofcourse,inbetween240-255,thevalueofTTLontheothersideofthehostcanbemodified,Windowsseriescanmodifytheregistrykeytoachievethefollowing:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"DefaultTTL"=dword:
000000ff
255---FF
128---80
64----40
32----20
Well,thepingcommandisbasicallymyCOPYcameover,whatdoubtsonthethread
ThePINGparameter(reproduced).
Pingparameter
-aconvertsthemachineIDofthetargettotheIPaddress
-tiftheuserisnotinterrupted,thePingwillcontinuetogodown
The-ccountrequiresthepingcommandtosendpacketscontinuouslyuntilthecountrequestissentandreceived
-dopensthedebugstateforthesocketyouuse
-fisaquickwaytoping.ThespeedofthePingoutputpacketisasfastasthepacketreturnedfromtheremotehost,orfaster,upto100timespersecond.Inthisway,eachrequestisrepresentedbyadot.Printaspacebarforeachresponse.
-isecondshasacertainnumberofsecondsbetweentwopackettransfers.Cannotbeusedwith-f.
-nusesonlydigitalmode.Ingeneral,PingattemptstotranslateIPaddressesintohostnames.ThisoptionrequiresPingtoprinttheIPaddressinsteadoflookingforasymbolicname.ThisoptionisimportantifyoucannotusethelocalDNSserverforsomereason.
-ppatternsupportallowsyoutoidentify16padbyteswiththisoptionandaddthesebytesintothepacket.Thisoptionisveryusefulwhendiagnosingerrorsrelatedtodatainthenetwork.
-qenablesPingtoprintonlysummaryinformationatthebeginningandattheend.
-RaddstheICMPRECORD-ROUTEoptiontotheECHO_REQUESTpacketandrequiresthattherouteberecordedinthepacketsothatwhenthedataisreturned,thePingcanprinttheroutinginformation.Eachpacketcanonlyrecord9routingnodes.Manyhostsignoreorabandonthisoption.
-rbypassesthepingcommandbyroutingthenormalroutingtableforsendingpackets.
-spacketsizeenablesuserstoidentifythenumberofbytestosenddata.Thedefaultis56characters,plus8bytesofICMPdataheader,atotalof64ICMPdatabytes.
-vmakesPinginverbosemode.ItrequiresthepingcommandtoprintallotherreturnedICMPpacketsbesidesprintingECHO-RESPONSEpackets.
Refill
Pingcommand-detailedhelp
Verifytheconnectiontotheremotecomputerorlocalcomputer.ThiscommandisonlyavailablewhentheTCP/IPprotocolisinstalled.
Ping[-t][-a][-ncount][-llength][-f][-ittl][-vtos][-rcount][-scount][-jcomputer-list],[-kcomputer-list][-wtimeout]destination-list
Parameter
-t
Verifythattheconnectiontothecomputerisspecifieduntiltheuserinterrupts.
-a
Resolvestheaddresstothecomputername.
-ncount
SendsaspecifiednumberofECHOmessagesbycount,withadefaultvalueof4.
-llength
SendsaECHOmessagecontainingthedatalengthspecifiedbythelength.Thedefaultvalueis64bytes,withamaximumvalueof8192bytes.
-f
Senda"no"signinthepackage.Thepacketwillnotbesegmentedbythegatewayontheroute.
-iTTL
Setthesurvivaltimefieldtothevaluespecifiedbyttl.
-vTOS
Settheservicetypefieldtothevaluespecifiedbytos.
-rcount
Intherecordroutingfield,theroutingofmessagesandreturnmessagesisrecorded.ThespecifiedCountvalueisminimum.Itcanbe1,andthemaximumis9.
-scount
Specifiesthetimestampforthenumberofcallsspecifiedbythecount.
-jcomputer-list
Aroutingmessagethatpassesthroughalistofcomputersspecifiedbycomputer-list.Theintermediategatewaymayseparatesuccessivecomp
升级会员 