本文主要是介绍10.10-Linux下抓包,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
有时也许想看一下某个网卡上都有哪些数据包,尤其是当你初步判定服务器上有流量攻击时,使用抓包工具来抓取数据包就可以知道有哪些 IP 在攻击了。
tcpdump 工具
[root@evan-01 ~]# tcpdump
-bash: tcpdump: command not found
[root@evan-01 ~]# yum install -y tcpdump
ifconfig 查看网卡信息
[root@evan-01 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 192.168.94.128 netmask 255.255.255.0 broadcast 192.168.94.255inet6 fe80::dc8f:bbc8:e3f6:6009 prefixlen 64 scopeid 0x20<link>ether 00:0c:29:ef:0d:47 txqueuelen 1000 (Ethernet)RX packets 103 bytes 9412 (9.1 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 83 bytes 9883 (9.6 KiB)TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536inet 127.0.0.1 netmask 255.0.0.0inet6 ::1 prefixlen 128 scopeid 0x10<host>loop txqueuelen 1 (Local Loopback)RX packets 40 bytes 3128 (3.0 KiB)RX errors 0 dropped 0 overruns 0 frame 0TX packets 40 bytes 3128 (3.0 KiB)TX er
这篇关于10.10-Linux下抓包的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!