Question

在我的apache服务器上，想要通过家里的本地电脑跟踪特定的端口，那么如何使用nmap，假设端口号是3080。任何命令？

Answer 1

查看tcpdump命令：

$ sudo tcpdump -n -i eth2 dst port 3080
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes

在eth2接口（我的无线连接）上侦听到端口3080的传出连接。

在另一个shell中：

$ telnet google.com 3080

要查看连接尝试：

16:52:38.073965 IP 192.168.1.10.51290 > 74.125.227.70.3080: Flags [S], seq 4004145863, win 14600, options [mss 1460,sackOK,TS val 38502 ecr 0,nop,wscale 4], length 0
16:52:39.071494 IP 192.168.1.10.51290 > 74.125.227.70.3080: Flags [S], seq 4004145863, win 14600, options [mss 1460,sackOK,TS val 38752 ecr 0,nop,wscale 4], length 0
16:52:41.075491 IP 192.168.1.10.51290 > 74.125.227.70.3080: Flags [S], seq 4004145863, win 14600, options [mss 1460,sackOK,TS val 39253 ecr 0,nop,wscale 4], length 0
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernel

另见Wireshark

跟踪我服务器上的特定端口

1 个答案: