ping测试工具（Ping test tool）

ping测试工具（Ping test tool） ping测试工具(Ping test tool) Is the DOS command, generally used to detect the network through and impassability, also known as delay, the greater the value, the slower the speed PING (Packet Internet Grope), an internet packet explorer, a program for testing network connections. Ping sends a ICMP echo request message to the destination and reports whether the desired ICMP echo response is received. It is used to check whether the network is unblocked or the network connection speed commands. As a living in the network administrator or hacker, the ping command is the first one must master the DOS command, using the principle that it is this: the machine on the network has a unique set of IP addresses, we give the target IP address to send a packet, the other would return to a similar size the data packet according to the returned data packets we can determine the presence of target host, you can determine the initial target host operating system. Ping is an executable command that comes with the Windows family. Use it to check whether the network can be connected, and use it well to help us analyze and determine network failures. Application format: Ping IP address. The command can also add many parameters to use, specifically typing Ping, press enter to see detailed instructions. Ping refers to end-to-end connectivity, which is often used as an inspection of availability, However, some virus Trojan will force a large number of remote execution ping command, seize your network resources, leading to slow down the system, slow down the network. Ping intrusion is strictly forbidden as a basic function of most firewalls, which provides the user with a choice. 1, -a parsing computer NetBios name. Example: C:, >ping -a 192.168.1.21 Pinging, iceblood.yofor.com, [192.168.1.21], with, 32, bytes, of, data: Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254 Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254 Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254 Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254 Ping statistics for 192.168.1.21: Packets:, Sent = 4, Received = 4, Lost = 0 (0%, loss), Approximate, round, trip, times, in, milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms From above you can see that IP is 192.168.1.21 and the computer NetBios is called iceblood.yofor.com. 2, n count sends the count number of Echo packets specified. By default, usually only send four packets through this command can send the number of their own definition, is very helpful to measure the speed of the network, for example, how much I want to test for sending 50 packets back to the average time, how much is the fastest time, the slowest time is how much you can get through the following: C:, >ping -n 50 202.103.96.68 Pinging 202.103.96.68 with 32 bytes of data: Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241 Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241 Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241 Request timed out. .................. Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241 Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241 Ping statistics for 202.103.96.68: Packets:, Sent = 50, Received = 48, Lost = 2 (4%, loss), Approximate, round, trip, times, in, milli-seconds: Minimum = 40ms, Maximum = 51ms, Average = 46ms From the above I can know in 202.103.96.68 to send 50 packets process, returned 48, of which two due to unknown reasons for the loss of the 48 packet, which returns the fastest 40ms, the slowest for 51ms, with an average speed of 46ms. 3. -l size. Defines the echo packet size. Send windows by default Ping packet size is 32byt, we can define the size of it, but there is a size limit, the maximum is only send 65500byt, one might ask why limit to 65500byt, because the Windows system has a series of security vulnerabilities (perhaps including other systems) to each other is when a transmitted data packet is greater than or equal to 65532, the other is likely to crash, so Microsoft Corp in order to solve the security vulnerabilities and limits the Ping packet size. Although the Microsoft Corp has done this, but this parameter with other parameters after the damage is still very strong, for example, we can use the -t parameter to achieve an aggressive command: (following the introduction of danger, only for the test, do not be easily applied to other machines, otherwise the consequences) C:, >ping -l 65500 -t 192.168.1.21 Pinging 192.168.1.21 with 65500 bytes of data: Reply, from, 192.168.1.21:, bytes=65500, time<10ms, TTL=254 Reply, from, 192.168.1.21:, bytes=65500, time<10ms, TTL=254 .................. 192.168.1.21 sent to the computer so that it will not stop the size of 65500byt packets, if you only have a computer may not have what effect, but if there are a lot of computers that can make the other side completely paralyzed, have done such a test, when using 10 or more computers Win2000Pro system Ping a computer. Within 5 minutes of each other's network has been completely paralyzed, jam network, HTTP and FTP service stopped completely, thus power is no trivial matter. 4, -f send the "don't fragment" flag in the packet. In general, the packets you send will be routed to each other by routing, and after this parameter, the routing will not be segmented. 5, -i TTL specifies the time at which the TTL value stays in the other party's system. This parameter also helps you check how the network works. 6, -v TOS sets the service type field to the value specified by tos. 7, -r count records the routing of outgoing and returned packets in the record routing field. In general, the packets you send are routed through each other, but what exactly is the route? With this parameter, you can set the number of routes you want to detect, but it's limited to 9, that is, you can only track 9 routes, and if you want to detect more, you can do so through other commands. C:, >ping -n 1 -r 9 202.96.105.101 (send a packet, the most recorded 9 routing) Pinging 202.96.105.101 with 32 bytes of data: Reply, from, 202.96.105.101:, bytes=32, time=10ms, TTL=249 Route: 202.107.208.187 - > 202.107.210.214 - > 61.153.112.70 - > 61.153.112.89 - > 202.96.105.149 - > 202.96.105.97 - > 202.96.105.101 - > 202.96.105.150 - > 61.153.112.90 Ping statistics for 202.96.105.101: Packets:, Sent = 1, Received = 1, Lost = 0 (0%, loss), Approximate, round, trip, times, in, milli-seconds: Minimum = 10ms, maximum = 10ms, average = 10ms 从上面我就可以知道从我的计算机到202.96.105.101一共通过了 202.107.208.187, 202.107.210.214, 61.153.112.70, 61.153.112.89, 202.96.105.149, 202.96.105.97这几个路由. 8、 - s count 指定 count 指定的跃点数的时间戳. 此参数和 - r差不多, 只是这个参数不数据包返回所经过的路 由, 最多也只记录4个. 9、 j host list 利用 computer list 指定的计算机列路由数据 包.连续计算机可以被中间网关分隔 (路由稀疏源) ip 允许的最大 数量为 9. 10、 - k host list 利用 computer list 指定的计算机列表路由数 据包.连续计算机不能被中间网关分隔 (路由严格源) ip 允许的最 大数量为 9. 11、 - w timeout 指定超时间隔, 位为毫秒. 12、 - t - 连续对ip地址执行ping命令, 直到被用户以ctrl + c中断. 防范被ping与封闭端口 随着学校校园网越来越多人使用, 用户对网络知识认知的提高, 很多人在网上下载一些黑客工具或者用ping命令, 进行扫描端口、ip寻找肉机, 带来很坏的影响. ping命令它可以向你提供的地址发送一个小的数据包, 然后侦听这台机器是否有 "回答".查找现在哪些机器在网络上活动.使用ping入侵即是icmp 入侵, 原理是通过ping在一个时段内连续向计算机发出大量请求使得计算机的cpu占用率居高不下达到100% 而系统死机甚至崩溃.基于此, 写这篇ip安全策略防ping文章以保障自己的系统安全. 其实防ping安装和设置防火墙也可以解决, 但防火墙并不是每一台电脑都会去装, 要考虑资源占用还有设置技巧.如果你安装了防火墙但没有去修改、添加ip那一样没用.有些配置不是很高为免再给防火墙占用资源用手工在自己系统中设置安全略是一个上上的办法. 下面就写下具体创建过程: (一) 创建ip安全策略 1、依次单击 "开始?控制面板?管理工具?本地安全策略", 打开 "本地安全设置", 右击该对话框左侧的 "ip安全策略, 在本地计算机" 选项, 执行 "创建ip安全策略" 命令. (之间有些简单的点击下一步之类的过程省略不写) 2、在出现的 "默认响应规则身份验证方法" 对话框中我们选中 "此 字符串用来保护密钥交换 (预共享密钥)" 选项, 然后在下面的文字 框中任意键入一段字符串. (如 "禁止 ping") 3、完成了ip安全策略的创建工作后在 "ip筛选器列表" 窗口中单 击 "添加" 按钮, 此时将会弹出 "ip筛选器向导" 窗口, 我们单击 "下一步", 此时将会弹出 "ip通信源" 页面, 在该页面中设置 "源 地址" 为 "我的ip地址": "目标地址" 为 "任何ip地址", 任何ip 地址的计算机都不能ping你的机器. 在 "筛选器属性" 中可封闭端口.比如封闭tcp协议的135端口: 在 "选择协议类型" 的下拉列表中选择 "tcp", 然后在 "到此端口" 下 的文本框中输入 "135", 点击 "确定" 按钮, 这样就添加了一个屏 蔽 tcp 135 (rpc) 端口的筛选器, 它可以防止外界通过135端口连 上你的电脑.重复可封闭tcp udp等自己认为需要封闭的端口.这里不 一一写出. 4, click "next" to "finish", at this time, you will see the filter just created in the IP filter list, select it and click "next", we in the "filter operation" page set the filter action for "security" option. (two) assign IP security policy Once the security policy is created, it does not take effect immediately, and we need to make it work by assigning it. The method is: in the console root "right click" new IP security strategy ", and then perform" assigned "command in the pop-up menu, you can enable this strategy. At this point, the host already has the ability to deny any other machine Ping's own IP address, but still be able to connect with Ping locally. After this setting, all users (including administrators) cannot perform Ping operations on this server on other machines. From now on, you don't have to worry about being threatened by Ping. If you put some hacking tools, often find Trojan port closed that your system is more as strong as iron. The working process of Ping and the reason of unidirectional Ping connection When the network has problems, our most commonly used test tool is the "Ping" command. But sometimes we will encounter a single direction Ping phenomenon, for example, connected via HUB or a cross line in the same LAN computer A, B, check network connectivity between them, found from the A host Ping host B host B host Ping from normal and A, "timeout non response error. Why? To know the secret, it is necessary to see how the Ping command works. Suppose the host A's IP address is 192.168.1.1, and the host B's IP address is 192.168.1.2, all in the same subnet. What happens when you run Ping 192.168.1.2 on the host A? First of all, the Ping command will build a fixed format ICMP request packet, then the packet with the ICMP protocol will address "192.168.1.2" to the IP protocol (actually is a set of processes running in the background, and ICMP), IP protocol to address "192.168.1.2" as the destination address, the the machine IP address as the source address, plus some other control information, build a IP packet, and a mapping table to find the IP address 192.168.1.2 the corresponding physical address (also called the MAC address, familiar with the configuration of friends not unfamiliar, it is necessary to construct a data link layer protocol data link the transmission unit - frame), be given to the data link layer. The construction of a data frame, the destination address is the physical address IP layer pass over the source address is the physical address of the machine, but also added some control information based on Ethernet media access rules, transfer them out. When the host B receives the data frame, it checks its destination address and compares it to the physical address of the machine. If it meets, it receives; otherwise it discards. After receiving, the data frame is checked, and the IP data packet is extracted from the frame and handed to the IP layer protocol of the local machine. Also, check the IP layer, to extract the useful information to the ICMP protocol, the latter immediately after treatment, build a ICMP response packet, is sent to the host A and host A, the process of sending ICMP request packet to host B as like as two peas. From the working process of Ping, we can know that the host A received an answer packet from the host B, indicating that the access and return paths between the two hosts are normal. That is to say, from the host A to the host B, or from the host B to the host A, it is normal. So, what caused only one direction Ping connection? Install a personal firewall In a shared Internet machine, most of the server's hosts have personal firewall software for security reasons, and other machines that are used as clients are generally not installed. Almost all personal firewall software, By default, other machines are not allowed to Ping native. The general practice is to filter out the ICMP request message from the outside, but it does not restrict the ICMP request message that is out of the home and the ICMP reply message from the outside. This way, from the local Ping other machines, if the network is normal, there will be no problem. But if from other machines Ping this machine, even if the network is normal, there will be "timeout no answer" error. Most of the unidirectional Ping pass phenomena stem from this. The solution is simple, and adjust the settings according to the different types of firewalls you use. Two, error setting IP address Normally, a host should have a network card, an IP address, or multiple network cards, and multiple IP addresses (which must be on a different IP subnet). But for the computer used in public places, especially in Internet cafes, which does not pan Too many cooks spoil the broth., "explorer". Once the two computer also appeared in the single direction Ping situation, after careful examination, found that the dial-up network adapter of a computer "which" (the equivalent of a soft card) TCP/IP settings, set up a network card IP address in the same subnet IP address. So, in the view of IP protocol, the host will have two different interfaces in the same network. This problem occurs when other machines are removed from this host Ping: (1) the host does not know which network interface the packet will be sent to because the two network interfaces are connected to the same network segment; (2) the host does not know which address to use as the source address of the packet. Therefore, from this host to other Ping machines, the IP layer protocol will not be processed. After timeout, Ping will give a "timeout free response" error message. But from the other host Ping this host, request packets from a particular card, ICMP simply to the source address, swap, and change some signs that ICMP response packet can be delivered successfully, the other host can successfully pass the machine Ping