Cisco IOS IP SLA是一个网络性能度量与诊断工具,它通过主动在多个站点之间或多条路径之间发送数量来实现对网络性能的度量。IP SLA使用时间戳来计算如抖动、延时、响应时间这、丢包率、语音MOS值等网络性能参数。用户通过命令行或RTTMON MIB可以定义一个IP SLA操作,定义IP SLA动作时可以明确这个动作所产生的流量的包尺寸、发包间隔、协议类型、DSCP标记以及其它一些参数,然后让这个动作在适当的时候运行并返回度量性能所需要的参数。例如,我们可以定义一个用来度量UDP抖动的动作,这个操作每分钟每隔20ms发出10个64Bytes的包。
在做测试之前,必须先满足以下条件:
源设备必须是思科设备,并且能运行IP SLA IOS版本为 12.0(5)T或更新;
当做IP SLA测试时,目的设备可以是一个IP设备,也可以使用思科路由器中的IP SLA Responder,来提高测量精度;
DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line program coded purely in C with the ability to gather as much information as possible about a host.
DMitry,Deepmagic这个词用的很恰当,该工具确实能收集关于主机的很多信息,包括whois、tcp port等,而且是用非常的方便,作为前期的信息收集非常有用也很简单。该工具已将很多信息直接集成,你要做的只是等待就可以了。OK,来看看用法和实例:
Read the rest of this entry »
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
dig是查询域名信息的灵活工具,功能要比nslookup多很多,是域名管理员的首选测试和排错工具,以前常用nslookup查询,dig确实更胜一筹并且返回的信息更加的详细,大家也可以试试。
dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-p port#] [-q name] [-t type] [-x addr] [-y [hmac:]name:key] [-4] [-6] [name] [type] [class] [queryopt...]
dig [-h] //获取完整信息
Read the rest of this entry »
ASS, the autonomous system scanner, is designed to find the AS of the router. It supports the following protocols: IRDP, IGRP, EIGRP, RIPv1, RIPv2, CDP, HSRP and OSPF.
Autonomous System Scanner,进行自治系统扫描,该程序需要在有路由协议运行的网络里面,并且支持的协议比较单一,不支持主流的OSPF(官方介绍上说是支持,但是命令里面没有,估计后继版本会支持)。该工具个人觉得作用不是很大,还有个疑问就是,IGP除了EIGRP后面是跟的自治系统号,其余的都没有,有的是进程号,何谓AS Scanner,求解?测试RIP没有啥效果,只有EIGRP有效果。
Read the rest of this entry »
0trace is a traceroute tool that can be run within an existing, open TCP connection – therefore bypassing some types of stateful packet filters with ease.
简单的说0trace可以利用tcp连接,实现traceroute的功能,进行路由节点查询。
root@bt:~# 0trace.sh
Usage: /usr/local/sbin/0trace.sh iface target_ip [ target_port ]Read the rest of this entry »
简略内容见:BackTrack的安全工具列表
BackTrack的安全工具介绍(基于BT3 Finial)
Information Gathering
0trace 0.01
This tool enables the user to perform hop enumeration (“traceroute”) within an established TCP connection, such as a HTTP or SMTP session. This is opposed to sending stray packets, as traceroute-type tools usually do. The important benefit of using an established connection and matching TCP packets to send a TTL-based probe is that such traffic is happily allowed through by many stateful firewalls and other defenses without further inspection (since it is related to an entry in the connection table).
Info: http://lcamtuf.coredump.cx/
Ass
ASS is a Autonomous System Scanner. Because routing protocols use autonomous systems to distinguish between various routing “domains” and various ways to communicate, you need something which works like a TCP port scanner but knows more than one protocol. Read the rest of this entry »
Info: http://phenoelit-us.org/irpas/docu.html#ass
