Shulou(Shulou.com)06/02 Report--

one。 Network scanning-NMAP

NMAP is a powerful security evaluation tool for port scanning.

Designed to detect a large number of hosts of the huge network, support ping scanning, multi-port detection, OS identification and other technologies.

Using NMAP to scan the internal network regularly, you can find out the uncontrollable application services in the network, turn off the unsafe services in time, and reduce the security risk.

-sS,TCP SYN scan (half-open scan): only SYN packets are sent to the target, if a SYN/ACK response is received

The packet thinks that the target port is listening and disconnects immediately; otherwise, the destination port is not open.

-sT,TCP connection scan: this is the complete TCP scan method, which is used to establish a TCP connection.

The function thinks that the target port is listening to the service, otherwise the target port is not open.

-sF,TCP FIN scan: open ports ignore such packets and closed ports respond to RST data

Bag. Many firewalls simply filter SYN packets and ignore other forms of TCP packets.

This type of scanning can indirectly detect the robustness of the firewall.

-sU,UDP scanning: UDP scanning will be slow to detect what UDP services are provided by the target host.

-sP,ICMP scan: similar to ping detection, it quickly determines whether the target host is alive or not, and does not do other scans.

-P0, skip ping detection: this assumes that all target hosts are alive when the other party does not respond to ICMP

When requesting, use this method to avoid abandoning the scan because it is unable to ping.

1. Install nmap in yum warehouse

two。 View external tcp services

3. Install it to the HTTPD service to view its TCP ports and services

4. Detect the ports and services of UDP

5. Detect the site information of the target host

II. Detailed explanation of inode and block

In addition to the actual content, the file data of the operating system usually contains a lot of attributes, such as file permissions (rwx) and file attributes (owner, group, time parameters, etc.) of the Linux operating system. File systems usually store these two parts in inode and block, respectively.

1. Let's experiment with the stat command

two。 Let's experiment to see the time attribute of ctime atime mtime.

3. Let's take a closer look at inode.

Try to see all the inode nodes and available nodes

4. Delete an inode nod

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.