ping的高级用法(网络检查)(Advanced usage Ping (network check

ping的高级用法(网络检查)（Advanced usage Ping (network
check)）
Advanced usage of Ping
For the Windows under the ping command I believe we are familiar with, but the Ping can function to most people is not a lot, of course, I'm not saying that I can make the most of the Ping, I also just often use Ping this tool, also summarizes some experience, and now share with you.
Now I'll refer to the help instructions for the ping command to tell you about the techniques I'll use when I'm using Ping. Ping is only installed
The TCP/IP protocol will be available later:
Ping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-v tos] [-r count] [-s count] [-j computer-list], [-k computer-list] [-w timeout] destination-list
Options:
-t, Ping, the, specified, host, stopped.To, see, statistics, and, continue - type, Control-Break, To, stop - type, until, Control-C.
Keep the Ping local host up until you press Control-C.
There is no special technique for this function, but it can be used in conjunction with other parameters, as mentioned below.
-a, Resolve, addresses, to, hostnames.
Resolution computer NetBios name.
Example: C:, >ping -a 192.168.1.21
Pinging, iceblood.yofor , [192.168.1.21], with, 32, bytes, of, data:
Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254
Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254
Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254
Reply, from, 192.168.1.21:, bytes=32, time<10ms, TTL=254
Ping statistics for 192.168.1.21:
Packets:, Sent = 4, Received = 4, Lost = 0 (0%, loss), Approximate, round, trip, times, in, milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
From above you can see that IP is 192.168.1.21 and the computer NetBios is called iceblood.yofor .
-n, count, Number, of, echo, requests, to, send.
Send count the specified number of Echo packets.
By default, usually only send four packets through this command can send the number of their own definition, is very helpful to measure the speed of the network, for example, how much I want to test for sending 50 packets back to the average time, how much is the fastest time, the slowest time is how much you can get through the following:
C:, >ping -n 50 202.103.96.68
Pinging 202.103.96.68 with 32 bytes of data:
Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241
Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241
Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241
Request timed out.
..................
Reply, from, 202.103.96.68:, bytes=32, time=50ms, TTL=241
reply from 202.103.96.68: bytes = 32 time = 50ms ttl = 241
ping statistics for 202.103.96.68:
packet: sent = 50, received = 48, lost = 2 (4% loss), approximate round trip times in milli seconds.
minimum = 40ms, maximum = 51ms, average = 46ms
从以上我就可以知道在给202.103.96.68发送50个数据包的过程当中, 返回了48个, 其中有两个由于未知原因丢失, 这48个数据包当中返回速度最快为40ms, 最慢为51ms, 平均速度为46ms.
- l size send buffer size.
定义echo数据包大小.
在默认的情况下windows的ping发送的数据包大小为32byt, 我们也可以自己定义它的大小, 但有一个大小的限制, 就是最大只能发
送65500byt, 也许有人会问为什么要限制到65500byt, 因为windows系列的系统都有一个安全漏洞 (也许还包括其他系统) 就是当向对方一次发送的数据包大于或等于65532时, 对方就很有可能
挡机, 所以微软公司为了解决这一安全漏洞于是限制了ping的数据包大小.虽然微软公司已经做了此限制, 但这个参数配合其他参数以后危害依然非常强大, 比如我们就可以通过配合 - t参数来实现一个带有攻击性的命令:
c: ＼ > ping - the 192.168.1.21 65500 - t
pinging 192.168.1.21 with 65500 bytes of data.
reply from 192.168.1.21: bytes = 65500 time < 10ms ttl = 254
reply from 192.168.1.21: bytes = 65500 time < 10ms ttl = 254
.............................
这样它就会不停的向192.168.1.21计算机发送大小为65500byt的数
据包, 如果你只有一台计算机也许没有什么效果, 但如果有很多计算机那么就可以使对方完全瘫痪, 我曾经就做过这样的试验, 当我同时使用10台以上计算机ping一台win2000pro系统的计算机时, 不到5分钟对方的网络就已经完全瘫痪, 网络严重堵塞, 和ftp 服务完全停止, 由此可见威力非同小可.
- f set don't fragment flag in packet.
在数据包中发送 "不要分段" 标志.
在一般你所发送的数据包都会通过路由分段再发送给对方, 加上此参数以后路由就不会再分段处理.
- i ttl time to live.
指定ttl值在对方的系统里停留的时间.
此参数同样是帮助你检查网络运转情况的.
- v hrt type of service.
将 "服务类型" 字段设置为 hrt 指定的值.
r count record route for count hops.
在 "记录路由" 字段中记录传出和返回数据包的路由.
在一般情况下你发送的数据包是通过一个个路由才到达对方的.
But what route did it go through? The parameters can be set through the route you want to detect a number, but the
restrictions in 9, that is to say you can only track to the 9 route, if you want to detect more, can be achieved through other orders, I will later in the paper to explain to you. Here are some examples:
C:, >ping -n 1 -r 9 202.96.105.101 (send a packet, the most recorded 9 routing)
Pinging 202.96.105.101 with 32 bytes of data:
Reply, from, 202.96.105.101:, bytes=32, time=10ms, TTL=249
Route: 202.107.208.187 - >
202.107.210.214 - >
61.153.112.70 - >
61.153.112.89 - >
202.96.105.149 - >
202.96.105.97 - >
202.96.105.101 - >
202.96.105.150 - >
61.153.112.90
Ping statistics for 202.96.105.101:
Packets:, Sent = 1, Received = 1, Lost = 0 (0%, loss),
Approximate, round, trip, times, in, milli-seconds:
Minimum = 10ms, Maximum = 10ms, Average = 10ms
From above I can see that from my computer to 202.96.105.101,
I have passed the 202.107.208.187202.107.210.214,
61.153.112.70, 61.153.112.89, 202.96.105.149, 202.96.105.97 routes.
-s, count, Timestamp, for, count, hops.
Specifies the timestamp of the hop count specified by count.
This parameter is similar to -r, except that this parameter does not record the route returned by the packet, and records only 4 at most.
-j, host-list, Loose, source, route, along, host-list.
Routing packets using the computer list specified by computer-list. A continuous computer can be separated by an intermediate gateway (routing sparse sources), and the maximum number of IP allowed is 9.
-k, host-list, Strict, source, route, along, host-list.
Routing packets using the computer list specified by computer-list. A continuous computer cannot be separated by an
intermediate gateway (routing strict sources), and the maximum number allowed by IP is 9.
-w, timeout, Timeout, in, milliseconds, to, wait, for, reply., each
Specifies a timeout interval, in milliseconds.
There are no other tricks for this parameter.
Other skills: ping command in general can ping each other let them return to your TTL value system, determine the type of the target host is roughly Windows series or UNIX/Linux series, TTL returns a general series of Windows system in value between 100-130, and returns the TTL value of the system of UNIX/Linux series of course, in between 240-255, the value of TTL on the other side of the host can be modified, Windows series can modify the registry key to achieve the following:
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters]
"DefaultTTL" =dword:000000ff
255---FF
128---80
64----40
32----20
Well, the ping command is basically my COPY came over, what doubts on the thread
The PING parameter (reproduced).
Ping parameter
-a converts the machine ID of the target to the IP address
-t if the user is not interrupted, the Ping will continue to go down
The -c count requires the ping command to send packets continuously until the count request is sent and received
-d opens the debug state for the socket you use
-f is a quick way to ping. The speed of the Ping output packet is as fast as the packet returned from the remote host, or faster, up to 100 times per second. In this way, each request is represented by a dot. Print a space bar for each response.
-i seconds has a certain number of seconds between two packet transfers. Cannot be used with -f.
-n uses only digital mode. In general, Ping attempts to translate IP addresses into host names. This option requires Ping to print the IP address instead of looking for a symbolic name. This option is important if you cannot use the local DNS server for some reason.
-p pattern support allows you to identify 16 pad bytes with this option and add these bytes into the packet. This option is very useful when diagnosing errors related to data in the network.
-q enables Ping to print only summary information at the beginning and at the end.
-R adds the ICMP RECORD-ROUTE option to the ECHO_REQUEST packet and requires that the route be recorded in the packet so that when the data is returned, the Ping can print the routing information. Each packet can only record 9 routing nodes. Many hosts ignore or abandon this option.
-r bypasses the ping command by routing the normal routing table for sending packets.
-s packetsize enables users to identify the number of bytes to send data. The default is 56 characters, plus 8 bytes of ICMP data header, a total of 64 ICMP data bytes.
-v makes Ping in verbose mode. It requires the ping command to print all other returned ICMP packets besides printing ECHO-RESPONSE packets.
Refill
Ping command - detailed help
Verify the connection to the remote computer or local computer. This command is only available when the TCP/IP protocol is
installed.
Ping [-t] [-a] [-n count] [-l length] [-f] [-i ttl] [-v tos] [-r count] [-s count] [-j computer-list], [-k computer-list] [-w timeout] destination-list
Parameter
-t
Verify that the connection to the computer is specified until the user interrupts.
-a
Resolves the address to the computer name.
-n count
Sends a specified number of ECHO messages by count, with a default value of 4.
-l length
Sends a ECHO message containing the data length specified by the length. The default value is 64 bytes, with a maximum value of 8192 bytes.
-f
Send a "no" sign in the package. The packet will not be segmented
by the gateway on the route.
-i TTL
Set the survival time field to the value specified by ttl.
-v TOS
Set the service type field to the value specified by tos.
-r count
In the record routing field, the routing of messages and return messages is recorded. The specified Count value is minimum. It can be 1, and the maximum is 9.
-s count
Specifies the time stamp for the number of calls specified by the count.
-j computer-list
A routing message that passes through a list of computers specified by computer-list. The intermediate gateway may separate successive computers (loose source routing). The maximum number of allowed IP addresses is 9.
-k computer-list
A routing message that passes through a list of computers
specified by computer-list. The intermediate gateway may separate a continuous computer (Yan Geyuan routing). The maximum number of allowed IP addresses is 9.
-w timeout
Specifies the timeout interval in milliseconds.
Destination-list
Specifies the remote computer to verify the connection.
For more information about Ping
Ping-- attention
The Ping command checks the connection to the remote computer or local computer by sending the ICMP response message to the computer and listening for the return of the response message. For each sending message, the Ping waits at most one second and prints the number of messages sent and received. Compare each receive message and send a message to verify its validity. By default, four response messages are sent, each containing 64 bytes of data (periodic uppercase letters).
You can use the Ping utility to test your computer name and IP address. If you can successfully verify the IP address and fail to verify the computer name, there is a problem with name resolution. In this case, you must ensure that you are in the local HOSTS file or DNS
There is a computer name to query in the database.
The following example shows the output of Ping (Windows: user: Start > run, type "command" from the command window to use this command)
C:\>ping
Pinging, , [192.20.239.132], with, 32, bytes, of, data:
Reply, from, 192.20.239.132:, bytes=32, time=101ms, TTL=243
Reply, from, 192.20.239.132:, bytes=32, time=100ms, TTL=243
Reply, from, 192.20.239.132:, bytes=32, time=120ms, TTL=243
Reply, from, 192.20.239.132:, bytes=32, time=120ms, TTL=243。