欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  科技

Linux查看监听端口的脚本测试

程序员文章站 2023-11-01 21:07:58
本文是按照lfree的博客(https://www.cnblogs.com/lfree/p/10368332.html)中的内容,进行学习、测试、总结的。有些知识点也是在阅读这篇博文时,发现不了解这方面的知识,遂网上搜索相关资料总结了一下。 1:Linux 设备里面有个比较特殊的文件:/dev/[t... ......

本文是按照lfree的博客(https://www.cnblogs.com/lfree/p/10368332.html)中的内容,进行学习、测试、总结的。有些知识点也是在阅读这篇博文时,发现不了解这方面的知识,遂网上搜索相关资料总结了一下。

 

 

1linux 设备里面有个比较特殊的文件:/dev/[tcp|upd]/host/port 只要读取或者写入这个文件,相当于系统会尝试连接:host 这台机器,对应port端口。如果主机以及端口存在,就建立一个socket 连接。将在,/proc/self/fd目录下面,有对应的文件出现。

 

/dev/tcp/${host}/${port} 这个字符串看起来很像一个文件系统中的文件,并且位于 /dev 这个设备文件夹下。但是:这个文件并不存在,而且并不是一个设备文件。这只是 bash 实现的用来实现网络请求的一个接口,其实就像我们自己编写的一个命令行程序,按照指定的格式输入host port参数,就能发起一个socket连接完全一样

 

 

[root@db-server ~]# cat < /dev/tcp/10.20.57.24/23
-bash: connect: connection refused
-bash: /dev/tcp/10.20.57.24/23: connection refused
 
[root@db-server ~]# cat < /dev/tcp/10.20.57.24/22
ssh-2.0-openssh_4.3
 
 
[root@db-server ~]# echo a > /dev/tcp/10.20.57.24/22
[root@db-server ~]# echo $?
0
[root@db-server ~]# echo a > /dev/tcp/10.20.57.24/23
-bash: connect: connection refused
-bash: /dev/tcp/10.20.57.24/23: connection refused
[root@db-server ~]# echo $?
1
 
 
[root@db-server ~]# netstat -ntlp
active internet connections (only servers)
proto recv-q send-q local address               foreign address             state       pid/program name   
tcp        0      0 0.0.0.0:42304               0.0.0.0:*                   listen      7497/ora_d009_gsp   
tcp        0      0 0.0.0.0:50336               0.0.0.0:*                   listen      7481/ora_d005_gsp   
tcp        0      0 127.0.0.1:2208              0.0.0.0:*                   listen      2936/hpiod          
tcp        0      0 0.0.0.0:57505               0.0.0.0:*                   listen      7521/ora_d015_gsp   
tcp        0      0 0.0.0.0:769                 0.0.0.0:*                   listen      2707/rpc.statd      
tcp        0      0 0.0.0.0:31298               0.0.0.0:*                   listen      7533/ora_d018_gsp   
tcp        0      0 0.0.0.0:13026               0.0.0.0:*                   listen      7469/ora_d002_gsp   
tcp        0      0 0.0.0.0:40227               0.0.0.0:*                   listen      7485/ora_d006_gsp   
tcp        0      0 0.0.0.0:62788               0.0.0.0:*                   listen      7537/ora_d019_gsp   
tcp        0      0 0.0.0.0:58151               0.0.0.0:*                   listen      7473/ora_d003_gsp   
tcp        0      0 0.0.0.0:18728               0.0.0.0:*                   listen      7505/ora_d011_gsp   
tcp        0      0 0.0.0.0:29705               0.0.0.0:*                   listen      7529/ora_d017_gsp   
tcp        0      0 0.0.0.0:60011               0.0.0.0:*                   listen      7493/ora_d008_gsp   
tcp        0      0 0.0.0.0:19819               0.0.0.0:*                   listen      7461/ora_d000_gsp   
tcp        0      0 0.0.0.0:50605               0.0.0.0:*                   listen      7513/ora_d013_gsp   
tcp        0      0 0.0.0.0:11149               0.0.0.0:*                   listen      7465/ora_d001_gsp   
tcp        0      0 0.0.0.0:25487               0.0.0.0:*                   listen      7501/ora_d010_gsp   
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   listen      2662/portmap        
tcp        0      0 0.0.0.0:28021               0.0.0.0:*                   listen      7517/ora_d014_gsp   
tcp        0      0 0.0.0.0:46038               0.0.0.0:*                   listen      7525/ora_d016_gsp   
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   listen      2953/sshd           
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   listen      2964/cupsd          
tcp        0      0 0.0.0.0:22392               0.0.0.0:*                   listen      7489/ora_d007_gsp   
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   listen      2999/sendmail: acce 
tcp        0      0 0.0.0.0:12508               0.0.0.0:*                   listen      7477/ora_d004_gsp   
tcp        0      0 0.0.0.0:26302               0.0.0.0:*                   listen      7509/ora_d012_gsp   
[root@db-server ~]# seq 1 65535 | xargs -i{} echo "echo a > /dev/tcp/10.20.57.24/{} 2>/dev/null 2&>1 ; echo ok=\$?,{}" | bash 2>/dev/null | grep ok=0 | cut -d, -f2
22
111
769
11149
12508
13026
18728
19819
22392
25487
26302
28021
29705
31298
40227
42304
45826
46038
50336
50605
50741
52199
56371
57505
58151
60011
62788

 

如上测试所示,上面脚本不会记录环回地址(127.0.0.1)的listen端口。而且脚本执行的效率较低,等待时间过长。

 

 

2:使用nc命令测试,测试结果发现,这个命令的速度完全秒杀上面脚本。但是也是不能定位环回地址(127.0.0.1)的listen端口。需要指定ip地址127.0.0.1才能定位定位环回地址(127.0.0.1)的listen

 

root@db-server ~]# echo a | nc -w 1 -n -v  10.20.57.24 1-65535 2>/dev/null | grep "succeeded"
connection to 10.20.57.24 22 port [tcp/*] succeeded!
connection to 10.20.57.24 111 port [tcp/*] succeeded!
connection to 10.20.57.24 769 port [tcp/*] succeeded!
connection to 10.20.57.24 11149 port [tcp/*] succeeded!
connection to 10.20.57.24 12508 port [tcp/*] succeeded!
connection to 10.20.57.24 13026 port [tcp/*] succeeded!
connection to 10.20.57.24 18728 port [tcp/*] succeeded!
connection to 10.20.57.24 19819 port [tcp/*] succeeded!
connection to 10.20.57.24 22392 port [tcp/*] succeeded!
connection to 10.20.57.24 25487 port [tcp/*] succeeded!
connection to 10.20.57.24 26302 port [tcp/*] succeeded!
connection to 10.20.57.24 28021 port [tcp/*] succeeded!
connection to 10.20.57.24 29705 port [tcp/*] succeeded!
connection to 10.20.57.24 31298 port [tcp/*] succeeded!
connection to 10.20.57.24 40227 port [tcp/*] succeeded!
connection to 10.20.57.24 42304 port [tcp/*] succeeded!
connection to 10.20.57.24 46038 port [tcp/*] succeeded!
connection to 10.20.57.24 50111 port [tcp/*] succeeded!
connection to 10.20.57.24 50336 port [tcp/*] succeeded!
connection to 10.20.57.24 50605 port [tcp/*] succeeded!
connection to 10.20.57.24 57505 port [tcp/*] succeeded!
connection to 10.20.57.24 58151 port [tcp/*] succeeded!
connection to 10.20.57.24 60011 port [tcp/*] succeeded!
connection to 10.20.57.24 62788 port [tcp/*] succeeded!
[root@db-server ~]# echo a | nc -w 1 -n -v  127.0.0.1 1-65535 2>/dev/null | grep "succeeded"
connection to 127.0.0.1 22 port [tcp/*] succeeded!
connection to 127.0.0.1 25 port [tcp/*] succeeded!
connection to 127.0.0.1 111 port [tcp/*] succeeded!
connection to 127.0.0.1 631 port [tcp/*] succeeded!
connection to 127.0.0.1 769 port [tcp/*] succeeded!
connection to 127.0.0.1 2208 port [tcp/*] succeeded!
connection to 127.0.0.1 11149 port [tcp/*] succeeded!
connection to 127.0.0.1 12508 port [tcp/*] succeeded!
connection to 127.0.0.1 13026 port [tcp/*] succeeded!
connection to 127.0.0.1 18728 port [tcp/*] succeeded!
connection to 127.0.0.1 19819 port [tcp/*] succeeded!
connection to 127.0.0.1 22392 port [tcp/*] succeeded!
connection to 127.0.0.1 25487 port [tcp/*] succeeded!
connection to 127.0.0.1 26302 port [tcp/*] succeeded!
connection to 127.0.0.1 28021 port [tcp/*] succeeded!
connection to 127.0.0.1 29705 port [tcp/*] succeeded!
connection to 127.0.0.1 31298 port [tcp/*] succeeded!
connection to 127.0.0.1 40227 port [tcp/*] succeeded!
connection to 127.0.0.1 42304 port [tcp/*] succeeded!
connection to 127.0.0.1 46038 port [tcp/*] succeeded!
connection to 127.0.0.1 50336 port [tcp/*] succeeded!
connection to 127.0.0.1 50605 port [tcp/*] succeeded!
connection to 127.0.0.1 57505 port [tcp/*] succeeded!
connection to 127.0.0.1 58151 port [tcp/*] succeeded!
connection to 127.0.0.1 60011 port [tcp/*] succeeded!
connection to 127.0.0.1 62788 port [tcp/*] succeeded!
[root@db-server ~]# 

 

 

这些命令其实是查看服务器处于 listening状态的端口。跟服务器开放的端口是两回事情。如下所示,使用nmap扫描,发现服务器只开放了这些端口。

 

 

# nmap 10.20.57.24
 
starting nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2019-02-15 17:01 cst
interesting ports on 10.20.57.24:
not shown: 1674 filtered ports
port     state  service
22/tcp   open   ssh
631/tcp  closed ipp
1521/tcp open   oracle
3306/tcp closed mysql
5901/tcp closed vnc-1
5902/tcp closed vnc-2

 

对比测试如下:

 

 

 

 

 

 

 

 

 

参考资料:

 

https://www.jianshu.com/p/80d6b5a61372

http://www.cnblogs.com/chengmo/archive/2010/10/22/1858302.html