有没有办法检测到我路由器中特定端口的请求?
我打开了路由器的端口,该端口已链接到我设置的媒体服务器,并且可以从任何地方访问,所以我的目的是监视发送到此服务器的请求(本质上是发送到此端口)
是否有一种方法来嗅探这个端口(不使用Wireshark,我想嗅探此端口,并且仅此端口 - 即使是带有时间戳ANS IPS的CMD窗口)
I opened a port to my router which is linked to a media server I got set up and its accessible from anywhere, so my intention is to monitor the requests sent to this server (essentially, sent to this port)
Is there a way to sniff this port (not with wireshark, I want to sniff this port and this port only- even a cmd window with timestamps ans ips will do)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我假设您正在使用Linux。
尝试TSHARK工具。
Instalation
将
Your-user-name用您的真实姓名替换为使用TSHARK。使用过滤数据包和字段的示例
输出中
:将端口
80替换为要监视的TCP端口号,并用接口名称ETH0。OTPUT的示例:
第一个字段是一天中的当前时间,即00小时30分钟53秒。
第二个字段是连接到端口80的设备的IP地址。
启动新连接时仅捕获和分析数据包,即具有flags syn = 1和ack = 0的设备。
Windows
如果您使用的是Windows,则TSHARK的参数将保持不变,除了您需要使用其他方法而不是AWK过滤器来选择时间和IP地址字段。
I assume you're using Linux.
Try the Tshark tool.
Instalation
Replace the
your-user-namewith your real name of user, which will use Tshark.Example of use
Filtering packets and fields in the output:
Replace port
80with the TCP port number that you want to monitor andeth0with your interface name.Example of otput:
The first field is the current time of day, i.e. 00 hours 30 minutes 53 sec.
The second field is the IP address of the device that connects to port 80.
Only packets are captured and analyzed when a new connection is initiated, i.e. which have flags SYN=1 and ACK=0.
Windows
If you're using Windows, the parameters for Tshark will remain the same, except you need to use a different method instead of the awk filter to select the time and the IP address fields.