ping测试工具

ping测试工具 It is a DOS command that is used to detect network pass-through, also called delay, and the greater the value, the slower the speed PING (Packet Internet Grope), the Internet Packet explorer, is used to test the amount of network connections. Ping sends an ICMP echo request message to the destination and reports whether the desired ICMP echo response is received. It is a command to check whether the network is open or network connection speed. As a life on the network administrator or hacker, ping command is the first to the DOS command must be mastered, the principle is this: it used the machine on the network has only determine the IP address, we send a packet to the destination IP address, the other party will return a same size of packets, according to the return packets we can determine the existence of the target host, can preliminary judgment of the target host operating system, etc. Ping is an executable command that comes with the Windows series. Using it to check that the network is connected, it can be a good way to help us analyze a network failure. Application format: Ping IP address. The command can also be used with a number of parameters, specifically type Ping in return for detailed instructions. Ping refers to an end-to-end connection, usually used as a test of availability, However, some virus trojans will force a large number of remote execution ping commands to preempt your network resources, causing the system to slow down and slow down the network. The ping intrusion is prohibited as a basic feature of most firewalls for users to choose from. -a parse computer NetBios name. Example: C: \ > ping - a 192.168.1.21 (1) Pinging iceblood.yofor.com [192.168.1.21] with 32 bytes of data: Reply from 192.168.1.21: bytes = 32 time < 10ms TTL = 254 Reply from 192.168.1.21: bytes = 32 time < 10ms TTL = 254 Reply from 192.168.1.21: bytes = 32 time < 10ms TTL = 254 Reply from 192.168.1.21: bytes = 32 time < 10ms TTL = 254 Ping statistics for 192.168.1.21: (1) in the first place, I was Sent to the United States. Minimum = 0ms, Maximum = 0ms, Average = 0ms From above, you can see that the computer NetBios with IP 192.168.1.21 is called iceblood.yofor.com. N count sends the number of Echo packets specified by count. By default, generally only send four packets, sent via this command can define your own number, is very helpful to measure the network speed, for example, I want to test the 50 packets back for an average of how many, how long does it take for the fastest, the slowest time how many can be used for the following analysis: C: \ > ping - n 50202.103.96.68 Pinging 202.103.96.68 with 32 bytes of data: Reply from 202.103.96.68: bytes = 32 time = 50ms TTL = 241 Reply from 202.103.96.68: bytes = 32 time = 50ms TTL = 241 Reply from 202.103.96.68: bytes = 32 time = 50ms TTL = 241 The Request timed out. ...... Reply from 202.103.96.68: bytes = 32 time = 50ms TTL = 241 Reply from 202.103.96.68: bytes = 32 time = 50ms TTL = 241 Ping statistics for 202.103.96.68: (1) in the first place, I would like to take a trip to the United States. Minimum = 40ms, Maximum = 51ms, Business = 46 ms I can know from above in the process of sending 202.103.96.68 50 packets, returned to the 48, there are two lost due to unknown reasons, the fastest return of 48 packets of 40 ms, the slowest of 51 ms, an average speed of 46 ms. -l size. Define the size of the echo packet. By default Windows ping packets sent size 32 byt, we can also define your own the size of it, but there is a size limit, is the largest can only send 65500 byt, maybe someone will ask why limit to 65500 byt, because Windows has a series of system security holes (may also include other systems) is when send each other a packet is greater than or equal to 65532, when the other party is likely when the machine, so the company in order to solve the security vulnerabilities and limits the ping packet size. Although Microsoft has done this limit, but with the other parameters of this parameter after damage is still very strong, for example, we can cooperate with -t parameters to achieve a dangerous offensive command: (the following introduction, used only for test, please do not easily to others on the machine, otherwise the consequence is proud.) C: \ > ping - l 65500-t 192.168.1.21 Pinging 192.168.1.21 with 65500 bytes of data: Reply from 192.168.1.21: bytes = 65500 time < 10ms TTL = 254 Reply from 192.168.1.21: bytes = 65500 time < 10ms TTL = 254 ...... So that it can constantly send 192.168.1.21 computer size of 65500 byt the packet, if you only have a computer may not have any effect, but if there are a lot of computer can make each other complete paralysis, ever do such a test, when used at the same time more than 10 sets of computer ping an Win2000Pro system computer, less than five minutes of each other's network has been completely paralyzed, network jam, HTTP and FTP service to stop completely, thus not trivial. The -f sends the "no section" flag in the packet. In general, the packets you send will be sent to each other via the routing section, and the routing will not be processed in the future. The -i TTL specifies the time that the TTL value stays in the other's system. This parameter also helps you check the network's performance. The -v TOS set the "service type" field to the value specified by the TOS. -r count records the routing and return packets in the "record route" field. In general, the packets you send are routed through routing, but what are the routes? Through this parameter can be set you want to detect after the number of routing, but limited to nine, which means you can only track to 9 routing, if want to detect more, can be achieved by other commands. C: \ > pings - n 1-r 9202.96.105.101 (send a packet and record up to nine routes) Pinging 202.96.105.101 with 32 bytes of data: Reply from 202.96.105.101: bytes = 32 time = 10ms TTL = 249 Route: 202.107.208.187 - > 202.107.210.214 - > 61.153.112.70-> 61.153.112.89 - > 202.96.105.149-> 202.96.105.97-> 202.96.105.101-> 202.96.105.150-> 61.153.112.90 Ping statistics for 202.96.105.101: : "Sent = 1", "Received = 1", "Lost = 0" (0% loss) You're in milli - seconds. Minimum = 10ms, Maximum = 10ms, Average = 10ms From above, I can know from my computer to 202.96.105.101 passed 202.107.208.187, total 202.107.210.214, 61.153.112.70, 61.153.112.89, 202.96.105.149, 202.96.105.97 these routing. The -s count specifies the timestamp of the jump point specified by count. This parameter is about the same as -r, except that this parameter does not record the route that the packet is returning to, and only 4 is recorded. The -j host -list USES the computer list specified by computer-list to route the packets. A continuous computer can be separated by the middle gateway (the route sparse source) with a maximum number of 9. The -k host -list USES the computer list specified by computer-list to route the packets. A continuous computer cannot be separated by the middle gateway (route strictly source) IP allowed by the maximum number of 9. The -w timeout specifies the timeout interval, in milliseconds. 12, -t - continuously Ping the IP address until the user is interrupted by a Ctrl + C. Prevent pings and closed ports As the school campus network more and more people use, the user on the improvement of the network knowledge, and a lot of people on the Internet to download some hacking tools or use the Ping command, port scanning, IP looking for meat grinder, brings a bad effect. Ping commands it to send a small packet to the address you provide, and then listen to the machine for "reply". Find out which machines are active on the network. Use Ping invasion is ICMP invasion, principle is in a period of time through Ping continuous send a large number of requests make computer to computer the high CPU utilization rate reach 100% and the system to crash or even collapse. Based on this, write this IP security policy against Ping to ensure your system is secure. Actually, it's ok to install and set up a firewall, but the firewall isn't always going to be installed. It's no use if you install a firewall but don't modify it and add IP rules. Some configurations are not high enough for firewalls to be avoided and the way to set up security in your system manually is a way to do it. Here's the concrete creation process: (1) create IP security policies 1, in turn, click "start - > control panel - > administrative tools - > local security policy", open the "local security Settings", right-click on the dialog box to the left of the "IP security policy, the local computer" option, "create IP security policy" command. (some simple clicks on the next steps and so on.) 2, in the event of a default response rules of authentication methods "dialog we selected" this string is used to protect key exchange (pre Shared key) "option, then any type a string in the text box below. (" no Ping ") 3, completed the IP security policy after the creation of "IP filter list" window, click the "add" button will pop up at this time "IP filter wizard" window, click the "next", we will pop up at this time "IP communications source" page, set the source address in the page for the IP address of the "I" : "destination address" as "any IP address", any IP address of the computer cannot Ping your machine. A closed port is available in the filter properties. Such as closed TCP port 135: in the "select protocol type" drop-down list, select "TCP", and then under the "to the port of the text box input" 135 ", click "ok" button, and then add a shield TCP port 135 (RPC) filter, it can prevent the outside world through port 135 on your computer. Repeat the closed TCP UDP and other ports that you think need to be closed. Here's a different one. 4, in turn, click "next" and "finish", at this point, you will see just created in "IP filter list" of a filter, the selected click the "next", we in the "filter operation" in the page set a filter operation for "security" option. (2) assign IP security policies After the security policy is created, it won't take effect immediately, and we need to make it work by "assigning" functionality. Method is: in the "console root node" right-click "new IP security strategy", and then on the right-click menu "assigned" command, you can enable this strategy. At this point, the host has the ability to reject any other machine to Ping its own IP address, but can still Ping itself locally. After this setup, all users (including administrators) can't Ping the server on other machines. You don't have to worry about being pinging any more. If you shut down some of the hacking tools and trojans, your system will be even more solid. The process of Ping and the reason for the one-way Ping The most common testing tool we use when the web is in trouble is the Ping command. But sometimes we will encounter the phenomenon of single direction Ping, for example through A HUB or A cross thread connection of computer A and B in the same local area network, when check the network connectivity between them, found from the host A Ping host B normal and from the host B Ping host A, "no answer" overtime mistakes. Why is that? To understand the mystery, it is important to see what the Ping command process looks like. Assume that the IP address of the host A is 192.168.1.1, the IP address of the host B is 192.168.1.2 instead, all in the same subnet, then when you run on host A "Ping 192.168.1.2 instead", what's happening? First of all, the Ping command will build a fixed format of ICMP request packets, and then by the ICMP protocol address "192.168.1.2 instead" along with the packet to the IP layer protocol (like the ICMP, is actually a set of background processes), IP layer protocol to address "192.168.1.2 instead" as the purpose, the machine IP address as the source address, plus some other control information, build an IP packet, and find out the IP address in a mapping table 192.168.1.2 instead of the physical address (also called a MAC address, familiar with network adapter configuration friends don't strange, this is a data link layer protocol to build the data link layer frame transmission unit - required), along with to the data link layer. Which to build a data frame, to get the physical address of the destination address is the IP layer, the source address is the physical address of the machine, but also on some additional control information, based on the Ethernet media access rules, will transmit them. When the host B receives this frame, check its destination address first, and compare it with the physical address of the machine. Otherwise discarded. After receiving, check the data frame, extract the IP packet from the frame, and leave it to the native IP layer protocol. Also, after checking the IP layer, the useful information extracted to the ICMP protocol, the latter processing, immediately build A ICMP reply packets, sent to the host A, its process and host A send ICMP request packets to the host B. From the Ping's working process, we can see that host A receives A reply package from host B, indicating that both hosts and the return path are normal. That is, whether from host A to host B, or from host B to host A, is normal. So, what is the cause of the pings? A personal firewall is installed Machine in a Shared Internet access, for security reasons, most as a host server install a personal firewall software, and the other machine as the client are generally not to install. Almost all personal firewall software, No other machine pings are allowed by default. In general, it is from outside the ICMP request packet filtering, but it is for this machine is out of the ICMP request packets, and from outside the ICMP reply message without any restrictions. This way, if the network is normal from the other machine, there is no problem. But if you Ping the machine from other machines, even if the network is all right, there will be a "timeout no response" error. Most of the one-directional pings are based on this. The solution is also simple: adjust the Settings accordingly, depending on the type of firewall you use. Error setting the IP address Under normal circumstances, a host should have a card, an IP address, or multiple network CARDS, multiple IP address (the address must be in a different IP subnet). But the computer that USES in public place, especially net cafe, the person many hands miscellaneous, among them do not have "explorer". Once it has also appeared in two computers of the single direction Ping, after careful inspection, found that one of the computer "dial-up adapter" (the equivalent of a piece of soft card) of TCP/IP Settings, set up an IP address and network card in the same subnet an IP address, so that in IP layer protocol point of view, the host will have two different interfaces in the same network segment. When you Ping other machines from this host, this is the problem: (1) the host does not know which network interface to send the packet, because there are two network interfaces that are connected to the same network segment. (2) the host does not know which address to use as the source address of the packet. Therefore, from this host to Ping other machines, the IP layer protocol cannot be processed, and after the timeout, the Ping will give you an error message of "timeout without reply". But from other host Ping the host request packets from a particular network adapter, ICMP just simply swap purpose, source address, and change the symbols, the ICMP reply packets can be sent smoothly, other host also can successfully Ping the machine