歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux基礎 >> Linux教程

Linux入侵蹤跡隱藏攻略(四)

 listening on [any] 2200 ...

  connect to [10.0.77.15] from (UNKNOWN) [10.0.64.36] 49341

  test

  =====>這是本地監聽端口2200接收到了來自遠程linux的連接

  client ----visit--------> linux 10.0.64.36:3000 -------send-------> win 10.0.77.15:2200

  +++++++++++++++++++++++++++++++++++++++++

  ===redir====

  同樣也是一個端口重定向工具

  [root@security-lab1 ~]# ifconfig

  eth0 Link encap:Ethernet HWaddr 00:13:72:4F:11:45

  inet addr:10.0.64.36 Bcast:10.0.64.255 Mask:255.255.255.0

  inet6 addr: fe80::213:72ff:fe4f:1145/64 Scope:Link

  UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

  RX packets:6299748 errors:0 dropped:0 overruns:0 frame:0

  TX packets:1015669 errors:0 dropped:0 overruns:0 carrier:0

  collisions:0 txqueuelen:1000

  RX bytes:666609648 (635.7 MiB) TX bytes:763775653 (728.3 MiB)

  Base address:0xecc0 Memory:fe6e0000-fe700000

  [root@security-lab1 ~]# uname -a

  Linux security-lab1 2.6.9-22.ELsmp #1 SMP Mon Sep 19 18:32:14 EDT 2005 i686 i686 i386 GNU/Linux

  [root@security-lab1 ~]# cat /etc/issue

  Red Hat Enterprise Linux AS release 4 (Nahant Update 2)

  Kernel \r on an \m

  [root@security-lab1 ~]# which redir

  /usr/bin/redir

  [root@security-lab1 ~]# nc -vv localhost 22

  localhost.localdomain [127.0.0.1] 22 (ssh) open

  SSH-1.99-OpenSSH_3.9p1

  sent 0, rcvd 23

  [root@security-lab1 ~]# nc -vv -n 10.0.76.109 22 =====>遠程主機,我們要重定向的端口

Copyright © Linux教程網 All Rights Reserved