# songsong 문자열과 일치하는 경우 

cat lewis*.txt | awk -F '|' '{if($4 == "songsong") { print $0}}'


# songsong 문자열을 포함하는 경우

cat lewis*.txt | awk -F '|' '{if($4 ~ "songsong") { print $0}}'


# 다중 문자 검색 (grep)

cat file.txt | grep "A\|B"

cat file.txt | grep -P "A|B"


# 다중 문자 검색 (egrep)

cat file.txt | egrep '(A|B)'


# 다중 문자 검색 (awk)

cat my_file.txt | awk '/A|B/'

어제 오늘 생성된 파일중에서 특정 IP에서 발생한 로그를 빠르게 확인하려면?

ex.) 현재 디렉토리에서 하루전 수정된 파일 유형을 찾아 111.111.111.111 IP를 검색하라~

# find ./ -type f -mtime -1 -print -exec grep -H "111.111.111.111" {} \;




:: 장비 모델명 확인

[root@thor036 deploy]# dmidecode -s system-product-name

PowerEdge R610


:: 전체코어 갯수

[root@localhost leopit]# grep -c processor /proc/cpuinfo

24


:: cpu당 물리코어

[root@localhost leopit]# grep 'cpu cores' /proc/cpuinfo | tail -1

cpu cores : 6


:: CPU 모델

[root@localhost leopit]# cat   /proc/cpuinfo | grep "model name"

model name : Intel(R) Xeon(R) CPU           E5645  @ 2.40GHz

model name : Intel(R) Xeon(R) CPU           E5645  @ 2.40GHz


:: 메모리 정보

[root@localhost leopit]# cat /proc/meminfo | grep MemTotal

MemTotal:       65794388 kB


:: pcap 파일에서 DST IP 변경하기

tcprewrite -i 1.pcap -o 1_re.pcap -D 1.1.1.1:192.168.234.130 -C
// kali 리눅스에는 기본 탑재되어 있음 -D 옵션이 DST IP, -S 옵션은 SRC IP 변경
// tcprewrite 라고만 커맨드 치면  help 확인 가능


:: packet replay 시키기
// tcpreplay 이용


port 2 - Death
port 21 - Back Construction, Blade Runner, Doly Trojan, Fore, FTP trojan, Invisible FTP, Larva, MBT, Motiv, Net Administrator, Senna Spy FTP Server, WebEx, WinCrash
port 23 - Tiny Telnet Server, Truva Atl
port 25 - Aji, Antigen, Email Password Sender, Gip, Happy 99, I Love You, Kuang 2, Magic Horse, Moscow Email Trojan, Naebi, NewApt, ProMail trojan, Shtrilitz, Stealth, Tapiras, Terminator, WinPC, WinSpy
port 31 - Agent 31, Hackers Paradise, Masters Paradise
port 41 - DeepThroat
port 48 - DRAT
port 50 - DRAT
port 59 - DMSetup
port 79 - Firehotcker
port 80 - Back End, Executor, Hooker, RingZero
port 99 - Hidden Port
port 110 - ProMail trojan
port 113 - Invisible Identd Deamon, Kazimas
port 119 - Happy 99
port 121 - JammerKillah
port 123 - Net Controller
port 133 - Farnaz, port 146 - Infector
port 146 (UDP) - Infector
port 170 - A-trojan
port 421 - TCP Wrappers
port 456 - Hackers Paradise
port 531 - Rasmin
port 555 - Ini-Killer, NeTAdministrator, Phase Zero, Stealth Spy
port 606 - Secret Service
port 666 - Attack FTP, Back Construction, NokNok, Cain & Abel, Satanz Backdoor, ServeU, Shadow Phyre
port 667 - SniperNet
port 669 - DP Trojan
port 692 - GayOL
port 777 - Aim Spy
port 808 - WinHole
port 911 - Dark Shadow
port 999 - DeepThroat, WinSatan
port 1000 - Der Spacher 3
port 1001 - Der Spacher 3, Le Guardien, Silencer, WebEx
port 1010 - Doly Trojan
port 1011 - Doly Trojan
port 1012 - Doly Trojan
port 1015 - Doly Trojan
port 1016 - Doly Trojan
port 1020 - Vampire
port 1024 - NetSpy
port 1042 - Bla
port 1045 - Rasmin
port 1050 - MiniCommand
port 1080 - WinHole
port 1081 - WinHole
port 1082 - WinHole
port 1083 - WinHole
port 1090 - Xtreme
port 1095 - RAT
port 1097 - RAT
port 1098 - RAT
port 1099 - BFevolution, RAT
port 1170 - Psyber Stream Server, Streaming Audio trojan, Voice
port 1200 (UDP) - NoBackO
port 1201 (UDP) - NoBackO
port 1207 - SoftWAR
port 1212 - Kaos
port 1225 - Scarab
port 1234 - Ultors Trojan
port 1243 - BackDoor-G, SubSeven, SubSeven Apocalypse, Tiles
port 1245 - VooDoo Doll
port 1255 - Scarab
port 1256 - Project nEXT
port 1269 - Mavericks Matrix
port 1313 - NETrojan
port 1338 - Millenium Worm
port 1349 (UDP) - BO DLL
port 1492 - FTP99CMP
port 1509 - Psyber Streaming Server
port 1524 - Trinoo
port 1600 - Shivka-Burka
port 1777 - Scarab
port 1807 - SpySender
port 1966 - Fake FTP
port 1969 - OpC BO
port 1981 - Shockrave
port 1999 - BackDoor, TransScout
port 2000 - Der Spaeher 3, Insane Network, TransScout
port 2001 - Der Spaeher 3, TransScout, Trojan Cow
port 2002 - TransScout
port 2003 - TransScout
port 2004 - TransScout
port 2005 - TransScout
port 2023 - Ripper
port 2080 - WinHole
port 2115 - Bugs
port 2140 - Deep Throat, The Invasor
port 2155 - Illusion Mailer
port 2283 - HVL Rat5
port 2300 - Xplorer
port 2565 - Striker
port 2583 - WinCrash
port 2600 - Digital RootBeer
port 2716 - The Prayer
port 2773 - SubSeven
port 2801 - Phineas Phucker
port 3000 - Remote Shutdown
port 3024 - WinCrash
port 3128 - RingZero
port 3129 - Masters Paradise
port 3150 - Deep Throat, The Invasor
port 3456 - Teror Trojan
port 3459 - Eclipse 2000, Sanctuary
port 3700 - Portal of Doom
port 3791 - Eclypse
port 3801 (UDP) - Eclypse
port 4000 - Skydance
port 4092 - WinCrash
port 4242 - Virtual hacking Machine
port 4321 - BoBo
port 4444 - Prosiak, Swift remote
port 4567 - File Nail
port 4590 - ICQTrojan
port 5000 - Bubbel, Back Door Setup, Sockets de Troie
port 5001 - Back Door Setup, Sockets de Troie
port 5010 - Solo
port 5011 - One of the Last Trojans (OOTLT)
port 5031 - NetMetropolitan
port 5031 - NetMetropolitan
port 5321 - Firehotcker
port 5343 - wCrat
port 5400 - Blade Runner, Back Construction
port 5401 - Blade Runner, Back Construction
port 5402 - Blade Runner, Back Construction
port 5550 - Xtcp
port 5512 - Illusion Mailer
port 5555 - ServeMe
port 5556 - BO Facil
port 5557 - BO Facil
port 5569 - Robo-Hack
port 5637 - PC Crasher
port 5638 - PC Crasher
port 5742 - WinCrash
port 5882 (UDP) - Y3K RAT
port 5888 - Y3K RAT
port 6000 - The Thing
port 6006 - The Thing
port 6272 - Secret Service
port 6400 - The Thing
port 6667 - Schedule Agent
port 6669 - Host Control, Vampyre
port 6670 - DeepThroat, BackWeb Server, WinNuke eXtreame
port 6711 - SubSeven
port 6712 - Funny Trojan, SubSeven
port 6713 - SubSeven
port 6723 - Mstream
port 6771 - DeepThroat
port 6776 - 2000 Cracks, BackDoor-G, SubSeven
port 6838 (UDP) - Mstream
port 6912 - Shit Heep (not port 69123!)
port 6939 - Indoctrination
port 6969 - GateCrasher, Priority, IRC 3, NetController
port 6970 - GateCrasher
port 7000 - Remote Grab, Kazimas, SubSeven
port 7001 - Freak88
port 7215 - SubSeven
port 7300 - NetMonitor
port 7301 - NetMonitor
port 7306 - NetMonitor
port 7307 - NetMonitor
port 7308 - NetMonitor
port 7424 - Host Control
port 7424 (UDP) - Host Control
port 7789 - Back Door Setup, ICKiller
port 7983 - Mstream
port 8080 - RingZero
port 8787 - Back Orifice 2000
port 8897 - HackOffice
port 8988 - BacHack
port 8989 - Rcon
port 9000 - Netministrator
port 9325 (UDP) - Mstream
port 9400 - InCommand
port 9872 - Portal of Doom
port 9873 - Portal of Doom
port 9874 - Portal of Doom
port 9875 - Portal of Doom
port 9876 - Cyber Attacker, RUX
port 9878 - TransScout
port 9989 - iNi-Killer
port 9999 - The Prayer
port 10067 (UDP) - Portal of Doom
port 10085 - Syphillis
port 10086 - Syphillis
port 10101 - BrainSpy
port 10167 (UDP) - Portal of Doom
port 10528 - Host Control
port 10520 - Acid Shivers
port 10607 - Coma
port 10666 (UDP) - Ambush
port 11000 - Senna Spy
port 11050 - Host Control
port 11051 - Host Control
port 11223 - Progenic trojan, Secret Agent
port 12076 - Gjamer
port 12223 - Hack´99 KeyLogger
port 12345 - GabanBus, My Pics, NetBus, Pie Bill Gates, Whack Job, X-bill
port 12346 - GabanBus, NetBus, X-bill
port 12349 - BioNet
port 12361 - Whack-a-mole
port 12362 - Whack-a-mole
port 12623 (UDP) - DUN Control
port 12624 - Buttman
port 12631 - WhackJob
port 12754 - Mstream
port 13000 - Senna Spy
port 13010 - Hacker Brazil
port 15092 - Host Control
port 15104 - Mstream
port 16660 - Stacheldracht
port 16484 - Mosucker
port 16772 - ICQ Revenge
port 16969 - Priority
port 17166 - Mosaic
port 17300 - Kuang2 The Virus
port 17777 - Nephron
port 18753 (UDP) - Shaft
port 19864 - ICQ Revenge
port 20001 - Millennium
port 20002 - AcidkoR
port 20034 - NetBus 2 Pro, NetRex, Whack Job
port 20203 - Chupacabra
port 20331 - Bla
port 20432 - Shaft
port 20432 (UDP) - Shaft
port 21544 - GirlFriend, Kidterror, Schwindler, WinSp00fer
port 22222 - Prosiak
port 23023 - Logged
port 23432 - Asylum
port 23456 - Evil FTP, Ugly FTP, Whack Job
port 23476 - Donald Dick
port 23476 (UDP) - Donald Dick
port 23477 - Donald Dick
port 26274 (UDP) - Delta Source
port 26681 - Spy Voice
port 27374 - SubSeven
port 27444 (UDP) - Trinoo
port 27573 - SubSeven
port 27665 - Trinoo
port 29104 - Host Control
port 29891 (UDP) - The Unexplained
port 30001 - TerrOr32
port 30029 - AOL Trojan
port 30100 - NetSphere
port 30101 - NetSphere
port 30102 - NetSphere
port 30103 - NetSphere
port 30103 (UDP) - NetSphere
port 30133 - NetSphere
port 30303 - Sockets de Troie
port 30947 - Intruse
port 30999 - Kuang2
port 31335 (UDP) - Trinoo
port 31336 - Bo Whack, ButtFunnel
port 31337 - Baron Night, BO client, BO2, Bo Facil
port 31337 (UDP) - BackFire, Back Orifice, DeepBO, Freak>
port 31338 - NetSpy DK, ButtFunnel
port 31338 (UDP) - Back Orifice, DeepBO
port 31339 - NetSpy DK
port 31666 - BOWhack
port 31785 - Hack´a´Tack
port 31787 - Hack´a´Tack
port 31788 - Hack´a´Tack
port 31789 (UDP) - Hack´a´Tack
port 31791 (UDP) - Hack´a´Tack
port 31792 - Hack´a´Tack
port 32100 - Peanut Brittle, Project nEXT
port 32418 - Acid Battery
port 33333 - Blakharaz, Prosiak
port 33577 - PsychWard
port 33777 - PsychWard
port 33911 - Spirit 2001a
port 34324 - BigGluck, TN
port 34555 (UDP) - Trinoo (Windows)
port 35555 (UDP) - Trinoo (Windows)
port 37651 - YAT
port 40412 - The Spy
port 40421 - Agent 40421, Masters Paradise
port 40422 - Masters Paradise
port 40423 - Masters Paradise
port 40426 - Masters Paradise
port 41666 - Remote Boot
port 41666 (UDP) - Remote Boot
port 44444 - Prosiak
port 47262 (UDP) - Delta Source
port 50505 - Sockets de Troie
port 50766 - Fore, Schwindler
port 51996 - Cafeini
port 52317 - Acid Battery 2000
port 53001 - Remote Windows Shutdown
port 54283 - SubSeven
port 54320 - Back Orifice 2000
port 54321 - School Bus
port 54321 (UDP) - Back Orifice 2000
port 57341 - NetRaider
port 58339 - ButtFunnel
port 60000 - Deep Throat
port 60068 - Xzip 6000068
port 60411 - Connection
port 61348 - Bunker-Hill
port 61466 - Telecommando
port 61603 - Bunker-Hill
port 63485 - Bunker-Hill
port 65000 - Devil, Stacheldracht
port 65432 - The Traitor
port 65432 (UDP) - The Traitor
port 65535 - RC

Name
Port
CYN
113
Net Taxi
142
Backage
334
BAL
666
Back constrution
666
Undetected
777
Vampire
1020
internal revise
1064
subseven
1074
subseven 1.9
1243
subseven 1.0
1243
Frenzy
1257
Remote Hack
1480
TMC presents
1999
SheepGoat
2003
dagger
2589
Wartojan
4201
CrAcKDoWn
4444
Net Metropolitan
5031
backage 3.0.1
5333
wincrash
5742
y3k rat 1.6
5802
y3k rat
5802
Y3k rat
5880
Deep throat
6000
Matrix
7778
ReVeNgEr
7891
Netministrator Client
9000
incommand
9400
incommand
9400
AMBUSH
10666
net bus
12345
Net bus
12345
bionet
12349
bionet 0.8
12349
bionet 2.1.1
12349
NetDemon
15000
subzero
15382
crazzynet by CrazzWak
17499
crazzynet by CrazzWak
17499
Millenium
20001
Girl Friend
21554
kid terror
21554
Net Tarsh
23005
sub7bonus
27374
infector by fc
30000
error32
30001
Netsphere
30100
intruse by chams
30947
Deep Bo
31337
ACID BATTERY
32418
Acropolis
32791
Prosiak
44444
Delta Source
47269
School bus
54321


'Security' 카테고리의 다른 글

모의해킹 시나리오 정리  (0) 2017.01.08
해킹툴이 사용하는 포트  (0) 2017.01.08
웹 사이트 보안 및 DoS(Denial-of-Service) 공격 방지  (0) 2017.01.08
암호화 모드  (0) 2017.01.08
방화벽 내용 정리  (0) 2017.01.08

ctrl+break
o/r 0x2142
en
conf t
enable secret cisco
config-register 0x2142
end
write
reload

sh run

패스워드 확인 enable secret ..................

sh flash

int atm 0/0

'Network' 카테고리의 다른 글

라우터 - Spanning Tree, Trunk Port  (0) 2017.01.08
라우터 설정  (0) 2017.01.08
Routing Table  (0) 2017.01.08
TTL (Time To Live)  (0) 2017.01.08
VoIP 개요, 구성도, 도입장점, 네트워크 구성도  (0) 2017.01.07

[root@s92 network-scripts]# route add -host 211.63.89.90 eth0
[root@s92 network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
211.63.89.91    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
211.63.89.90    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
211.63.89.93    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
211.238.132.0   211.63.89.1     255.255.255.0   UG    0      0        0 eth0
211.63.89.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         211.63.89.1     0.0.0.0         UG    0      0        0 eth0
[root@s92 network-scripts]#

[root@s92 network-scripts]# route add -net 211.238.133.0 netmask 255.255.255.0 gw 211.63.89.1 dev eth0
[root@s92 network-scripts]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
211.63.89.91    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
211.63.89.90    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
211.63.89.93    0.0.0.0         255.255.255.255 UH    0      0        0 eth0
211.238.133.0   211.63.89.1     255.255.255.0   UG    0      0        0 eth0
211.238.132.0   211.63.89.1     255.255.255.0   UG    0      0        0 eth0
211.63.89.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         211.63.89.1     0.0.0.0         UG    0      0        0 eth0

cf) 사설에서 사설로 접속할때 서버1에서 아래와 같이 세팅해준다.
[root@s92 network-scripts]# route add -net 172.16.30.0/24 gw 211.63.89.93 dev eth0

:: 삭제 방법
route del -net 211.63.89.0 netmask 25


'Network' 카테고리의 다른 글

라우터 설정  (0) 2017.01.08
라우터 패스워드 복구  (0) 2017.01.08
TTL (Time To Live)  (0) 2017.01.08
VoIP 개요, 구성도, 도입장점, 네트워크 구성도  (0) 2017.01.07
netstat 상태 설명  (0) 2017.01.06
packet time-to-live, TTL, -維持時間  [통신망]

전송 패킷이 네트워크에서 너무 오랫동안 돌아다니지 않도록 라우터에서 폐기 여부를 결정하기 위한 패킷 헤더의 한 필드 정보. 일반적으로 라우터의 한 홉(hop)을 통과할 때마다 1씩 감소하는데, 0값이 되면 해당 라우터에서 네트워크 부하 감소를 위해 폐기하게 되며 수신지에서는 그 패킷이 오지 않아 다시 보내줄 것을 송신지에 요청한다. 윈도즈 95/98 디폴트 TTL 값은 32이고, 경우에 따라 128로 변경할 수 있다.

 

OS

TCP_TTL

UDP_TTL

AIX

60

30

DEC Pathworks V5

30

30

FreeBSD 2.1R

64

64

HP/UX 10.01

64

64

Linux

64

64

MacOS/MacTCP 2.0.x

60

60

Solaris 2.x

255

255

MS Windows 98

128

128

MS Windows NT 4.0/2000

128

128


'Network' 카테고리의 다른 글

라우터 패스워드 복구  (0) 2017.01.08
Routing Table  (0) 2017.01.08
VoIP 개요, 구성도, 도입장점, 네트워크 구성도  (0) 2017.01.07
netstat 상태 설명  (0) 2017.01.06
각 포트별 TCP/UDP 서비스  (0) 2017.01.06

DB에 데이타가 많이 싸이면 그동안의 dml로 인해 index의 속도가 현저히 떨어집니다.
이럴때 index를 다시 정렬해주시면 검색속도가 올라갑니다.

# cd mysql/var/디비명
# myisamchk -R1 *

+ Recent posts