Network

Mylg Ağ Tanılama Aracı Nasıl Kullanılır?

17 Kasım 2018

Mylg Ağ Tanılama Aracı Nasıl Kullanılır?

myLG, farklı ağ tanımlama araçlarının tek bir ağ teşhis aracı olarak birleştiren açık kaynaklı bir yazılım programıdır. Kullanımı oldukça basittir.

Herhangi bir ülke üzerinden DNS sorgulama

ns
connect COUNTRY
node CITY/PROV
dig SITE

hping aracılığı ile sitenin test edilmesi

local> hping https://www.google.com -trace -c 4
HPING www.google.com (216.58.194.196), Method: HEAD, DNSLookup: 17.2923 ms
HTTP Response seq=0, proto=HTTP/1.1, status=200, time=183.097 ms, connection=34.789 ms, first byte read=148.167 ms
HTTP Response seq=1, proto=HTTP/1.1, status=200, time=164.960 ms, connection=27.764 ms, first byte read=137.096 ms
HTTP Response seq=2, proto=HTTP/1.1, status=200, time=153.559 ms, connection=27.881 ms, first byte read=125.526 ms
HTTP Response seq=3, proto=HTTP/1.1, status=200, time=164.309 ms, connection=28.904 ms, first byte read=135.296 ms

--- www.google.com HTTP ping statistics --- 
4 requests transmitted, 4 replies received, 0% requests failed
HTTP Round-trip min/avg/max = 153.56/164.05/183.10 ms
HTTP Code [200] responses : [████████████████████] 100.00% 

IP, ASN veya subnet kullanılarak whois bilgilerinin öğrenilmesi

local> whois 9121
TTNET - Turk Telekomunikasyon Anonim Sirketi
+--------------------+-----------+
|      LOCATION      | COVERED % |
+--------------------+-----------+
| Turkey             |   99.9741 |
| United States - AE |    0.0185 |
| Russian Federation |    0.0074 |
| Georgia            |    0.0000 |
| Greece             |    0.0000 |
+--------------------+-----------+

Port taramasının yapılması

local> scan www.google.com -p 1-500
+----------+------+--------+-------------+
| PROTOCOL | PORT | STATUS | DESCRIPTION |
+----------+------+--------+-------------+
| TCP      |   80 | Open   |             |
| TCP      |  443 | Open   |             |
+----------+------+--------+-------------+
Scan done: 2 opened port(s) found in 5.605 seconds

peering bilgilerinin kontrol edilmesi

local> peering 9121
Data provided by www.peeringdb.com
+--------------+---------+------+-------------------------------+------+
|     NAME     | TRAFFIC | TYPE |           WEB SITE            | NOTE |
+--------------+---------+------+-------------------------------+------+
| Turk Telekom |         | NSP  | http://www.turktelekom.com.tr |      |
+--------------+---------+------+-------------------------------+------+
+--------------------------------+--------+--------+----------------+-------------------------+
|              NAME              | STATUS | SPEED  |   IPV4 ADDR    |        IPV6 ADDR        |
+--------------------------------+--------+--------+----------------+-------------------------+
| DE-CIX Frankfurt: DE-CIX       | ok     | 100000 | 80.81.192.82   | 2001:7f8::23a1:0:1      |
| Frankfurt Peering LAN          |        |        |                |                         |
| AMS-IX                         | ok     |  40000 | 80.249.208.241 | 2001:7f8:1::a500:9121:1 |
| AMS-IX                         | ok     |  40000 | 80.249.209.241 | 2001:7f8:1::a500:9121:2 |
+--------------------------------+--------+--------+----------------+-------------------------+

döküm alınabilecek network interfaceslerinin listelenmesi

local> dump -d
+----------+-------------------+--------+-------+--------------------------------+-----------+-----------+--------------+----------+
|   NAME   |        MAC        | STATUS |  MTU  |          IP ADDRESSES          | MULTICAST | BROADCAST | POINTTOPOINT | LOOPBACK |
+----------+-------------------+--------+-------+--------------------------------+-----------+-----------+--------------+----------+
| lo0      |                   | UP     | 16384 | 127.0.0.1/8 ::1/128 fe80::1/64 | ✓         |           |              | ✓        |
| gif0     |                   | DOWN   |  1280 |                                | ✓         |           | ✓            |          |
| stf0     |                   | DOWN   |  1280 |                                |           |           |              |          |
| en0      | ac:bc:32:b4:33:23 | UP     |  1500 | fe80::181b:3d55:e9a2:e3df/64   | ✓         | ✓         |              |          |
|          |                   |        |       | 192.168.0.103/24               |           |           |              |          |
| p2p0     | 0e:bc:32:b4:33:23 | UP     |  2304 |                                | ✓         | ✓         |              |          |
| awdl0    | ee:3a:98:da:44:5c | UP     |  1484 | fe80::ec3a:98ff:feda:445c/64   | ✓         | ✓         |              |          |
| en1      | 4a:00:03:9c:8d:60 | UP     |  1500 |                                |           | ✓         |              |          |
| en2      | 4a:00:03:9c:8d:61 | UP     |  1500 |                                |           | ✓         |              |          |
| bridge0  | 4a:00:03:9c:8d:60 | UP     |  1500 |                                | ✓         | ✓         |              |          |
| utun0    |                   | UP     |  2000 | fe80::ec23:f621:ae74:5271/64   | ✓         |           | ✓            |          |
| utun1    |                   | UP     |  1380 | fe80::d187:7734:49d9:9d84/64   | ✓         |           | ✓            |          |
| vboxnet0 | 0a:00:27:00:00:00 | DOWN   |  1500 |                                | ✓         | ✓         |              |          |
+----------+-------------------+--------+-------+--------------------------------+-----------+-----------+--------------+----------+

TCP ve portu 443 network trafiğinin dinlenmesi

local> dump tcp and port 443 -c 10
Interface: eth0, capture size: 6144 bytes
02:42:08.148 IPv4/TCP  debian.mshome.net.:51500 > 162.241.244.109:443(https) [.], win 387, len: 0
02:42:09.555 IPv4/TCP  162.241.244.109:443(https) > debian.mshome.net.:51500 [.], win 252, len: 0
02:42:35.243 IPv4/TCP  debian.mshome.net.:51500 > 162.241.244.109:443(https) [P.], win 387, len: 31
02:42:35.253 IPv4/TCP  debian.mshome.net.:51500 > 162.241.244.109:443(https) [F.], win 387, len: 0
02:42:36.923 IPv4/TCP  162.241.244.109:443(https) > debian.mshome.net.:51500 [.], win 252, len: 0
02:42:36.933 IPv4/TCP  162.241.244.109:443(https) > debian.mshome.net.:51500 [.], win 252, len: 0
02:42:36.943 IPv4/TCP  162.241.244.109:443(https) > debian.mshome.net.:51500 [F.], win 252, len: 0
02:42:36.953 IPv4/TCP  debian.mshome.net.:51500 > 162.241.244.109:443(https) [.], win 387, len: 0

Siteye ulaşmada kullanılan routeların tespiti

local> trace mertcangokgoz.com
trace route to mertcangokgoz.com (104.31.82.25), 30 hops max
1  DESKTOP-HD8FAHG.mshome.net. (172.25.227.241) 0.747 ms 0.855 ms 0.468 ms
2  192.168.0.1 0.535 ms 0.611 ms 0.574 ms
3  * * *
4  * * *
5  172.25.66.1 10.016 ms 9.648 ms 11.130 ms
6  212.156.66.77.static.turktelekom.com.tr. (212.156.66.77) [ASN 9121/TTNET] 10.485 ms 10.603 ms 9.250 ms
7  195.175.173.236.65-gurpinar-ess1-t4-1.65-van-t3-2.statik.turktelekom.com.tr. (195.175.173.236) [ASN 9121/TTNET] 19.953 ms 5.703 ms 10.970 ms
8  06-ebgp-ulus1-k---06-ulus-xrs-t2-1.statik.turktelekom.com.tr. (81.212.197.37) [ASN 9121/TTNET] 10.339 ms 8.965 ms 7.769 ms
9  302-ams-col-2---06-ulus-xrs-t2-1.statik.turktelekom.com.tr. (212.156.102.133) [ASN 9121/TTNET] 108.629 ms 61.605 ms 54.500 ms
10 81.20.67.193 [ASN 2914/NTT-COMMUNICATIONS-2914] 84.618 ms 69.641 ms 61.392 ms
11 ae-15.r25.amstnl02.nl.bb.gin.ntt.net. (129.250.4.172) [ASN 2914/NTT-COMMUNICATIONS-2914] 78.641 ms 60.193 ms 77.725 ms
12 ae-7.r25.frnkge08.de.bb.gin.ntt.net. (129.250.3.76) [ASN 2914/NTT-COMMUNICATIONS-2914] 140.469 ms 65.352 ms 63.240 ms
13 ae-28.r04.frnkge08.de.bb.gin.ntt.net. (129.250.5.145) [ASN 2914/NTT-COMMUNICATIONS-2914] 68.445 ms 67.177 ms 66.820 ms
14 213.198.81.142 [ASN 2914/NTT-COMMUNICATIONS-2914] 73.474 ms 71.212 ms  *
15 104.31.82.25 [ASN 13335/CLOUDFLARENET] 60.893 ms 121.365 ms 60.972 ms

ön tanımlı mylg yapılandırma dosyasını görmek için

local> show config
set ping     timeout         2s
set ping     interval        1s
set ping     count           4
set hping    timeout         2s
set hping    interval        1s
set hping    method          HEAD
set hping    data            mylg
set hping    count           5
set web      port            8080
set web      address         127.0.0.1
set scan     port            1-1024
set trace    wait            2s
set trace    theme           dark
set snmp     community       public
set snmp     timeout         1s
set snmp     version         2c
set snmp     retries         1
set snmp     port            161
set snmp     securitylevel   noauthnopriv
set snmp     authpass        nopass
set snmp     authproto       sha
set snmp     privacypass     nopass
set snmp     privacyproto    aes
Yorum yap

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir