IP和TCP抓包实验
IP和TCP抓包实验
实验拓扑
实验需求:
1.配置IP地址,R1的g0/0口为192.168.1.1/24,R2的g0/0口是192.168.1.2/24
2.开启该链路上R1的g0/0口的抓包
3.通过R1pingR2产生流量,并通过wireshark,查看抓取的ping包的内容
4.在R2上开启ftp服务,并通过R1去访问R2的FTP
5.重新开启wireshark去抓取链路当中FTP的登录名和密码
实验步骤:
1.配置ip信息,实现设备互通
在R1上
<H3C>system-view //进入配置视图
System View: return to User View with Ctrl+Z.
[H3C]sysname R1 //修改设备名为R1
[R1]int g0/0 //进入g0/0接口
[R1-GigabitEthernet0/0]ip address 192.168.1.1 24 //配置相应ip地址
[R1-GigabitEthernet0/0]display ip interface brief //查看所有接口简要信息
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 192.168.1.1/24 -- --
GE0/1 down down -- -- --
GE0/2 down down -- -- --
GE5/0 down down -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R1-GigabitEthernet0/0]
在R2上
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]sysname R2
[R2]int GigabitEthernet 0/0
[R2-GigabitEthernet0/0]ip address 192.168.1.2 24
[R2-GigabitEthernet0/0]display ip interface brief
*down: administratively down
(s): spoofing (l): loopback
Interface Physical Protocol IP address/Mask VPN instance Description
GE0/0 up up 192.168.1.2/24 -- --
GE0/1 down down -- -- --
GE0/2 down down -- -- --
GE5/0 down down -- -- --
GE5/1 down down -- -- --
GE6/0 down down -- -- --
GE6/1 down down -- -- --
Ser1/0 down down -- -- --
Ser2/0 down down -- -- --
Ser3/0 down down -- -- --
Ser4/0 down down -- -- --
[R2-GigabitEthernet0/0]
2.开启链路抓包
3.通过R1pingR2产生流量,并通过wireshark,查看抓取的ping包的内容
在R1上
[R1]ping 192.168.1.2
Ping 192.168.1.2 (192.168.1.2): 56 data bytes, press CTRL+C to break
56 bytes from 192.168.1.2: icmp_seq=0 ttl=255 time=0.786 ms
56 bytes from 192.168.1.2: icmp_seq=1 ttl=255 time=0.402 ms
56 bytes from 192.168.1.2: icmp_seq=2 ttl=255 time=0.420 ms
56 bytes from 192.168.1.2: icmp_seq=3 ttl=255 time=0.463 ms
56 bytes from 192.168.1.2: icmp_seq=4 ttl=255 time=0.470 ms
--- Ping statistics for 192.168.1.2 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.402/0.508/0.786/0.141 ms
[R1]%Mar 12 19:04:08:340 2025 R1 PING/6/PING_STATISTICS: Ping statistics for 192.168.1.2: 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss, round-trip min/avg/max/std-dev = 0.402/0.508/0.786/0.141 ms.
4.在R2上开启FTP服务,用户名为user,密码为admin@12345
在R2上
[R2]ftp server enable //开启ftp服务
[R2]local-user user class manage //创建本地管理用户
New local user added.
[R2-luser-manage-user]password simple admin@12345 //设置明文密码
[R2-luser-manage-user]authorization-attribute user-role level-15 //设置用户等级,此处为最高等级
[R2-luser-manage-user]service-type ftp //将此用户密码用与ftp服务
[R2-luser-manage-user]
5.在R1上访问FTP服务,输入用户名和密码
在R1上
<R1>ftp 192.168.1.2 //登录到R2的FTP服务
Press CTRL+C to abort.
Connected to 192.168.1.2 (192.168.1.2).
220 FTP service ready.
User (192.168.1.2:(none)): user //输入用户名
331 Password required for user.
Password: //密文输入密码
230 User logged in. //登录成功
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> dir //查看R2上ftp服务中的文件
227 Entering Passive Mode (192,168,1,2,86,249)
150 Accepted data connection
drwxrwxrwx 2 0 0 4096 Mar 12 18:47 diagfile
-rwxrwxrwx 1 0 0 43136 Mar 12 18:47 licbackup
-rwxrwxrwx 1 0 0 43136 Mar 12 18:47 licnormal
drwxrwxrwx 2 0 0 4096 Mar 12 18:47 logfile
-rwxrwxrwx 1 0 0 0 Mar 12 18:47 msr36-cmw710-boot-r0424p22.bin
-rwxrwxrwx 1 0 0 0 Mar 12 18:47 msr36-cmw710-system-r0424p22.bin
drwxrwxrwx 2 0 0 4096 Mar 12 18:47 seclog
226 7 matches total
ftp>
6.刷新Wireshark,抓取到FTP的登录名和密码,
