Читать книгу Kali Linux Penetration Testing Bible - Gus Khawaja - Страница 61

To display the active network connections on your Kali host, you must use the netstat command tool to get the job done. You'll use this command in your post‐exploitation phase to check how the Linux host is communicating with its network.

On our Kali host, we have started the SSH (port 22) and the web (port 80) services; the netstat tool will allow us to see them listening for incoming connections:

root@kali:~# netstat -antu Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp6 0 0 :::80 :::* LISTEN tcp6 0 0 :::22 :::* LISTEN udp 0 0 10.0.0.185:68 10.0.0.1:67 ESTABLISHED

It's essential to understand what each option means:

 ‐a/‐‐all : Display all the sockets. Take note that this option is very verbose; thus, we need to combine it with the following options (to filter the output).

 ‐n/‐‐numeric : Do not resolve names. In the previous command, you saw that the IP address is followed by the port number. If I don't use the ‐n option, then the tool will try to figure out the service name (for example, for 80, it's going to be HTTP instead).

  ‐t/‐‐tcp : Display TCP connections.

 ‐u/‐‐udp : Display UDP connections.