摘要
基于半连接的端口扫描器无需释放连接,不会与目标主机端口建立TCP连接,行为隐蔽,被广泛应用于网络渗透测试的信息探测阶段。文章对Linux/Unix操作系统中内核协议栈由IP层将数据包转发至TCP层的原理进行深入分析,说明半连接端口扫描器的内在理论基础,剖析原始套接字、TCP报头校验和算法,并设计基于半连接的端口扫描器。
A port scanner based on halfconnection neither sets up a TCP connection with the target computer nor releases this connection. For its security reliability, it is widely used in information detection of network penetration tests. This essay expounds the theoretical foundation of a port scanner based on half - connection by analyzing the process of a data package being transmitted from IP layer to TCP layer with the kernel protocol stack of Linux/Unix. In addition,both the raw socket and the algorism of TCP header check sum are deeply analyzed. Finally, this essay also introduces the design of such a port scanner.
出处
《重庆电力高等专科学校学报》
2009年第2期31-34,共4页
Journal of Chongqing Electric Power College
