Use TTL to identify the operating system
First, the introduction of ping ping command to check the target IP address to arrive and record the result. The ping command displays the time required to respond to the target and the time required to receive the reply. If there is an error during delivery to the target, the ping command will display an error message. ICMP Echo (Type 8) and Echo Reply (Type 0) We use an ICMP ECHO packet to detect whether host address Host B survive (of course, the host is not configured to filter ICMP form) by simply sending an ICMP ECHO (Type 8 Packets to Target Hosts If ICMP Echo Reply (ICMP Type 0) Packet Host A can be accepted, the host is a living state. If you don't have to judge that the host does not have online or use some filter devices to filter the replement of ICMP. ----------------------------------- -------------- | | | ------- ------- | | | | | | | | | Host | --------------------------> | Host | | | | | | | | | | ------------------------- | | | | | iMP echo reply | | | | ------- - ----- | | | ------------------------------------------------------------------------------------------------------------------ ---------------------- This mechanism is what we usually use to detect whether the target host can ping. Typical examples C: /> ping 192.168.0.1 32 bytes of data: reply from 192.168.0.1: bytes = 32 TIME <10ms TTL = 128 reply from 192.168.0.1: Bytes = 32 TIME <10MS TTL = 128 reply from 192.168.0.1: bytes = 32 TIME <10ms TTL = 128 reply from 192.168.0.1: bytes = 32 TIME <10ms TTL = 128 ping statistics for 192.168.0.1: packets: SENT = 4, Received = 4, Lost = 0 (0% loss), Approximate Round Trip Times in Milli-Seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms II, Note TTL TTL: The Survival Time Specifies the number of network segments allowed by the router to be discarded. The TTL is set by the send host to prevent the packet from constantly cycle on the IP interconnection network. When forwarding the IP packet, the router is required to reduce TTL at least 1. The ICMP packet type involved in PIN is an ICMP request returns (ICMP Echo Request) One ICMP Echo Reply 3, and TTL field values can help us identify operating system types.