A better command than man, help the software.

Source: Internet
Author: User

Lab Environment:

VMware Workstation 11

Under the centos6.7 system

ip:192.168.244.129 Firewall off Setenforce 0

Putty (SSH remote connection software)



Software Introduction:

What is cheat?

Cheat is an interactive cheat sheet application that is distributed to Linux command line users under the GNU General Public License. It provides a display of Linux command use cases, including all of the options and short but understandable features of the command.




Experimental process:

' Cheat ' has two main dependencies-' Python ' and ' pip ', before installing ' Cheat ', make sure your system has Python and Pip installed.

First, install Pip

[email protected] ~]# Yum install python-pip-y


Second, installation cheat

[[email protected] ~]# pip install  cheatcollecting cheat/usr/lib/python2.6 /site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: insecureplatformwarning: a  true sslcontext object is not available. this prevents urllib3  from configuring ssl appropriately and may cause certain ssl  connections to fail. for more information, see https:// Urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.  insecureplatformwarning   Downloading cheat-2.1.25.tar.gz  (43kB)     100% | ████████████████████████████████| 45kb 111kb/scollecting docopt>=0.6.1  (from cheat )   Downloading docopt-0.6.2.tar.gzCollecting pygments>=1.6.0  (From cheat)   downloading pygments-2.1.3-py2.py3-none-any.whl  (755kB)     100% |████████████████████████████████| 757kB  172kb/sinstalling collected packages: docopt, pygments, cheat  running  setup.py install for docopt  Running setup.py install for  cheatsuccessfully installed cheat-2.1.25 docopt-0.6.2 pygments-2.1.3

Third, how to use the software

[[email protected] ~]# cheat tcpdump# tcpdump is a packet  analyzer. it allows the user to intercept and display tcp/ip#  and other packets being transmitted or received over a  network.  (Cf wikipedia). # note: 173.194.40.120 => google.com# intercepts  all packets on eth0tcpdump -i eth0# Intercepts all packets  from/to 173.194.40.120tcpdump host 173.194.40.120# intercepts all packets  on all interfaces from / to 173.194.40.120 port 80# -nn = > Disables name resolution for IP addresses and port  Numbers.tcpdump -nn -i any host 173.194.40.120 and port 80# make  a grep on tcpdump  (ASCII) # -a  => show only ascii in packets.# -s0 = > by default, tcpdump only captures 68 bytes.tcpdump -i -a  any host 173.194.40.120 and port 80 | grep  ' User-agent ' #  with ngrep# -d eth0 => to force eth0  (else ngrep work  on all interfaces) # -s0 => force ngrep to look at  the entire packet.  (default snaplen: 65536 bytes) ngrep  ' User-Agent '   Host 173.194.40.120 and port 80# intercepts all packets on all  interfaces from / to 8.8.8.8 or 173.194.40.127 on port  80tcpdump  ' host  ( 8.8.8.8 or 173.194.40.127 )  and port 80 '  - i any# intercepts all packets syn and fin of each tcp session.tcpdump  ' tcp[ tcpflags] &  (Tcp-syn|tcp-fin)  != 0 ' # to display syn and fin  packets of each tcp session to a host that is not  on our networktcpdump  ' tcp[tcpflags] &  (tcp-syn|tcp-fin)  != 0  and not src and dst net local_addr ' # to display all  ipv4 http packets that come or arrive on port 80 and  that contain only data  (no syn, fin no, no packet containing  an ack) tcpdump  ' tcp port 80 and  (((ip[2:2] -  (IP[0]&0XF) <<2)  -  ((tcp[12]&0xf0) >>2))  != 0) ' # saving captured  Datatcpdump -w file.cap# rEading from capture filetcpdump -r file.cap# show content in hexa # change -x to -xx => show extra header  (Ethernet). tcpdump  -x# show content in hexa and ascii# change -x to -xx  => show extra header  (Ethernet). Tcpdump -x# note on packet  maching:# port matching:# - portrange 22-23# - not port 22#  - port ssh# - dst port 22# - src port 22## host  matching:# - dst host 8.8.8.8# - not dst host 8.8.8.8#  - src net 67.207.148.0 mask 255.255.255.0# - src net  67.207.148.0/24

You can see that the output is easy to understand and use clearly.


Reference article link: http://os.51cto.com/art/201409/450709.htm


This article from "A few" blog, declined reprint!

A better command than man, help the software.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.