以前维护测试环境,经常遇到某一个测试或者开发跑压测,乱改数据,乱改配置等等。。总之最终需要我去把环境恢复好,最好不过的是再把这个人给抓出来。。之前是知道nbtstat基本可以根据IP查出对于的netbios名字,这个就能和工号对应起来了。今天发现linux下其实有个类似的命令,netscan,而且还能批量扫描,更为强大。具体的使用man一下就行。
“Human-readable service names” (-h) option cannot be used without verbose (-v) option.Usage:nbtscan [-v] [-d] [-e] [-l] [-t timeout] [-b bandwidth] [-r] [-q] [-s separator] [-m retransmits] (-f filename)|()-v verbose output. Print all names receivedfrom each host-d dump packets. Print whole packet contents.-e Format output in /etc/hosts format.-l Format output in lmhosts format.Cannot be used with -v, -s or -h options.-t timeout wait timeout milliseconds for response.Default 1000.-b bandwidth Output throttling. Slow down outputso that it uses no more that bandwidth bps.Useful on slow links, so that ougoing queriesdon’t get dropped.-r use local port 137 for scans. Win95 boxesrespond to this only.You need to be root to use this option on Unix.-q Suppress banners and error messages,-s separator Script-friendly output. Don’t printcolumn and record headers, separate fields with separator.-h Print human-readable names for services.Can only be used with -v option.-m retransmits Number of retransmits. Default 0.-f filename Take IP addresses to scan from file filename.-f – makes nbtscan take IP addresses from stdin.what to scan. Can either be single IPlike 192.168.1.1 orrange of addresses in one of two forms:xxx.xxx.xxx.xxx/xx or xxx.xxx.xxx.xxx-xxx.Examples:nbtscan -r 192.168.1.0/24Scans the whole C-class network.nbtscan 192.168.1.25-137Scans a range from 192.168.1.25 to 192.168.1.137nbtscan -v -s : 192.168.1.0/24Scans C-class network. Prints results in script-friendlyformat using colon as field separator.Produces output like that:192.168.0.1:NT_SERVER:00U192.168.0.1:MY_DOMAIN:00G192.168.0.1:ADMINISTRATOR:03U192.168.0.2:OTHER_BOX:00U…nbtscan -f iplistScans IP addresses specified in file iplist.