tcpdump 和 https

tag-icon tag-icon networking tcpdump
tcpdump 和 https

为什么以下命令无法抓取到 Facebook 网站的数据包

sudo tcpdump host facebook.com and dst port 443

但接下来的抢夺

sudo tcpdump host java.com

答案1

https://facebook.com重定向到https://www.facebook.com其 IP 地址与 facebook.com 不同。还有 ssl.facebook.com 但我不确定它的用途:

$ host facebook.com
facebook.com has address 69.171.229.11
facebook.com has address 69.171.224.37
facebook.com has address 66.220.158.11
facebook.com has address 66.220.149.11
facebook.com has address 69.171.242.11
facebook.com has IPv6 address 2a03:2880:10:1f02:face:b00c:0:25
facebook.com has IPv6 address 2a03:2880:2110:3f01:face:b00c::
facebook.com has IPv6 address 2a03:2880:10:8f01:face:b00c:0:25
facebook.com mail is handled by 10 smtpin.mx.facebook.com.

$ host www.facebook.com
www.facebook.com has address 69.171.237.16
www.facebook.com has IPv6 address 2a03:2880:10:1f03:face:b00c:0:25

$ host ssl.facebook.com
ssl.facebook.com is an alias for star.facebook.com.
star.facebook.com has address 69.171.234.39
star.facebook.com has IPv6 address 2a03:2880:10:cf02:face:b00c:0:4

另一方面,对于 java.com,www.java.com 和 java.com 的条目相同:

$ host java.com             
java.com has address 137.254.16.66
java.com mail is handled by 10 mx5.sun.com.
java.com mail is handled by 10 mx6.sun.com.
java.com mail is handled by 10 mx8.sun.com.
java.com mail is handled by 10 mx9.sun.com.

$ host www.java.com                                                                               
www.java.com is an alias for java.com.
java.com has address 137.254.16.66
java.com mail is handled by 10 mx5.sun.com.
java.com mail is handled by 10 mx6.sun.com.
java.com mail is handled by 10 mx8.sun.com.
java.com mail is handled by 10 mx9.sun.com.

相关内容