colorizationtraceroute
traceroute 时间:2021-05-17 阅读:(
)
INDEXSymbols&Numbers&&(AND)operator,inBPFsyntax,58tag(HTML),200tag(HTML),198–199tag(HTML),200==(equal-to)comparisonoperator,64!
(NOT)operator,inBPFsyntax,58.
pcapfileformat,48.
Seealsocap-turefileexamples||(OR)operator,inBPFsyntax,58,61802.
11standard,216packetstructure,223–225AACKedLostPacketmessage,84ACKpacket,102,132,167,168duplicate,171–172,179acknowledgmentnumber,inACKpacket,169–170acknowledgmentpacketinDHCP,119activefingerprinting,196–197addressregistries,70AddressResolutionProtocol(ARP),18,86–90gratuitousARP,89–90header,87–88packetstructure,88packets,204reply,86,87,89,148request,86,87,88–89,145,148spoofing,27,205unsolicitedupdatestotable,204addressingfilters,59adhocmode,forwirelessNIC,218,219AdvancedWirelessSettingsdialog,221–222AfriNIC(Africa),70aggregatednetworktap,24–25AirPcapcapturingtraffic,221–222configuring,219–220ControlPanel,220–221AJAX(AsynchronousJavaScriptandXML),139alertsfromIDS,206ALFA1000mWUSBwirelessadapter,219AmericanRegistryforInternetNumbers(ARIN),70analysisstep,insnifferprocess,4AnalyzemenuDisplayFilters,65ExpertInfoComposite,83AND(&&)operator,inBPFsyntax,58andfilterexpressionlogicaloperator,65APNIC(Asia/Pacific),70applicationbaseline,185Applicationlayer(OSI),5archivefile,extracting,39ARIN(AmericanRegistryforInter-netNumbers),70242INDEXARP.
SeeAddressResolutionProtocol(ARP)ARPcachepoisoning,26–30,32attackeruse,202–205cautionon,30associations/dependenciesinapplicationbaseline,186inhostbaseline,185asymmetricrouting,30AsynchronousJavaScriptandXML(AJAX),139attackersexploitation,197–213pingusetodeterminehostaccessibility,108andrandomtextinICMPechorequest,110reconnaissancebypotential,190–197Windowscommandshelluse,201Auroraexploit,197–202authenticationinhostbaseline,185insitebaseline,184Twittervs.
Facebook,140WEPfailed,230successful,229–230WPAfailed,232–233successful,231–232AutomaticScrollinginLiveCaptureoption,56AXFR(fullzonetransfer),127Bbaselinefornetwork,41,183–187applicationbaseline,186hostbaseline,185sitebaseline,184basicservicesetidentifier(BSSID),226beaconpacket,224–225broadcastfromWAP,231benchmarking,ProtocolHierarchyStatisticsfor,71–72BerkeleyPacketFilter(BPF)syntax,58–61BootstrapProtocol(BOOTP),113,116bottleneck,analyzeras,30BPF(BerkeleyPacketFilter)syntax,58–61branchoffice,troubleshootingconnections,155–159broadcastaddress,116broadcastdomain,14–15,18broadcastpacket,14–15broadcasttraffic,insitebaseline,184BSSID(basicservicesetidentifier),226bufferspaceinTCP,173byteoffset,forprotocolfieldfilters,60CCACETechnologies,219Cain&Abel,27–29,236CAM(ContentAddressableMemory)table,12,86CAPSCREENcommand,208–209capturefileexamples80211beacon.
pcap,22480211-WEPauthfail.
pcap,23080211-WEPauth.
pcap,22980211-WPAauthfail.
pcap,23280211-WPAauth.
pcap,231activeosfingerprinting.
pcap,197arp_gratuitous.
pcap,90arppoison.
pcap,202arp_resolution.
pcap,88aurora.
pcap,197dhcp_inlease_renewal.
pcap,120dhcp_nolease_renewal.
pcap,115dns_axfr.
pcap,127dns_query_response.
pcap,122dns_recursivequery_client.
pcap,124dns_recursivequery_server.
pcap,125download-fast.
pcap,79,81download-slow.
pcap,78,80,83facebook_login.
pcap,138facebook_message.
pcap,139INDEX243http_espn.
pcap,140http_google.
pcap,77,82,129http_post.
pcap,131icmp_echo.
pcap,108inconsistent_printer.
pcap,153ip_frag_source.
pcap,95,96ip_ttl_dest.
pcap,95ip_ttl_source.
pcap,94latency1.
pcap,180latency2.
pcap,180latency3.
pcap,181latency4.
pcap,182lotsofweb.
pcap,70,71nowebaccess1.
pcap,145nowebaccess2.
pcap,147nowebaccess3.
pap,150passiveosfingerprinting.
pcap,195ratinfected.
pcap,207stranded_branchdns.
pcap,157stranded_clientside.
pcap,156synscan.
pcap,191tcp_dupack.
pcap,170tcp_handshake.
pcap,102tcp_ports.
pcap,99tcp_refuseconnection.
pcap,105tcp_retransmissions.
pcap,167tcp_teardown.
pcap,104tcp_zerowindowdead.
pcap,177tcp_zerowindowrecovery.
pcap,175–177tickedoffdeveloper.
pcap,159twitter_login.
pcap,134twitter_tweet.
pcap,136udp_dnsrequest.
pcap,106wrongdissector.
pcap,74capturefiles,47–49automaticallystoringpacketsin,54–55conversationsin,colorizing,208merging,49savingandexporting,48capturefilters,56BPFsyntax,58–61sampleexpressions,61–62Capturemenu,Interfaces,53CaptureOptionsdialog,53–54Displayoptions,56enablingnameresolution,73forfiltering,57NameResolutionsection,56Capturesection,forWiresharkpreferences,44capturetype,forAirPcap,220Chanalyzersoftware,217–218channelhopping,216channels,216changingwhenmonitoring,223overlapping,217Chappell,Laura,240Chatcategoryofexpertinformation,82,83CIDR(ClasslessInter-DomainRouting),92Cisco,setspancommand,22Ciscorouter,13ClasslessInter-DomainRouting(CIDR),92clearingfilters,193ClientIdentifierDHCPoptionfield,117clientsinbranchoffice,accesstoWAN,155–159latency,181misconfigured,147closedports,identifying,193–194CloudShark,237ColasoftPacketBuilder,237collectionstep,insnifferprocess,3collisions,onhubnetwork,20colorcodingforpackets,45–46inFollowTCPStreamwindow,77ColoringRuleswindow(Wireshark),45–46colorizationrule,exportingend-pointsto,68colorizingconversations,208Combs,Gerald,35comma-separatedvalues(CSV)filessavingcapturefileas,48transmissiontocentraldatabase,159–163comparisonoperators,64compilingWiresharkfromsource,39–40244INDEXcomputerscommunicationprocess,4–14dataencapsulation,8–10OSImodel,5–8protocols,4screencapturebyattacker,212connectionlessprotocol,105–106ContentAddressableMemory(CAM)table,12,86controlpackets(802.
11),223conversations,68incapturefile,colorizing,208viewing,69ConversationswindowESPN.
comtrafficin,140–141withTCPcommunications,191–192troubleshootingwith,70–71conversionstep,insnifferprocess,3costs,ofpacketsniffers,3CSV(comma-separatedvalues)filessavingcapturefileas,48transmissiontocentraldatabase,159–163CyberEYEremote-accessTrojan(RAT),207Ddataencapsulation,8–10dataflow,haltingwithzerowindownotification,175Datalinklayer(OSI),6,9datapackets(802.
11),224dataset,graphforoverview,79data-transferrateinapplicationbaseline,186insitebaseline,184datatransmission,testingforcorruption,159–163DEB-basedLinuxdistributions,installingWiresharkon,39DecodeAsdialog,74defaultgateway,147attempttofindMACaddressfor,145–146denial-of-service(DoS)attacks,27DepartmentofDefense(DoD)model,5destinationport,forTCP,98–100DHCP.
SeeDynamicHostConfigu-rationProtocol(DHCP)directinstallmethod,forsnifferplacement,31,32directmessaging,inTwitter,137discoverpacketforDHCP,116–117DisplayFilterdialog,65–66displayfilters,56–65sampleexpressions,65saving,65–66dissectionexpertinformationfrom,82–84viewingsourcecode,76DNS.
SeeDomainNameSystem(DNS)DoD(DepartmentofDefense)model,5domaincontroller,andbranchoffice,155–159DomainDossier,239DomainNameSystem(DNS),120–129communicationproblems,157filterfortraffic,142–143name-to-IPaddressmapping,149packetstructure,121–122queries,122–123,142conditionspreventing,149questiontypes,124recursion,124–127resourcerecordtypes,124zonetransfers,127–129DORAprocess,115DoS(denial-of-service)attacks,27dotted-quadnotation,91double-headedpacket,111downloadingNMAPtool,191pagesfromwebserver,129–131pOftool,196WinPcapcapturedriver,37droppingpackets,10dstqualifier,filterbasedon,59INDEX245duplicateACKpacket,83,171–172,179DynamicHostConfigurationProto-col(DHCP),113–120acknowledgmentpacket,119discoverpacket,116–117in-leaserenewal,119–120offerpacket,117–118optionsandmessagetypes,120packetstructure,114–115renewalprocess,115–118requestpacket,118–119Eecho,vs.
ping,109EditmenuPreferences,44,170NameResolution,100SetTimeReference,53emailmessage,withlinktomali-cioussite,197encryption,228endpoints,67–68exporting,tocolorizationrule,68monitoring,204viewing,68–69Endpointswindow,68–69troubleshootingwith,70–71Enterasys,setportmirroringcreatecommand,22ephemeralportgroup,99equal-tocomparisonoperator(==),64Errorcategoryofexpertinformation,82,84ESPN.
comtraffic,140–144Ethereal,35Ethernet,9broadcastaddress,88hub,10networksARPprocessforcomputerson,26–27defaultMTU,95maximumframesize,78switch,rack-mountable,11expertinformation,fromdissection,82–84exportingcapturefiles,48endpointtocolorizationrule,68expression,inBPFsyntax,58extractingarchive,39JPGdatafromWireshark,211–212FFacebookcapturingtraffic,137–139loginprocess,138privatemessagingwith,139vs.
Twitter,140fastretransmission,84,170,172FCSfilter,forAirPcap,220filecarving,212FilterExpressiondialog,63FilterExpressionSyntaxStructure,64–65filters,56–66addressing,59BPFsyntax,58–61clearing,193display,62–65FilterExpressiondialog,63FilterExpressionSyntaxStructure,64–65sampleexpressions,65forDNStraffic,142–143hostnameandaddressing,59portandprotocol,60protocolfield,60–61forSTORcommand,160withSYNscans,192–193wireless-specific,226–228FINflag,103findingpackets,50FindPacketdialog,50fingerprintingoperatingsystems,194–197flowgraphing,82fordatatransmissiontesting,159–160246INDEXFollowTCPStreamfeature,76–77,161–162footer,inpacket,8footprinting,190forceddecode,74–76FragmentOffsetfield,forpackets,96,97frames,maximumsizeonEthernetnetwork,78frequency,filterforspecific,227–228Frequency/Channeldata,forwireless,225full-duplexdevices,11switchesas,20fullzonetransfer(AXFR),127Fyodor,191Ggateway.
SeedefaultgatewayGETrequestpacket(HTTP),130,135,181forFacebook,138GIFfile,totriggerexploitcode,200GNUPublicLicense(GPL),35graphing,79–82flow,82IOgraphs,79–80round-triptime,81gratuitousARP,89–90Hhalf-duplexmode,10half-openscan,190handshakeforTCP,101–103initialsequencenumber,169andlatency,179inTwitterauthenticationprocess,134hardware,Wiresharkrequirements,37.
Seealsonetworkhardwareheaderinpacket,8forARP,87–88forICMP,107forIPv4header,92–93forTCP,98forUDP,106–107help.
Seeprogramsupporthexadecimal,searchingforpacketswithspecifiedvalue,50hexeditor,212HideCaptureInfoDialogoption,56highlatency,166,179–183high-trafficservers,hostbaselinefor,185hostaddress,inIPaddress,91hostbaseline,185hostname,filters,59hostqualifier,forfilter,59hostsfile,149–150hping,239HTTP.
SeeHypertextTransferProtocol(HTTP)HTTPS,134hubbingout,22–23,32hubnetwork,collisionson,20hubs,10–11finding"true,"23sniffingonnetworkwith,19–20HypertextTransferProtocol(HTTP),8–9,129–132browsingwith,129–131postingdatawith,131–132viewingrequests,143–144IIANA(InternetAssignedNumbersAuthority),240ICMP.
SeeInternetControlMes-sageProtocol(ICMP)Identprotocol,193idle/busytraffic,inhostbaseline,185IDS(intrusiondetectionsystem),206IEEE(InstituteofElectricalandElec-tronicsEngineers),216tag(HTML),200in-leaserenewalforDHCP,119–120incrementalzonetransfer(IXFR),127INDEX247installingWireshark,37–41onLinux,39–40onMacOSX,40–41onMicrosoftWindows,37–39InstituteofElectricalandElectron-icsEngineers(IEEE),216interference,betweenwirelesschannels,217InternationalOrganizationforStandardization(ISO),5Internetaccess,troubleshootingconfigurationproblems,144–147unwantedredirection,147–150InternetAssignedNumbersAuthority(IANA),240InternetControlMessageProtocol(ICMP),107–112echorequestsandresponses,108–110header,107ping,95typesandmessages,107InternetExplorer,vulnerabilityin,197InternetProtocol(IP),9,91–97addresses,26,91–92assignments,70dynamicassignment,113–120filteringpacketswithspecificaddress,64finding.
SeeDomainNameSystem(DNS)fragmentation,95–97TimetoLive(TTL),93–95v4header,92–93intrusiondetectionsystem(IDS),206IOgraphs,79–80,209–210IP.
SeeInternetProtocol(IP)IP-to-MACaddressmapping,updat-ingcachewith,89–90IPv6address,filterbasedon,59ISO(InternationalOrganizationforStandardization),5iwconfigcommand,222–223IXFR(incrementalzonetransfer),127JJFIFstring,209JPGfileextractingdatafromWireshark,211–212toinitiateattackcommunication,209–211KKeepAlivemessage,84keep-alivepackets,175,177–178,179keys,forSSL,135Kismet,216Kozierok,Charles,TheTCP/IPGuide,240LLAN(localareanetworks),91latency,166locatingframework,182–183locatingsourceofhigh,179–183clientlatency,181normalcommunications,180serverlatency,182wirelatency,180–181layer2addresses,26layer8issue,7leases,fromDHCP,119–120LEDlightsonAirPcap,blinking,220libpcap/WinPcapdriver,19,239Linuxdefaultnumberofretransmis-sionattempts,167hostsfileexamination,150installingWiresharkon,39–40sniffingwirelessly,222–223tracerouteutility,112localareanetworks(LAN),91location,forpacketsniffer,17–18,31–32logicaladdresses,9,86logicaloperatorsinBPFsyntax,58forcombiningfilterexpressions,64–65248INDEXloginprocessforFacebook,138forTwitter,134–135lowlatency,166MMACaddress,26,86ARPand,18attempttofindfordefaultgateway,145–146filterbasedon,59nameresolution,73MACAddressScannerdialog(Cain&Abel),28MacOSX,installingWiresharkon,40–41mailinglists,forprogramsupport,3makecommand,40malwareredirectinguserstowebsiteswithmaliciouscode,150riskofinfection,150man-in-the-middleattacks,140,202managedmode,forwirelessNIC,218,219managedswitches,11managementpackets(802.
11),223mappingpath,110–112markingpackets,51mastermode,forwirelessNIC,218,219maximumtransmissionunit(MTU),andpacketfragmentation,95MD5hashes,162–163mergingcapturefiles,49MessageTypeDHCPoptionfield,116messagetypes,forDHCP,120messagingmethods,Twittervs.
Facebook,140MetaGeek,217MicrosoftWindowscommandshell,attackeruse,201defaultnumberofretransmis-sionattempts,167hostsfileexamination,150installingWiresharkon,37–39sniffingwirelessly,219–222mission-criticalservers,hostbase-linefor,185monitormodeforwirelessNIC,218,219enablinginLinux,222–223monitorport,fornonaggregatedtaps,25MoreFragmentsfield,forpackets,96,97MTU(maximumtransmissionunit),andpacketfragmentation,95multicasttraffic,15Nnameresolution,72–74NameResolutionsection,forWire-sharkpreferences,44namespace,forDNSservermanagement,127Netdude,236netmask(networkmask),91–92networkaddress,inIPaddress,91networkbaselining,183–187networkdiagrams,31networkendpoints,67–68.
Seealsoendpointsnetworkhardware,10–14hubs,10–11routers,12–14switches,11–12taps,24–26networkinterfacecardpromiscuousmodesupport,18–19wirelesscardmodes,218–219Networklayer(OSI),6networkmaps,31networkmask(netmask),91–92NetworkMiner,238networknameresolution,73networkspacketlevelassourceofproblems,1trafficclassifications,14–15INDEX249trafficflow,14understandingnormaltraffic,85networktap,24–26,32ngrep,238NMAPtool,191,197NoErrorMessagesmessage,84nonaggregatednetworktap,24,25–26Nortel,port-mirroringmodemirror-portcommand,22NOT(!
)operator,inBPFsyntax,58Notecategoryofexpertinformation,82,83notfilterexpressionlogicaloperator,65Novak,Judy,240OOfferpacketinDHCP,117–118OmniPeek,2one-waylatency,166openports,identifying,193–194operatingsystems.
SeealsoLinux;MacOSX;MicrosoftWindowsfingerprinting,194–197sniffersupport,3Wiresharksupport,37OperationAurora,197–202OR(||)operator,inBPFsyntax,58,61orfilterexpressionlogicaloperator,65OSImodel,5–8outoflease,119Out-of-Ordermessage,84oxid.
it,27Ppacketanalysis,2tools,235–239webresources,239–240PacketBytespane(Wireshark),43packetcapture,41–42.
Seealsocap-turefileexamplesPacketDetailspane(Wireshark),43,153ApplicationDatainInfocolumn,135retransmissionpacketinformation,168PacketListpane(Wireshark),43,74,153addingcolumnsto,203,225–226forfilter,160retransmissionsin,168packetscolorcoding,45–46dropping,10finding,50fragmentation,95–97length,78–79mappingpath,110–112marking,51printing,51–52SYNflag,148–149termdefined,8wirelesstypes,filteringspecific,227packetsniffersevaluating,2–3guidelines,32howtheywork,3–4positioningfordatacapture,17–18,31–32packetsniffing,2.
SeealsopacketanalysisPacketstanblog,240packettimereferencing,52,53ParameterRequestListDHCPoptionfield,117passivefingerprinting,194–196.
pcapfileformat,48.
Seealsocap-turefileexamplespcapr,237–238PDFfile,printingpacketsto,51PDU(protocoldataunit),8performance,165–187.
Seealsolatencynetworkbaselining,183–187SelectiveACKand,172250INDEXPerl,239physicaladdresses,86Physicallayer(OSI),5,6,9pingutility,108plaintext,savingcapturefileas,48pOftool,196Poor,Mike,240portmirroring,21–22,32forcheckingfordatacorruption,159fortroubleshootingprinter,153port-mirroringmodemirror-portcom-mand(Nortel),22portsattackerresearchon,190attackers'effortstodetermineopen,190blockingtraffic,158filterbasedon,60filtertoshowalltrafficusingspecific,192filteringpacketcaptureby,57filterstoexclude,60forHTTP,130identifyingopenandclosed,193–194listofcommon,101forTCP,99–101portspanning,21.
SeealsoportmirroringpostingdatawithHTTP,131–132POSTmethod,132forFacebook,139fortweet,136POSTpacket(HTTP),131PostScript,savingcapturefileas,48Preferencesdialog(Wireshark),44NameResolutionsection,100Protocolssection,170Presentationlayer(OSI),5PreviousSegmentLostmessage,84primitives,inBPFsyntax,58Printdialog,51printingpackets,51–52Printingsection,forWiresharkpref-erences,44privacy,ofTwitterdirectmessages,137privatemessaging,withFacebook,139problems.
Seetroubleshootingprogramsupportevaluating,3forWireshark,37promiscuousmode,3networkinterfacecardsupportfor,18–19protocolanalysis,2.
Seealsopacketanalysisprotocoldataunit(PDU),8protocolfieldfilters,60–61ProtocolHierarchyStatistics,71–72,141–142,184protocols,4inapplicationbaseline,186colorcodinginWireshark,45–46dissection,74–76filterbasedon,60inhostbaseline,185lower-layer,85–112AddressResolutionProtocol(ARP),86–90InternetControlMessageProtocol(ICMP),107–112InternetProtocol(IP),91–97TransmissionControlProtocol(TCP),98–105UserDatagramProtocol(UDP),105–107andOSImodel,6packetsnifferevaluationand,2insitebaseline,184supportbyWireshark,37upper-layer,113–132DomainNameSystem(DNS),120–129DynamicHostConfigurationProtocol(DHCP),113–120HypertextTransferProtocol(HTTP),129–132INDEX251Protocolssection,forWiresharkpreferences,44protocolstack,4publicforums,forprogramsupport,3Python,239Qqualifiers,inBPFsyntax,58queriesinDNS,122–123,142conditionspreventing,149Rrack-mountableEthernetswitch,11RAT(remote-accessTrojan),206–213reassembly,forpacketsinFTP-DATAstream,160–161receivewindow,173adjustingsize,174,176haltingdataflow,175ReceivedSignalStrengthIndica-tion(RSSI),225reconnaissancebypotentialattacker,190–197redirection,troubleshootingunwanted,147–150remote-accessTrojan(RAT),206–213remoteserver,lackofresponse,152repeatingdevice,hubas,10ReplayCounterfield,232report-generationmodule,freevs.
commercialsniffers,3RequestforComments(RFC)791,onInternetProtocolv4,91792,onICMP,107793,onTCP,98826,onARP,86DNS-related,120requestpacket,8inDHCP,118–119RequestedIPAddressDHCPoptionfield,117resourcerecordsinDNSservers,120retransmissionpackets,154,166–169,178–179retransmissiontimeout(RTO),154,166,168retransmissiontimer,166RFC.
SeeRequestforComments(RFC)RingBufferWithoption,55RIPE(Europe),70Riverbed,219RJ-45ports,10round-triptime(RTT),166graphing,81routedenvironment,sniffingon,30–31routers,12–14forconnectingLANs,91RPM-basedLinuxdistributions,installingWiresharkon,39RSSI(ReceivedSignalStrengthIndication),225RSTflag,148–149RTO(retransmissiontimeout),154,166,168RTT(round-triptime),166graphing,81SSanders,Chris,blog,240SANSSecurityIntrusionDetectionIn-Depthcourse,239–240savingcapturefiles,48displayfilters,65–66fileset,55Scapy,236screencapture,ofvictimcomputer,212tag(HTML),198–199secondaryDNSserver,127SecureSocketLayer(SSL),74overHTTP,134–135securityforwireless,189–213,228–233forbaseline,187exploitation,197–213252INDEXsecurityforwireless(continued)reconnaissance,190–197remote-accessTrojan,206–213screencapturebyattacker,212Twitterand,136–137WEPauthenticationfailed,230successful,229–230WPAauthenticationfailed,232–233successful,231–232SelectiveAcknowledgmentfeature,172sequencenumbers,inTCPpacket,169serverlatency,182Sessionlayer(OSI),5setportmirroringcreatecommand(Enterasys),22setspancommand(Cisco),22sitebaseline,184slidingwindowmechanism(TCP),173,175–178slownetwork.
SeeperformanceSniffertab(Cain&Abel),28sniffingthewire,17Snortproject,202socialnetworking,packetsfor,134–140sourcecodefordissector,viewing,76sourceport,forTCP,99,100tag(HTML),200spearphishing,197spectrumanalyzer,217srcqualifier,filterbasedon,59SSL(SecureSocketLayer),74overHTTP,134–135standardportgroup,99startup/shutdowninapplicationbaseline,186inhostbaseline,185StatisticsmenuConversations,69,140–141FlowGraph,82,159HTTP,143IOGraphs,79PacketLengths,78ProtocolHierarchy,71,141–142Summary,143TCPStreamGraph,RoundTripTimeGraph,81Statisticssection,forWiresharkpreferences,44stealthscan,190Stevens,Richard,TCP/IPIllustrated,240StopCapturesettings,55STORcommand(FTP),160subnetmask,91–92Summarywindow,143–144switches,11–12sniffingonnetworkwith,20–30ARPcachepoisoning,26–30hubbingout,22–23portmirroring,21–22usingtap,24–26SYN/ACKpacket,102SYNpacket,102,148–149,151–152lackofresponse,158response,180SYNscans,190–194filterswith,192–193Ttarcommand,39TCP.
SeeTransmissionControlProtocol(TCP)tcpdump,2,235–236TCP/IP,addressresolutionprocess,86TCP/IPGuide(Kozierok),240TCP/IPIllustrated(Stevens),240Tcpreplay,238terminatingTCPconnection,148–149three-wayhandshakeforTCP,101–103initialsequencenumber,169andlatency,179inTwitterauthenticationprocess,134throughputgraphing,79ofportsbeingmirrored,22INDEX253TimeDisplayFormats,52TimetoLive(TTL),93–95Traceroute,110–112trafficsignatures,202TransmissionControlProtocol(TCP),8–9,98–105bufferspace,173capturingonlypacketswithRSTflagset,61DNSand,127,157–158duplicateacknowledgments,169–172error-recoveryfeatures,166–172retransmission,166–169expertinfomessagesconfig-uredfor,83–84flowcontrol,173–178followingstreams,76–77header,98HTTPand,129–130learningfromerror-andflow-controlpackets,178–179resets,104retransmissionpackets,83,154slidingwindowmechanism,173,175–178SYNscan,190–194teardown,103–104terminatingconnection,148–149three-wayhandshake,101–103initialsequencenumber,169andlatency,179inTwitterauthenticationprocess,134TransmissionRate(TXRate),forwireless,225Transportlayer(OSI),6,8–9transportnameresolution,73triggerforexploitcode,GIFfilefor,200troubleshootingbranchofficeconnections,155–159developertensions,159–163withEndpointsandConversa-tionswindows,70–71latency,178–179noInternetaccessfromconfigurationproblems,144–147fromunwantedredirection,147–150fromupstreamproblems,150–153printerinconsistency,153–155slownetworks,166wirelesssignalinterference,217TTL(TimetoLive),93–95Twittercapturingtraffic,134–137directmessaging,137vs.
Facebook,140loginprocess,134–135sendingdata,136–137TXRate(TransmissionRate),forwireless,225UUbuntu,installingWiresharkon,39UDP.
SeeUserDatagramProtocol(UDP)unicastpacket,15unmarkingpackets,51UpdateListofPacketsinRealTimeoption,56uploadingdatatowebserver,131–132upstreamproblems,troubleshoot-inglackofInternetaccessfrom,150–153UserDatagramProtocol(UDP),105–107,157DHCPand,116DNSand,123header,106–107andlatency,182user-friendlinessofpacketsniffers,3ofWiresharkinterface,37UserInterfacesection,forWire-sharkpreferences,44userprivileges,forpromiscuousmode,19USERrequestcommand(FTP),fil-terfortraffic,160–161254INDEXVviewingconversations,69endpoints,68–69ViewmenuTimeDisplayFormat,52,53,154–155SecondsSincePreviousDis-playedPacket,179visibilitywindow,20,21WWAN(wideareanetwork),branchofficeaccess,156WAP(WirelessAccessProtocol)beaconpacket,231broadcastpacketfrom,224Warningcategoryofexpertinfor-mation,82,84webresourcesonDHCPoptions,120DNS-relatedRFCs,120onDNSresourcerecordtypes,124onintrusiondetectionandattacksignatures,202onpacketanalysis,239–240onpacketanalysistools,236–239onwirelesscapturefilters,228webserverdownloadingpagesfrom,129–131uploadingdatato,131–132websites,capturingtraffic,140–144WEP.
SeeWiredEquivalentPrivacy(WEP)WHOISutility,70wideareanetwork(WAN),branchofficeaccess,156Wi-FiProtectedAccess(WPA),228authenticationfailed,232–233successful,231–232WindowisFullmessage,84Windows.
SeeMicrosoftWindowsWindowscommandshell,attackeruse,201WindowsSizefield,175–176WindowUpdatemessage,83Windump,235–236WinHex,212WinPcapcapturedriver,37WiredEquivalentPrivacy(WEP),228authenticationfailed,230successful,229–230configurationwithAirPcap,220wirelatency,180–181WirelessAccessProtocol(WAP)beaconpacket,231broadcastpacketfrom,224wirelesspacketanalysis,215–233802.
11packetstructure,223–225addingcolumnstoPacketListpane,225–226filtersspecificto,226–228NICmodes,218–219physicalconsiderations,216–217signalinterference,217sniffingchannelatatime,216security,228–233failedWEPauthentication,230failedWPAauthentication,232–233successfulWEPauthentica-tion,229–230successfulWPAauthentica-tion,231–232sniffinginLinux,222–223inWindows,219–222WiresharkUniversity,240WiresharkandAirPcap,221benefits,36–37fundamentals,41–46firstpacketcapture,41–42mainwindow,42–43preferences,43–44hardwarerequirements,37history,35–36INDEX255homepage,239installing,37–41onLinux,39–40onMacOSX,40–41onMicrosoftWindows,37–39libpcap/WinPcapdriver,19,239relativesequencenumbers,170Wi-Spy,217WPA(Wi-FiProtectedAccess),228authenticationfailed,232–233successful,231–232XXML,savingcapturefileas,48xorfilterexpressionlogicaloperator,65ZZeroWindowmessage,84zerowindownotification,175,176,179ZeroWindowProbemessage,83,84zonetransfersforDNS,127riskfromallowingaccesstodata,128failed,158
昔日数据怎么样?昔日数据新上了湖北十堰云服务器,湖北十堰市IDC数据中心 母鸡采用e5 2651v2 SSD MLC企业硬盘 rdid5阵列为数据护航 100G高防 超出防御峰值空路由2小时 不限制流量。目前,国内湖北十堰云服务器,首月6折火热销售限量30台价格低至22元/月。(注意:之前有个xrhost.cn也叫昔日数据,已经打不开了,一看网站LOGO和名称为同一家,有一定风险,所以尽量不要选择...
由于行业需求和自媒体的倾向问题,对于我们个人站长建站的方向还是有一些需要改变的。传统的个人网站建站内容方向可能会因为自媒体的分流导致个人网站很多行业不再成为流量的主导。于是我们很多个人网站都在想办法进行重新更换行业,包括前几天也有和网友在考虑是不是换个其他行业做做。这不有重新注册域名重新更换。鉴于快速上手的考虑还是采用香港服务器,这不腾讯云和阿里云早已不是新账户,考虑到新注册UCLOUD账户还算比...
极光KVM怎么样?极光KVM本月主打产品:美西CN2双向,1H1G100M,189/年!在美西CN2资源“一兆难求”的大环境下,CN2+大带宽 是很多用户的福音,也是商家实力的象征。目前,极光KVM在7月份的促销,7月促销,美国CN2 GIA大带宽vps,洛杉矶联通cuvip,14元/月起;香港CN2+BGP仅19元/月起,这次补货,机会,不要错过了。点击进入:极光KVM官方网站地址极光KVM七月...
traceroute为你推荐
University163documentcssparticipants37支持ipad支持ipad支持ipad您的iphonewin10关闭445端口win10怎么关闭445的最新相关信息ipad上网新买的ipad怎么用。什么装程序 怎么上网phpecho为什么在PHP中使用echo FALSE;什么也输出不了?应该如何输出FALSE?谢谢!
虚拟主机代理 国内vps 域名备案只选云聚达 东莞电信局 jsp主机 精品网 免备案cdn 网络星期一 tk域名 绍兴高防 帽子云 空间论坛 北京双线 卡巴斯基试用版 常州联通宽带 英雄联盟台服官网 谷歌台湾 域名和主机 97rb 美国vpn服务器 更多