Momwe mungasewere mapaketi ndi zomwe zili ndi tcpdump? ▷➡️

‌ Momwe mungasefe ⁤paketi ndi zomwe zili ⁢ndi tcpdump?

Kusanthula kwa paketi ndi njira yofunika kwambiri pamakompyuta apakompyuta. Tcpdump ndi chida cholamula chomwe chimatilola kujambula ndikuwunika mapaketi pamaneti. Chimodzi mwazinthu zamphamvu kwambiri za tcpdump ndikutha kusefa mapaketi ndi zomwe zili. M'nkhaniyi, tiwona momwe⁢ tingagwiritsire ntchito tcpdump kusefa mapaketi ndi ⁤ zomwe zili bwino.

- Kodi tcpdump ndi chiyani ndipo imagwira ntchito bwanji?

TCPDump ndi chida cholamula chomwe chimakulolani kuti mugwire ndikusanthula mapaketi a netiweki pamakina ogwiritsira ntchito a Unix. Ntchito yake ⁢kutengera kujambula⁤ mapaketi onse⁤ omwe amadutsa pa intaneti ndi⁤ kuwonetsa zambiri za iwo, monga ma adilesi a IP ndi komwe akupita, ma protocol omwe amagwiritsidwa ntchito,⁤ madoko omwe ali nawo, ndi zomwe zili m'paketi.

Chimodzi mwazinthu zodziwika bwino za TCPDump ndi kuthekera kwake zosefera mapaketi ndi zomwe zili. Izi zikutanthauza kuti mutha kufotokoza njira zina kuti mutenge mapaketi okha omwe amakwaniritsa zinthu zina. Mwachitsanzo, mutha kusefa mapaketi okhawo omwe ali ndi mawu enaake m'nkhani zawo, kapena mapaketi okha ochokera ku adilesi inayake ya IP. Izi ndizothandiza makamaka mukafuna kusanthula kapena kuyang'anira mtundu wina wa kuchuluka kwa magalimoto pamaneti.

Kuti mugwiritse ntchito kusefa zomwe zili mu TCPDump, mawu okhazikika amagwiritsidwa ntchito pogwiritsa ntchito mawu akuti "syntax" ndipo amakupatsani mwayi wofotokozera zomwe zili m'mapaketi. Mukangojambula mapaketi, TCPDump imawayerekeza ndi mawu okhazikika ndikuwonetsa okhawo omwe akufanana ndi mawonekedwe omwe atchulidwa.. Izi zimalola kusanthula kwachangu komanso koyenera kwa mapaketi achidwi, osayang'ana kuchuluka kwa magalimoto onse. Kumbukirani kuti mawu ⁢wamba amatha kukhala ovuta, choncho ndikofunikira kudziwa bwino mawu awo ndikuwagwiritsa ntchito mosamala.

- Kusefa mapaketi ndi zomwe zili: chifukwa chiyani kuli kofunikira?

Kusefa mapaketi ndi zomwe zili ndi ntchito yofunikira kwa woyang'anira maukonde aliyense. Zimakuthandizani kuti muwone zomwe zili m'mapaketi a data omwe akuzungulira pa netiweki ndikuchitapo kanthu potengera zomwe zapezeka. Kuthekeraku ⁣ndikofunikira ⁢kuwonetsetsa chitetezo cha netiweki ndi magwiridwe antchito. Pali zida zingapo zomwe zingapezeke zosefera zamtunduwu, imodzi mwazo ndi tcpdump.

tcpdump ndi chida cholamula chomwe chimagwiritsidwa ntchito kujambula ndi kusanthula mapaketi a netiweki. Ndizothandiza kwambiri pakusefa mapaketi ndi zomwe zili, chifukwa zimatilola kukhazikitsa malamulo ndi mikhalidwe yeniyeni kuti tigwire mapaketi okhawo omwe ali okhudzana ndi zosowa zathu. Chifukwa cha kusefa kwake, tcpdump imatilola kusanthula zomwe zili m'mapaketi ndikupanga zisankho kutengera chidziwitsocho.

Kusefa mapaketi ndi zomwe zili ndikofunikira pazifukwa zingapo. Choyambirira, kumatithandiza kuzindikira ndi kupewa magalimoto osayenera kapena oipa, monga kuyesa kulowerera, ma virus kapena pulogalamu yaumbanda. Komanso, zimatithandiza kuti tizitha kulamulira kwambiri deta yomwe imazungulira maukonde athu,⁢ zomwe zimamasulira ku a magwiridwe antchito ndi chitetezo chokulirapo. Pomaliza, kusefa ndi zomwe zili ndizothandizanso kusanthula ndi kuthetsa mavuto a netiweki, popeza titha kuyang'ana zomwe zili m'maphukusi ndi⁢ kudziwa chomwe chimayambitsa kulephera kapena zochitika.

Zapadera - Dinani apa Momwe mungapangire maukonde apanyumba

- Syntax ndi zosankha zosefera mapaketi ndi tcpdump

Syntax ndi zosankha zosefera mapaketi okhala ndi tcpdump

TCPDump Syntax: Lamulo la tcpdump limagwiritsidwa ntchito kujambula ndi kusanthula kuchuluka kwa maukonde pa Unix. Kusefa mapaketi ndi zomwe zili, muyenera kugwiritsa ntchito "-s" njira yotsatiridwa ndi fyuluta yomwe mukufuna kugwiritsa ntchito. ⁤Mwachitsanzo, ngati mukufuna kusefa mapaketi omwe ali ndi mawu oti "password", lamulo lingakhale: tcpdump⁤ -s "chinsinsi".
⁤

Zosefera wamba: tcpdump imapereka zosefera zingapo zomwe zimakulolani kuti musinthe makonda anu pazosefera zomwe zimakonda kwambiri ndi:

- Wokonda: kumakupatsani mwayi kuti musefe ndi ⁢IP adilesi kapena dzina la domain.
- Port: zimakupatsani mwayi kuti musefa ndi gwero kapena polowera komwe mukupita.
- Net: kumakupatsani mwayi wosefa ndi adilesi ya IP kapena ma adilesi osiyanasiyana a IP.
- Ndondomeko: imakupatsani mwayi wosefa ndi protocol ya netiweki, monga TCP, UDP kapena ICMP.

Zosankha Zapamwamba: Kuphatikiza pazosefera zoyambira, tcpdump imaperekanso zosankha zapamwamba zosefera mapaketi. Zina⁢ mwa⁢ zosankhazi zikuphatikiza:

- src: kumakupatsani mwayi wosefa ndi adilesi ya IP.
- dst: kumakupatsani mwayi kusefa potengera adilesi ya IP.
– osati: amakulolani kukana zosefera, kupatula phukusi lomwe limakwaniritsa zomwezo.
- ndi: limakupatsani mwayi wophatikiza zosefera zingapo kuti mufufuze mwachindunji.

Podziwa ma syntaxes awa⁤ndi zosankha zosefera mapaketi ndi tcpdump, mudzatha kuchita bwino komanso kusanthula makonda anu amtaneti⁢. Kumbukirani kuti tcpdump ndi chida champhamvu kwambiri, chifukwa chake ndikofunikira kumvetsetsa momwe mungagwiritsire ntchito zosefera ndi zosankha kuti mupeze zotsatira zomwe mukufuna. Yesani ndikupeza mwayi wonse womwe tcpdump imapereka!

- Sefa mapaketi ndi protocol ndi adilesi ya IP

Kusefa ⁢mapaketi ndi protocol ⁤ndi IP adilesi⁢ pogwiritsa ntchito wcputu,⁤ tiyenera kugwiritsa ntchito njira zoyenera popereka lamulo. Monga sitepe yoyamba, ngati tikufuna⁤ kusefa ndi protocol, titha kutchula ndondomeko yomwe tikufuna pogwiritsa ntchito njirayo. -p motsatiridwa ndi dzina⁢ la protocol. Mwachitsanzo, ngati tikufuna kusefa mapaketi omwe amagwirizana ndi protocol ya ICMP, tingagwiritse ntchito tcpdump -p icmp.⁣ Mwanjira iyi, tcpdump imangowonetsa mapaketi omwe amagwirizana ndi protocol imeneyo.

Ngati tikufuna kusefa mapaketi ndi adilesi ya IP, tcpdump imatilola kutero pogwiritsa ntchito njirayo -n kutsatiridwa ndi adilesi ya IP yomwe mukufuna. Mwachitsanzo, ngati tikufuna kusefa mapaketi okha omwe ali ndi adilesi ya IP 192.168.1.100, titha kugwiritsa ntchito tcpdump -n src ⁤host 192.168.1.100. Mwanjira iyi, tcpdump imangowonetsa mapaketi omwe amakwaniritsa adilesi ya IP.

Kuphatikiza pa kusefa ndi adilesi ya IP ndi protocol payekhapayekha, titha kuphatikizanso njira zonse ziwiri kuti tikwaniritse kusefa kolondola. Kuti tichite izi, tidzagwiritsa ntchito zosankha -p ndi -n palimodzi, kutsatiridwa ndi ⁢ma protocol⁤ ndi ⁤maadiresi a IP omwe mukufuna. Mwachitsanzo, ngati tikufuna kusefa mapaketi omwe amagwirizana ndi protocol ya UDP ndikukhala ndi magwero a IP adilesi 192.168.1.100, titha kugwiritsa ntchito. tcpdump -p udp ndi src host 192.168.1.100. Izi zitithandiza kupeza ⁤maphukusi omwe amakwaniritsa zonse ziwiri nthawi imodzi.

Zapadera - Dinani apa Momwe mungatumizire mauthenga osadziwika mu Messenger

-Kusefa ndi gwero ndi kopita doko⁢

TCPDUMP ndi chida cha mzere wa malamulo chomwe chimalola oyang'anira maukonde kuti agwire ndikuwunika kuchuluka kwa magalimoto. munthawi yeniyeni. Chimodzi mwazinthu zothandiza kwambiri za TCPDUMP ndikutha zosefera mapaketi ndi zomwe zili, zomwe zimatilola kuwunika mozama za kuchuluka kwa magalimoto pa netiweki⁤ ndikupeza zambiri. M'nkhaniyi, tifotokoza momwe tingasefe mapaketi koyambira ndi kopita, yomwe ingakhale yothandiza pozindikira zovuta zapaintaneti, kuzindikira zochitika zokayikitsa, kapena kungosefa kuchuluka kwa magalimoto kuti muwunikenso.

Zosefera ndi ⁢ koyambira ndi kopita ⁤imatilola kusankha* mapaketi omwe amachokera kapena⁤ amalunjikitsidwa kudoko linalake pa adilesi ya IP. Izi ndizothandiza makamaka tikafuna kuyang'ana pamtundu wina wa kuchuluka kwa magalimoto, monga magalimoto akuchokera kapena kupita ku ntchito inayake kapena pulogalamu inayake. Mwachitsanzo, ngati tikufuna kusanthula kuchuluka kwa magalimoto a HTTP kuchokera pa netiweki yathu, titha kugwiritsa ntchito fyuluta ya "tcp port 80" kuti tigwire mapaketi okha omwe amagwiritsa ntchito port 80 ngati poyambira. Mwanjira iyi, titha kupeza zokhazokha zokhudzana ndi kusanthula kwathu.

Kusefa ndi koyambira ndi kopita Ndi TCPDUMP, titha kugwiritsa ntchito -d njira yotsatiridwa ndi nambala ya doko yomwe tikufuna kusefa. Mwachitsanzo, ngati tikufuna kusefa mapaketi omwe amachokera kapena kupita ku doko 22, lomwe ndi doko lokhazikika la protocol ya SSH, titha kugwiritsa ntchito lamulo ili: tcpdump -d doko 22. Izi zitiwonetsa mapaketi okha omwe amagwiritsa ntchito port 22 ngati gwero kapena doko lofikira. Titha kuphatikiza zoseferazi ndi zosefera zina zomwe zilipo mu TCPDUMP kuti tidziwe zambiri za kuchuluka kwa maukonde omwe tikufuna kuwunika.

- Kusefa kwapamwamba kwambiri ndi mawu okhazikika

Chimodzi mwazinthu zapamwamba kwambiri komanso zothandiza za ⁢ wcputu ndi luso zosefera ⁢paketi za zomwe zili. Izi zimatheka pogwiritsa ntchito ⁢ mawu okhazikika⁤, zomwe zimalola kuti njira zofufuzira zovuta komanso zodziwika bwino zifotokozedwe⁤.

Mukamagwiritsa ntchito ⁤ mawu okhazikika, titha kusefa mapaketi⁤ kutengera ‍ mndandanda uliwonse wamalemba kupezeka mwa iwo, monga ma adilesi a IP, madoko, mayina olandila, kutsatizana kwapadera, pakati pa ena. Izi ndizothandiza makamaka mukafuna kusanthula kuchuluka kwa magalimoto⁤ mu netiweki.

Kuti mugwiritse ntchito mawu wamba mu wcputu, tiyenera kugwiritsa ntchito njira -s kutsatiridwa ndi zomwe mukufuna kufufuza. Mwachitsanzo, ngati tikufuna kusefa mapaketi omwe ali ndi chingwe "http" ⁤muzolemba, titha kugwiritsa ntchito ⁤command: ⁤ tcpdump -s «http».

- Kujambula ndi kusanthula mapaketi otayidwa ndi tcpdump

Kujambula ndi kusanthula mapaketi otayidwa ndi tcpdump

TCPDump ndi chida cholamula chomwe chimagwiritsidwa ntchito kwambiri kujambula ndi kusanthula mapaketi a netiweki pamakina a Unix. Ndi TCPDump, ndizotheka kujambula mapaketi onse akudutsa pa intaneti yeniyeni ndikusunga mu fayilo kuti muwunikenso pambuyo pake. .

Zapadera - Dinani apa Gawani kuyendetsa molimbika

Mukamagwiritsa ntchito tcpdump kujambula mapaketi, mutha kuwasefa ndi adilesi ya IP, doko, kapena protocol. Izi zimalola yang'anani pa kagawo kakang'ono ka chidziwitso choyenera ndi kutaya phokoso losafunika. Mwachitsanzo, ngati tikufuna kusanthula kuchuluka kwa magalimoto a HTTP, titha kusefa mapaketi pogwiritsa ntchito lamulo ili:

tcpdump -i eth0 port 80

Lamulo ili idzagwira ndikuwonetsa mapaketi okha omwe amadutsa padoko 80, yomwe imagwiritsidwa ntchito kwambiri pa protocol ya HTTP. Mwanjira imeneyi, tingathe yang'anani pa kusanthula kwamayendedwe apaintaneti ndikupewa kuwunikanso mapaketi osayenera.

Kuphatikiza pazosefera zoyambira⁢, ‍tcpdump imalolanso sefa mapaketi⁤ malinga ndi zomwe zili. Izi zikuphatikizapo kufufuza mndandanda wa deta mkati mwa ⁣zomwe zili ⁢m'mapaketi ojambulidwa. Mwachitsanzo, ngati tikufuna kujambula mapaketi onse omwe ali ndi mawu oti "password" pazomwe zili, titha kugwiritsa ntchito lamulo ili:

tcpdump -i eth0 -A -s0 -w paquetes.pcap 'tcp[((tcp[12:1] & 0xf0) >> 2):4] = 0x70617373'

Ndi lamulo ili, tcpdump ijambula ndikusunga mufayiloyo "packages.pcap" ⁤mapaketi onse omwe ali ndi zingwe "password". ⁤Titha kusanthula fayiloyi mwatsatanetsatane kuti tipeze zambiri, tidziwe zovuta zomwe zingachitike ndikuwongolera chitetezo pamanetiweki.

Mwachidule, tcpdump ndi chida champhamvu chojambula ndi kusanthula mapaketi a netiweki. Kuthekera kwake kusefa ndi adilesi ya IP, doko, protocol ndi zomwe zili kulola yang'anani pa mfundo zoyenera ndi kupewa zambiri zosafunikira. Kaya ⁤kuzindikira, kuyang'anira netiweki⁢ kapena zolinga zachitetezo, tcpdump ndi chisankho chodalirika kwa katswiri aliyense⁤networking⁤.

- Malangizo pakusefa kogwira mtima komanso kotetezeka ndi tcpdump

Zikafika sefa mapaketi ndi zomwe zili ndi tcpdump, ndikofunikira kuwonetsetsa kuti kusefa kumakhala kothandiza komanso kotetezeka. Kuti tichite izi, apa tikupereka malingaliro omwe angakhale othandiza kwambiri kwa inu:

1. Gwiritsani ntchito mawu okhazikika: tcpdump imalola kugwiritsa ntchito mawu okhazikika kusefa mapaketi kutengera zomwe zili. Izi zimakupatsani mwayi wotha kusinthasintha⁤ kuti mutchule masanjidwe enaake ndikusefa mapaketi okhawo omwe amakwaniritsa ⁤mapangidwewo. Mutha kugwiritsa ntchito mbendera ya "-s" limodzi ndi mawu okhazikika kuti mugwiritse ntchito kusefa.

2. Tanthauzirani fyuluta yoyenera: Kuti mupeze zotsatira zolondola, ndikofunikira kuti mufotokoze bwino zosefera. Muyenera kuzindikira bwino mtundu wazinthu zomwe mukuyang'ana m'mapaketi, kaya ndi adilesi ya IP, doko, kapena zingwe zinazake. Komanso, onetsetsani kuti mwaphatikiza ogwiritsira ntchito zomveka kuti muwonjezere kusefa ndikupeza zotsatira zomwe mukufuna.

3. Chepetsani kuchuluka kwa kusefa: ⁢Ndikofunikira kudziwa kuti tcpdump imagwira mapaketi onse omwe amadutsa pa intaneti. Izi zingayambitse kuchuluka kwa deta yosafunikira ndikupangitsa kusanthula kukhala kovuta. Chifukwa chake, tikupangira kuti muchepetse kuchuluka kwa zosefera momwe mungathere kuti mupewe kuchuluka kwa chidziwitso ndikufulumizitsa kusanthula.

Sebastian Vidal

Ndine Sebastián Vidal, mainjiniya apakompyuta omwe amakonda ukadaulo komanso DIY. Komanso, ine ndine mlengi wa tecnobits.com, komwe ndimagawana nawo maphunziro kuti ukadaulo ukhale wofikirika komanso womveka kwa aliyense.