User Tools
анализ_трафика
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
анализ_трафика [2010/10/26 09:36] val created |
анализ_трафика [2013/10/07 13:43] (current) val [Cisco Switch] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Анализ трафика ====== | ====== Анализ трафика ====== | ||
| + | |||
| + | ===== SPAN ===== | ||
| + | |||
| + | ==== Cisco Switch ==== | ||
| + | |||
| + | * Настройка [[Оборудование уровня 2 Cisco Catalyst#SPAN]] на switch | ||
| + | ==== Unix ==== | ||
| + | <code> | ||
| + | server# ifconfig eth2|em2 up | ||
| + | |||
| + | server# tcpdump -ni eth2|em2 -A -s 0 "port 80" | ||
| + | </code> | ||
| + | |||
| + | ===== tcpdump, trafshow===== | ||
| + | |||
| + | ===== Выделение tcp сессий ===== | ||
| + | |||
| + | [[http://www.circlemud.org/~jelson/software/tcpflow/]] | ||
| + | |||
| + | ===== Анализ трафика для детектирования атак - пакет Snort ===== | ||
| + | |||
| + | [[Сервис SNORT]] | ||
| + | |||
| + | ===== Анализ трафика для предотвращения атак - пакет Snortsam ===== | ||
| + | |||
| + | [[Сервис SNORTSAM]] | ||
| + | |||
анализ_трафика.1288071383.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
