User Tools
анализ_трафика
This is an old revision of the document!
Table of Contents
Анализ трафика
SPAN
Cisco Switch
monitor session 1 source interface f0/0 both monitor session 1 destination interface f0/15
Unix
server# ifconfig eth2|em2 up server# tcpdump -ni eth2|em2 -A -s 0 "port 80"
tcpdump, trafshow
Выделение tcp сессий
Анализ трафика для предотвращения атак - пакет Snort
[server:~] # /usr/local/etc/rc.d/snort stop [server:~] # pkg_delete -x snort [server:~] # rm -r /usr/local/etc/snort/ root@server:~# /etc/init.d/snort stop root@server:~# apt-get purge snort
Использование пакета Snortsam для блокировки хостов
анализ_трафика.1316672776.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
