User Tools
анализ_трафика
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
анализ_трафика [2011/01/27 15:23] val |
анализ_трафика [2013/10/07 13:43] (current) val [Cisco Switch] |
||
|---|---|---|---|
| Line 4: | Line 4: | ||
| ==== Cisco Switch ==== | ==== Cisco Switch ==== | ||
| - | <code> | ||
| - | monitor session 1 source interface f0/1 both | ||
| - | monitor session 1 destination interface f0/2 | ||
| - | </code> | ||
| + | * Настройка [[Оборудование уровня 2 Cisco Catalyst#SPAN]] на switch | ||
| ==== Unix ==== | ==== Unix ==== | ||
| <code> | <code> | ||
| - | server# ifconfig eth1|le1 up | + | server# ifconfig eth2|em2 up |
| - | server# tcpdump -ni eth1|le1 -A -s 0 "port 80" | + | server# tcpdump -ni eth2|em2 -A -s 0 "port 80" |
| </code> | </code> | ||
| Line 22: | Line 19: | ||
| [[http://www.circlemud.org/~jelson/software/tcpflow/]] | [[http://www.circlemud.org/~jelson/software/tcpflow/]] | ||
| - | ===== Анализ трафика для предотвращения атак - пакет Snort ===== | + | ===== Анализ трафика для детектирования атак - пакет Snort ===== |
| [[Сервис SNORT]] | [[Сервис SNORT]] | ||
| - | <code> | + | ===== Анализ трафика для предотвращения атак - пакет Snortsam ===== |
| - | [server:~] # pkg_delete -x snort | + | |
| - | [server:~] # rm -r /usr/local/etc/snort/ | + | |
| - | + | ||
| - | root@server.corpX.un:~# apt-get purge snort | + | |
| - | </code> | + | |
| - | + | ||
| - | ===== Использование пакета Snortsam для блокировки хостов ===== | + | |
| [[Сервис SNORTSAM]] | [[Сервис SNORTSAM]] | ||
| - | |||
анализ_трафика.1296130997.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
