ããã¯ãUbuntu OnlineãFedora OnlineãWindowsãªã³ã©ã€ã³ãšãã¥ã¬ãŒã¿ãŒãMACOSãªã³ã©ã€ã³ãšãã¥ã¬ãŒã¿ãŒãªã©ã®è€æ°ã®ç¡æãªã³ã©ã€ã³ã¯ãŒã¯ã¹ããŒã·ã§ã³ã®XNUMXã€ã䜿çšããŠOnWorksç¡æãã¹ãã£ã³ã°ãããã€ããŒã§å®è¡ã§ããã³ãã³ãwiresharkã§ãã
ããã°ã©ã ïŒ
NAME
wireshark-ãããã¯ãŒã¯ãã©ãã£ãã¯ãã€ã³ã¿ã©ã¯ãã£ãã«ãã³ãããŠåæãã
SYNOPSIS
wireshark [ -a ] ... [ -b ]..ã
[ -B ] [ -c ] [ -C ]
[ -D ] [ --display =] [ -f ] [ -g ]
[ -h ] [ -H ] [ -i |-] [ -I ] [ -j ] [ -J ] [ -k ]
[ -K ] [ -l ] [ -L ] [ -m ] [ -n ] [ -N ]
[ -o ] ... [ -p ] [ -P ] [ -r ]
[ -R ] [ -s ] [ -S ]
[ -t a | ad | adoy | d | dd | e | r | u | ud | udoy] [ -v ] [ -w ] [ -X ]
[ -y ] [ -Y ] [ -z ] [ ]
DESCRIPTION
Wiresharkã® GUIãããã¯ãŒã¯ãããã³ã«ã¢ãã©ã€ã¶ã§ãã ã€ã³ã¿ã©ã¯ãã£ãã«ãã±ãããé²èŠ§ã§ããŸã
ã©ã€ããããã¯ãŒã¯ãŸãã¯ä»¥åã«ä¿åããããã£ããã£ãã¡ã€ã«ããã®ããŒã¿ã Wiresharkã®ã®ãã€ãã£ã
ãã£ããã£ãã¡ã€ã«åœ¢åŒã¯ pcap formatã¯ãã«ãã£ãŠäœ¿çšããã圢åŒã§ããããŸã tcpdump æ§ã ãª
ä»ã®ããŒã«ã
Wireshark㮠次ã®ãã¡ã€ã«åœ¢åŒãèªã¿åã£ããã€ã³ããŒããããã§ããŸãã
ã»pcap-ããã®ãã£ãã㣠Wiresharkã®/Tã·ã£ãŒã¯/ãã³ããã£ãã, tcpdumpãããã³ã䜿çšããä»ã®ããŸããŸãªããŒã«
libpcap / WinPcap / tcpdump / WinDumpã®ãã£ããã£åœ¢åŒ
ã»pcap-ng-pcap圢åŒã®ã次äžä»£ãã®åŸç¶
· ã¹ããŒã & ã¢ãã ã¹ããŒã ãã£ããã£
ã»Shomiti / Finisar æ€æ»å® ãã£ããã£
ã»Novell ã©ãã©ã€ã¶ãŒ ãã£ããã£
ã»ãã€ã¯ããœãã ãããã¯ãŒã¯ ã¢ãã¿ãŒ ãã£ããã£
ã»AIXã® iptrace ãã£ããã£
ã»Cincoãããã¯ãŒã¯ NetXRay ãã£ããã£
ã»ãããã¯ãŒã¯ã¢ãœã·ãšã€ãWindowsããŒã¹ ã¹ããã¡ ãã£ããã£
ã»ãããã¯ãŒã¯äžè¬/ãããã¯ãŒã¯ã¢ãœã·ãšã€ãDOSããŒã¹ ã¹ããã¡ ïŒå§çž®ãŸãã¯éå§çž®ïŒ
ãã£ããã£
ã»AGã°ã«ãŒã/ WildPackets / Savvius ã€ãŒãµããŒã¯/ããŒã¯ã³ããŒã¯/ã¢ã€ãããŒã¯/ã€ãŒãµãã«ã/ãã±ããã°ã©ããŒ
ãã£ããã£
· ã©ãã³ã ã®WAN / LANã¢ãã©ã€ã¶ã¯
ã»ãããã¯ãŒã¯æ©åš ãªãã¶ãŒã㌠ããŒãžã§ã³9ã®ãã£ããã£
· ã«ãŒã»ã³ã/ã¢ã»ã³ã ã«ãŒã¿ãŒã®ãããã°åºå
ã»HP-UXã®ãã¡ã€ã« ãããã«
· æ±èã® ISDNã«ãŒã¿ãŒã¯åºåããã³ãããŸã
ã»ããã®åºå i4btrace ISDN4BSDãããžã§ã¯ããã
ã»ããã®ãã¬ãŒã¹ EyeSDN USBS0ã
ã»åºå IPãã° Cisco Secure Intrusion DetectionSystemã®ãã©ãŒããã
· ppppd ãã° ïŒpppdump圢åŒïŒ
ã»VMSããã®åºå TCPIPãã¬ãŒã¹/TCPãã¬ãŒã¹/UCX $ TRACE å ¬çäºæ¥
ã»ããã®ããã¹ãåºå DBS ã€ãŒãµãŠã©ãã VMSãŠãŒãã£ãªãã£
ã»ããžã¥ã¢ã«ãããã¯ãŒã¯ ' ããžã¥ã¢ã« 皌åæé ãã©ãã£ãã¯ãã£ããã£
ã»ããã®åºå äœåŒŠ L2ãããã°
ã»InfoVistaããã®åºå 5衚瀺 LANãšãŒãžã§ã³ã
ã»Endace MeasurementSystemsã®ERF圢åŒã®ãã£ããã£
ã»Linux BluezBluetoothã¹ã¿ã㯠hcidump -w 圢跡
ã»Catapult DCT2000.outãã¡ã€ã«
ã»Gammuã¯ãNetmonitorã¢ãŒãã§NokiaDCT3é»è©±ããããã¹ãåºåãçæããŸãã
ã»IBMã·ãªãŒãºïŒOS / 400ïŒéä¿¡ãã¬ãŒã¹ïŒASCIIããã³UNICODEïŒ
ã»JuniperNetscreenã¹ããŒããã¡ã€ã«
ã»Symbian OSbtsnoopãã¡ã€ã«
ã»TamoSoftCommViewãã¡ã€ã«
ã»textronix K12xx32ããã.rf5圢åŒã®ãã¡ã€ã«
ã»textronixK12ããã¹ããã¡ã€ã«åœ¢åŒã®ãã£ããã£
ã»ApplePacketLoggerãã¡ã€ã«
ã»ãã¹ãæ©åšçšã®AethraTelecommunicationsã®PC108ãœãããŠã§ã¢ããã®ãã¡ã€ã«
ã»ISO / IEC2-13818ã§å®çŸ©ãããŠããMPEG-1ãã©ã³ã¹ããŒãã¹ããªãŒã
ã»Rabbit Labs CAMInspectorãã¡ã€ã«
ã»ColasoââftCapsaãã¡ã€ã«
èšãå¿ èŠã¯ãããŸãã Wiresharkã® èªãã§ãããã¡ã€ã«ã®çš®é¡ã ããã決å®ããŸã
ãã¡ã€ã«ã¿ã€ãèªäœã Wiresharkã® ãããã®ãã¡ã€ã«åœ¢åŒã®ãããããèªã¿åãããšãã§ããŸã
gzipã䜿çšããŠå§çž®ãããŠããå Žåã Wiresharkã® ããããã¡ã€ã«ããçŽæ¥èªèããŸãã the
ãã®ç®çã§ã¯ãããgzãæ¡åŒµåã¯å¿ èŠãããŸããã
ä»ã®ãããã³ã«ã¢ãã©ã€ã¶ãšåæ§ã«ã Wiresharkã®ã®ã¡ã€ã³ãŠã£ã³ããŠã«ã¯ããã±ããã®3ã€ã®ãã¥ãŒã衚瀺ãããŸãã ãã
ã¯ããã±ãããäœã§ããããç°¡åã«èª¬æããèŠçŽè¡ã瀺ããŠããŸãã ãã±ãã詳现衚瀺ã¯
衚瀺ãããé¢å¿ã®ããæ£ç¢ºãªãããã³ã«ãŸãã¯ãã£ãŒã«ãã«ããªã«ããŠã³ã§ããŸãã
æåŸã«ãXNUMXé²ãã³ãã¯ããã±ãããééãããšãã«ãã±ãããã©ã®ããã«èŠããããæ£ç¢ºã«ç€ºããŸãã
ã¯ã€ã€ãŒã
å ããŠã Wiresharkã® ããããŠããŒã¯ã«ããããã€ãã®æ©èœããããŸãã ããã¯ãã¹ãŠãçµã¿ç«ãŠãããšãã§ããŸã
TCPäŒè©±ã®ãã±ããã§ããã®äžã®ASCIIïŒãŸãã¯EBCDICããŸãã¯XNUMXé²æ°ïŒããŒã¿ã衚瀺ããŸã
äŒè©±ã ãã£ã«ã¿ã衚瀺ãã Wiresharkã® éåžžã«åŒ·åã§ãã ããå€ãã®ãã£ãŒã«ãããã£ã«ã¿ãªã³ã°å¯èœ
in Wiresharkã® ä»ã®ãããã³ã«ã¢ãã©ã€ã¶ããããäœæã«äœ¿çšã§ããæ§æ
ãã£ã«ã¿ã¯ããè±å¯ã§ãã ãšã㊠Wiresharkã® é²æ©ãããŸããŸãå€ãã®ãããã³ã«ãã£ãŒã«ãã
衚瀺ãã£ã«ã¿ãŒã§èš±å¯ãããŸãã
ãã±ãããã£ããã£ã¯ãpcapã©ã€ãã©ãªã䜿çšããŠå®è¡ãããŸãã ãã£ããã£ãã£ã«ã¿ãŒã®æ§æã¯æ¬¡ã®ãšããã§ã
pcapã©ã€ãã©ãªã®ã«ãŒã«ã ãã®æ§æã¯ã衚瀺ãã£ã«ã¿ãŒã®æ§æãšã¯ç°ãªããŸãã
å§çž®ãã¡ã€ã«ã®ãµããŒãã§ã¯ãzlibã©ã€ãã©ãªã䜿çšããŸãïŒãããã£ãŠããããå¿ èŠã§ãïŒã zlibã®å Žå
ã©ã€ãã©ãªãååšããŸããã Wiresharkã® ã³ã³ãã€ã«ãããŸãããå§çž®ããããã®ãèªã¿åãããšãã§ããªããªããŸã
ãã¡ã€ã«ã
èªã¿åããã£ããã£ãã¡ã€ã«ã®ãã¹åã¯ã -r ãªãã·ã§ã³ãŸãã¯ããããšãã§ããŸã
ã³ãã³ãã©ã€ã³åŒæ°ãšããŠæå®ãããŸãã
OPTIONS
ã»ãšãã©ã®ãŠãŒã¶ãŒã¯å§ããããšæãã§ããã Wiresharkã® ãªãã·ã§ã³ãªãã§ãã¡ãã¥ãŒããèšå®ããŸã
代ããã¯ã ãããã®ãŠãŒã¶ãŒã¯ããã®ã»ã¯ã·ã§ã³ãã¹ãããã§ããŸãã
-a
ãã€æå®ããåºæºãæå®ãã Wiresharkã® ãã£ããã£ãžã®æžã蟌ã¿ãåæ¢ããããšã§ã
ãã¡ã€ã«ã åºæºã¯æ¬¡ã®åœ¢åŒã§ã test:å€ããã§ã test ã®äžã€ã§ãããŸãïŒ
ãã¥ã¬ãŒã·ã§ã³:å€ åŸã§ãã£ããã£ãã¡ã€ã«ãžã®æžã蟌ã¿ãåæ¢ããŸã å€ ç§ãçµéããŸããã
ãã¡ã€ã«ãµã€ãº:å€ ãµã€ãºãã«éãããããã£ããã£ãã¡ã€ã«ãžã®æžã蟌ã¿ãåæ¢ããŸãã å€ kBã ããã
ãã®ãªãã·ã§ã³ã¯-bãªãã·ã§ã³ãšäžç·ã«äœ¿çšãããWiresharkã¯ãžã®æžã蟌ã¿ãåæ¢ããŸã
çŸåšã®ãã£ããã£ãã¡ã€ã«ã§ããã¡ã€ã«ãµã€ãºã«éããå Žåã¯æ¬¡ã®ãã¡ã€ã«ã«åãæ¿ããŸãã ã«æ³šæããŠãã ãã
ãã¡ã€ã«ãµã€ãºã¯2GiBã®æ倧å€ã«å¶éãããŠããŸãã
ãã¡ã€ã«:å€ åŸã«ãã¡ã€ã«ããã£ããã£ããããã®æžã蟌ã¿ãåæ¢ããŸã å€ æžã蟌ãŸãããã¡ã€ã«ã®æ°ã
-NS
åå ãšãªã Wiresharkã® ãè€æ°ãã¡ã€ã«ãã¢ãŒãã§å®è¡ããŸãã ãè€æ°ãã¡ã€ã«ãã¢ãŒãã§ã¯ã Wiresharkã®
ããã€ãã®ãã£ããã£ãã¡ã€ã«ã«æžã蟌ã¿ãŸãã æåã®ãã£ããã£ãã¡ã€ã«ããã£ã±ãã«ãªããšã Wiresharkã®
次ã®ãã¡ã€ã«ãžã®æžã蟌ã¿ãåãæ¿ããŸãã
äœæããããã¡ã€ã«åã¯ã -w ãã©ã°ãã®æ°
ãã¡ã€ã«ãšäœææ¥æïŒäŸïŒoutfile_00001_20050604120117.pcapïŒ
outfile_00002_20050604120523.pcapã..ã
ãã¡ã€ã« ãªãã·ã§ã³ã§ãããªã³ã°ãããã¡ãã圢æããããšãã§ããŸãã ããã¯ãã£ã±ãã«ãªããŸã
æå®ããããã¡ã€ã«æ°ãŸã§ã®æ°ãããã¡ã€ã«ããã®æç¹ã§ Wiresharkã® ç Žæ£ããŸã
æåã®ãã¡ã€ã«ã®ããŒã¿ãå ¥åãããã®ãã¡ã€ã«ãžã®æžã蟌ã¿ãéå§ããŸãã ã®å Žå ãã¡ã€ã«
ãªãã·ã§ã³ãèšå®ãããŠããªãå Žåããã£ããã£åæ¢æ¡ä»¶ã®XNUMXã€ãäžèŽãããŸã§æ°ãããã¡ã€ã«ããã£ã±ãã«ãªããŸã
ïŒãŸãã¯ãã£ã¹ã¯ããã£ã±ãã«ãªããŸã§ïŒã
åºæºã¯æ¬¡ã®åœ¢åŒã§ã ããŒ:å€ããã§ã ã㌠ã®äžã€ã§ãããŸãïŒ
ãã¥ã¬ãŒã·ã§ã³:å€ åŸã«æ¬¡ã®ãã¡ã€ã«ã«åãæ¿ããŸã å€ ããšã
çŸåšã®ãã¡ã€ã«ãå®å šã«ãã£ã±ãã«ãªã£ãŠããŸããã
ãã¡ã€ã«ãµã€ãº:å€ æ¬¡ã®ãã¡ã€ã«ã®ãµã€ãºã«éããåŸã次ã®ãã¡ã€ã«ã«åãæ¿ããŸã å€ kBã ãäºæ¿ãã ãã
ãã¡ã€ã«ãµã€ãºã¯æ倧å€2GiBã«å¶éãããŠããŸãã
ãã¡ã€ã«:å€ åŸã®æåã®ãã¡ã€ã«ããããçŽããŠãã ãã å€ æžã蟌ãŸãããã¡ã€ã«ã®æ°
ïŒãªã³ã°ãããã¡ã圢æããŸãïŒã ãã®å€ã¯100000æªæºã§ããå¿ èŠããããŸãã泚æãå¿ èŠã§ã
å€æ°ã®ãã¡ã€ã«ã䜿çšããå ŽåïŒäžéšã®ãã¡ã€ã«ã·ã¹ãã ã¯ã
åäžã®ãã£ã¬ã¯ããªãã The ãã¡ã€ã« åºæºã«ã¯æ¬¡ã®ãããããå¿ èŠã§ã ãã¥ã¬ãŒã·ã§ã³ or ãã¡ã€ã«ãµã€ãº ããã«ããã«ã¯
次ã®ãã¡ã€ã«ã«ãã€ç§»åããããå¶åŸ¡ããããã«æå®ãããŸãã ããããã泚æããå¿ èŠããããŸã -b
ãã©ã¡ãŒã¿ã¯æ£ç¢ºã«XNUMXã€ã®åºæºãåããŸãã XNUMXã€ã®åºæºãæå®ããã«ã¯ãããããã®åã«çœ®ãå¿ èŠããããŸã
ãéããŠãã¿ã³ãã³ã°ãããã³ãŒããŒãããã®äžããåäžã«ãã£ã«ã¿ãŒãã¹ã±ããã®å ã®ç²ã«æµžéããŠãããŸãã -b ãªãã·ã§ã³ãéžæããŸãã
äŸïŒ -b ãã¡ã€ã«ãµã€ãºïŒ1000 -b ãã¡ã€ã«ïŒ5 ãµã€ãºã®XNUMXã€ã®ãã¡ã€ã«ã®ãªã³ã°ãããã¡ã«ãªããŸã
ããããXNUMXã¡ã¬ãã€ãã
-B
ãã£ããã£ãããã¡ãµã€ãºãèšå®ããŸãïŒMiBã§ã¯ãããã©ã«ãã¯2 MiBã§ãïŒã ããã¯ãã£ããã£ã«ãã£ãŠäœ¿çšãããŸã
ããŒã¿ããã£ã¹ã¯ã«æžã蟌ãããŸã§ãã±ããããŒã¿ããããã¡ãªã³ã°ãããã©ã€ãã ééããå Žå
ãã£ããã£äžã«ãã±ãããããããããå Žåã¯ããã®ãµã€ãºã倧ããããŠã¿ãŠãã ããã 泚æããŠãã ããã Wiresharkã®
ããã©ã«ãã§ãããã¡ãµã€ãºã2MiBã«èšå®ããããšããèšå®ããããã«æ瀺ã§ããŸãã
å€ã倧ãããšããã£ããã£ããŠããã·ã¹ãã ãŸãã¯ã€ã³ã¿ãŒãã§ã€ã¹ãé»ã£ãŠå¶éããå¯èœæ§ããããŸã
ãã£ããã£ãããã¡ãµã€ãºãäœãå€ã«èšå®ããããé«ãå€ã«äžããŸãã
ããã¯ãlibpcap1.0.0以éãæèŒããUNIXã·ã¹ãã ããã³Windowsã§äœ¿çšã§ããŸãã ã§ã
以åã®ããŒãžã§ã³ã®libpcapã䜿çšããUNIXã·ã¹ãã ã§ã¯äœ¿çšã§ããŸããã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã ã®æåã®çºçåã«äœ¿çšãããå Žå -i
ãªãã·ã§ã³ã®å Žåãããã©ã«ãã®ãã£ããã£ãããã¡ãµã€ãºãèšå®ããŸãã åŸã«äœ¿çšããå Žå -i ãªãã·ã§ã³ãããã¯èšå®ããŸã
æåŸã«æå®ãããã€ã³ã¿ãŒãã§ã€ã¹ã®ãã£ããã£ãããã¡ãµã€ãº -i ãªãã·ã§ã³ãçºçããŸã
ãã®ãªãã·ã§ã³ã®åã ãã£ããã£ãããã¡ãµã€ãºãç¹ã«èšå®ãããŠããªãå Žåãããã©ã«ã
代ããã«ããã£ããã£ãããã¡ãµã€ãºã䜿çšãããŸãã
-c
ã©ã€ãããŒã¿ããã£ããã£ãããšãã«èªã¿åããã±ããã®æ倧æ°ãèšå®ããŸãã
-C
æå®ãããæ§æãããã¡ã€ã«ããéå§ããŸãã
-Dã€ã³ã¿ãŒãã§ã€ã¹ã®ãªã¹ããå°å·ããŸã Wiresharkã® ãã£ããã£ããŠçµäºã§ããŸãã ããããã«ã€ããŠ
ãããã¯ãŒã¯ã€ã³ã¿ãŒãã§ã€ã¹ãçªå·ãã€ã³ã¿ãŒãã§ã€ã¹åãå Žåã«ãã£ãŠã¯ããã¹ããç¶ã
ã€ã³ã¿ãŒãã§ã€ã¹ã®èª¬æãå°å·ãããŸãã ã€ã³ã¿ãŒãã§ã€ã¹åãŸãã¯çªå·ã¯æ¬¡ã®ããã«ãªããŸãã
ã«äŸçµŠ -i ãã£ããã£ããã€ã³ã¿ãŒãã§ã€ã¹ãæå®ãããã©ã°ã
ããã¯ãããããäžèŠ§è¡šç€ºããã³ãã³ãããªãã·ã¹ãã ïŒWindowsãªã©ïŒã§åœ¹ç«ã¡ãŸãã
ã·ã¹ãã ããŸãã¯UNIXã·ã¹ãã ãäžè¶³ããŠãã ifconfig -aïŒ; ãã®çªå·ã¯Windowsã§åœ¹ç«ã¡ãŸã
2000以éã®ã·ã¹ãã ãã€ã³ã¿ãŒãã§ã€ã¹åã¯ããè€éãªæååã§ãã
ããã£ããã£ã§ããããšã¯ã Wiresharkã® ãã®ããã€ã¹ãéããŠã©ã€ããè¡ãããšãã§ããŸãã
æç²; ã·ã¹ãã ã§ããããã¯ãŒã¯ãã£ããã£ãå®è¡ããããã°ã©ã ãããå®è¡ããå¿ èŠãããå Žå
ç¹å¥ãªç¹æš©ãæã€ã¢ã«ãŠã³ãïŒããšãã°ãrootãšããŠïŒã次ã«ã Wiresharkã® ã§å®è¡ãããŸã
ã -D ãã©ã°ãç«ãŠããã®ãããªã¢ã«ãŠã³ãããå®è¡ãããªãå Žåãã€ã³ã¿ãŒãã§ã€ã¹ã¯äžèŠ§è¡šç€ºãããŸããã
--display =
䜿çšããXãã£ã¹ãã¬ã€ãæå®ããŸãã ãã¹ãåãšç»é¢ïŒotherhostïŒ0.0ïŒãŸãã¯åã«
ç»é¢ïŒïŒ0.0ïŒãæå®ã§ããŸãã ãã®ãªãã·ã§ã³ã¯ãWindowsã§ã¯äœ¿çšã§ããŸããã
-f
ãã£ããã£ãã£ã«ã¿ãŒåŒãèšå®ããŸãã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã ã®æåã®çºçåã«äœ¿çšãããå Žå -i
ãªãã·ã§ã³ã®å Žåãããã©ã«ãã®ãã£ããã£ãã£ã«ã¿ãŒåŒãèšå®ããŸãã åŸã«äœ¿çšããå Žå -i ãªãã·ã§ã³ããã
æåŸã«æå®ãããã€ã³ã¿ãŒãã§ã€ã¹ã®ãã£ããã£ãã£ã«ã¿åŒãèšå®ããŸã -i ãªãã·ã§ã³
ãã®ãªãã·ã§ã³ã®åã«çºçããŸãã ãã£ããã£ãã£ã«ã¿ãŒåŒãèšå®ãããŠããªãå Žå
å ·äœçã«ã¯ãããã©ã«ãã®ãã£ããã£ãã£ã«ã¿åŒãæäŸãããŠããå Žåã«äœ¿çšãããŸãã
-g
ã䜿çšããŠãã£ããã£ãã¡ã€ã«ãèªã¿èŸŒãã åŸ -r ãã©ã°ãäžããããã«è¡ã ãã±ãã æ°.
-hããŒãžã§ã³ãšãªãã·ã§ã³ãåºåããŠçµäºããŸãã
-Hã©ã€ããã±ãããã£ããã£äžã«ãã£ããã£æ å ±ãã€ã¢ãã°ãé衚瀺ã«ããŸãã
-ç§|-
ã©ã€ããã±ãããã£ããã£ã«äœ¿çšãããããã¯ãŒã¯ã€ã³ã¿ãŒãã§ã€ã¹ãŸãã¯ãã€ãã®ååãèšå®ããŸãã
ãããã¯ãŒã¯ã€ã³ã¿ãŒãã§ã€ã¹åã¯ããwireshark -D"
ïŒäžèšïŒ; ãã«ãã£ãŠå ±åãããæ°wireshark -D"ãã䜿çšã§ããŸãã
UNIXã䜿çšããŠããŸãããnetstat -i"ãŸãã¯"ifconfig -a"ã¯ãã€ã³ã¿ãŒãã§ã€ã¹ãäžèŠ§è¡šç€ºããããã«ãæ©èœããå¯èœæ§ããããŸã
UNIXã®ãã¹ãŠã®ããŒãžã§ã³ããµããŒãããŠããããã§ã¯ãããŸããããåå -a ãã©ã°ãç«ãŠã ifconfig.
ã€ã³ã¿ãŒãã§ã€ã¹ãæå®ãããŠããªãå Žåã Wiresharkã® ã€ã³ã¿ãŒãã§ã€ã¹ã®ãªã¹ããæ€çŽ¢ãã
éã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ãããå Žåã¯æåã®éã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ãããã³
éã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ããªãå Žåã¯ãæåã®ã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ã ãªãå Žå
ã€ã³ã¿ãŒãã§ãŒã¹ã Wiresharkã® ãšã©ãŒãå ±åãããã£ããã£ãéå§ããŸããã
ãã€ãåã¯ãFIFOïŒååä»ããã€ãïŒã®ååããããŒã¿ãèªã¿åãããã®ã-ãã®ããããã§ããå¿ èŠããããŸã
æšæºå ¥åã Windowsã·ã¹ãã ã§ã¯ããã€ãåã¯æ¬¡ã®åœ¢åŒã§ããå¿ èŠããããŸã
`` \\ pipe \ã\ãã€ãå''ã ãã€ãããèªã¿åãããããŒã¿ã¯ãæšæºã®pcap圢åŒã§ããå¿ èŠããããŸãã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã è€æ°ã®ã€ã³ã¿ãŒãã§ãŒã¹ãããã£ããã£ããå Žåã
ãã£ããã£ãã¡ã€ã«ã¯pcap-ng圢åŒã§ä¿åãããŸãã
-ã€ã³ã¿ãŒãã§ã€ã¹ããç£èŠã¢ãŒããã«ããŸãã ããã¯IEEE802.11Wi-Fiã§ã®ã¿ãµããŒããããŸã
ã€ã³ã¿ãŒãã§ã€ã¹ã§ãããäžéšã®ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã§ã®ã¿ãµããŒããããŸãã
ã¢ãã¿ãŒã¢ãŒãã§ã¯ãã¢ããã¿ãŒããããã¯ãŒã¯ãšã®é¢é£ä»ãã解é€ããå Žåãããããšã«æ³šæããŠãã ããã
é¢é£ä»ããããŠãããããã¯ã€ã€ã¬ã¹ãããã¯ãŒã¯ã䜿çšã§ããªããªããŸã
ã¢ããã¿ã ããã«ããããããã¯ãŒã¯ãµãŒããŒäžã®ãã¡ã€ã«ã«ã¢ã¯ã»ã¹ãããããã¹ãã解決ãããã§ããªããªãå¯èœæ§ããããŸã
ã¢ãã¿ãŒã¢ãŒãã§ãã£ããã£ããŠããŠæ¥ç¶ãããŠããªãå Žåã¯ãååãŸãã¯ãããã¯ãŒã¯ã¢ãã¬ã¹
å¥ã®ã¢ããã¿ã䜿çšããŠå¥ã®ãããã¯ãŒã¯ã«æ¥ç¶ããŸãã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã ã®æåã®çºçåã«äœ¿çšãããå Žå -i
ãªãã·ã§ã³ã®å Žåããã¹ãŠã®ã€ã³ã¿ãŒãã§ãŒã¹ã®ã¢ãã¿ãŒã¢ãŒããæå¹ã«ããŸãã åŸã«äœ¿çšããå Žå -i ãªãã·ã§ã³ã
æåŸã«æå®ãããã€ã³ã¿ãŒãã§ã€ã¹ã®ã¢ãã¿ãŒã¢ãŒããæå¹ã«ããŸã -i ãªãã·ã§ã³
ãã®ãªãã·ã§ã³ã®åã«çºçããŸãã
-jåŸã«äœ¿çš -J ãã£ã«ã¿ã«å®å šã«äžèŽãããã®ãèŠã€ãããªãå Žåã®åäœãå€æŽããŸãã ãš
ãã®ãªãã·ã§ã³ã¯ãåã®æåã®ãã±ãããéžæããŸãã
-J
ã䜿çšããŠãã£ããã£ãã¡ã€ã«ãèªã¿èŸŒãã åŸ -r ãã©ã°ãäžèŽãããã±ããã«ãžã£ã³ãããŸã
filterïŒãã£ã«ã¿ãŒæ§æã衚瀺ããŸãïŒã å®å šã«äžèŽãããã®ãèŠã€ãããªãå ŽåãåŸã®æåã®ãã±ãã
ãããéžæãããŠããŸãã
-kãã£ããã£ã»ãã·ã§ã³ãããã«éå§ããŸãã ã®å Žå -i ãã©ã°ãæå®ããããã£ããã£ã¯äœ¿çšããŸã
æå®ãããã€ã³ã¿ãŒãã§ãŒã¹ã ãããªããšã Wiresharkã® ã€ã³ã¿ãŒãã§ã€ã¹ã®ãªã¹ããæ€çŽ¢ãã
éã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ãããå Žåã¯ãæåã®éã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ãéžæããŸãã
éã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ããªãå Žåã¯ãæåã®ã«ãŒãããã¯ã€ã³ã¿ãŒãã§ã€ã¹ãéžæããŸãã ããã
ã€ã³ã¿ãŒãã§ãŒã¹ã¯ãããŸããã Wiresharkã® ãšã©ãŒãå ±åãããã£ããã£ãéå§ããŸããã
-K
æå®ãããkeytabãã¡ã€ã«ããKerberosæå·åããŒãããŒãããŸãã ãã®ãªãã·ã§ã³ã䜿çšã§ããŸã
è€æ°ã®ãã¡ã€ã«ããããŒãããŒãããããã«è€æ°åã
äŸïŒ -K krb5.keytab
-lãã±ãã衚瀺ã次ã®ããã«èªåçã«æŽæ°ãããå Žåã¯ãèªåã¹ã¯ããŒã«ããªã³ã«ããŸãã
ãã±ããã¯ãã£ããã£äžã«å°çããŸãïŒ -S åœæïŒã
-Lã€ã³ã¿ãŒãã§ã€ã¹ã§ãµããŒããããŠããããŒã¿ãªã³ã¯ã¿ã€ããäžèŠ§è¡šç€ºããŠçµäºããŸãã
-m
䜿çšãããã©ã³ãã®ååãèšå®ããŸã Wiresharkã® ã»ãšãã©ã®ããã¹ãã Wiresharkã® æ§ç¯ããŸã
次ã®ãã€ããã¥ãŒãã€ã³ã®ããŒã¿ã«äœ¿çšããã倪åãã©ã³ãã®åå
ã¡ã€ã³ããã¹ããã©ã³ãã®ååãããã±ãã詳现ãã€ã³ã§éžæããããã£ãŒã«ãã
-nãããã¯ãŒã¯ãªããžã§ã¯ãã®åå解決ïŒãã¹ãåãTCPãUDPããŒãåãªã©ïŒãç¡å¹ã«ããŸãã
-N ãã©ã°ããããäžæžãããå¯èœæ§ããããŸãã
-N
ç¹å®ã®ã¿ã€ãã®ã¢ãã¬ã¹ãšããŒãçªå·ã«å¯ŸããŠã®ã¿åå解決ããªã³ã«ããŸãã
ä»ã®ã¿ã€ãã®ã¢ãã¬ã¹ãšããŒãçªå·ã®åå解決ããªãã«ãªã£ãŠããŸãã ãã®æ
ãªãŒããŒã©ã€ã -n äž¡æ¹ã®å Žå -N & -n ååšããŠããŸãã äž¡æ¹ã®å Žå -N & -n ãã©ã°ã¯ååšããŸããã
ãã¹ãŠã®åå解決ããªã³ã«ãªã£ãŠããŸãã
åŒæ°ã¯ã次ã®æåãå«ãå¯èœæ§ã®ããæååã§ãã
m MACã¢ãã¬ã¹è§£æ±ºãæå¹ã«ãã
n ãããã¯ãŒã¯ã¢ãã¬ã¹ã®è§£æ±ºãæå¹ã«ãã
N ãããã¯ãŒã¯ã¢ãã¬ã¹è§£æ±ºã«å€éšãªãŸã«ããŒïŒDNSãªã©ïŒã䜿çšã§ããããã«ãã
t ãã©ã³ã¹ããŒãå±€ã®ããŒãçªå·ã®è§£æ±ºãæå¹ã«ãã
C åæïŒéåæïŒDNSã«ãã¯ã¢ãããæå¹ã«ãã
d ãã£ããã£ãããDNSãã±ããããã®è§£æ±ºãæå¹ã«ãã
-o
ããã©ã«ãå€ãšããèªã¿åãããå€ãäžæžãããŠãèšå®ãŸãã¯æè¿ã®å€ãèšå®ããŸã
èšå®/æè¿ã®ãã¡ã€ã«ã ãã©ã°ã®åŒæ°ã¯ã次ã®åœ¢åŒã®æååã§ãã
ãã¬ãããŒã :å€ããã§ã ãã¬ãããŒã èšå®/æè¿ã®å€ã®ååã§ãïŒããã¯
èšå®/æè¿ã®ãã¡ã€ã«ã«è¡šç€ºãããã®ãšåãååïŒãããã³ å€ å€ã§ã
èšå®ããå¿ èŠããããŸãã ä»¥æ¥ ãšãã«ãšã« 0.10.12ãæè¿ã®èšå®ã
以åã¯ãGUIãã£ã¡ã³ã·ã§ã³ãæäœããããã«-Bã-Pãããã³-Tãã©ã°ã䜿çšããŠããŸããã
If ãã¬ãããŒã ã¯ãuatãã§ããã䜿çšããŠãããŸããŸãªãŠãŒã¶ãŒã¢ã¯ã»ã¹ããŒãã«ã®èšå®ãäžæžãã§ããŸãã
ãã©ãŒã uat:é£ã¹ã ãã¡ã€ã«å:é£ã¹ã èšé². é£ã¹ã ãã¡ã€ã«å UATãã¡ã€ã«ã®ååã§ããå¿ èŠããããŸãã
ãã·ã³æ å ±ã®èšå ¥> ãšããæ§æã§ãªããã°ãªããŸãããäŸãã°ã user_dlts. uat_record ãã®ãã¡ã€ã«ã®æå¹ãªã¬ã³ãŒãã®åœ¢åŒã§ããå¿ èŠããããŸãã
åŒçšç¬Šãå«ã¿ãŸãã ããšãã°ãã³ãã³ãã©ã€ã³ãããŠãŒã¶ãŒDLTãæå®ããã«ã¯ã次ã®ããã«ããŸãã
䜿çšããã ãã
-o "uatïŒuser_dltsïŒ\" User 0ïŒDLT = 147ïŒ\ "ã\" cops \ "ã\" 0 \ "ã\" \ "ã\" 0 \ "ã\" \ ""
-p ããªãã§ãã ãã ã€ã³ã¿ãŒãã§ã€ã¹ãç¡å·®å¥ã¢ãŒãã«ããŸãã ã€ã³ã¿ãŒãã§ã€ã¹ãã«ããå¯èœæ§ãããããšã«æ³šæããŠãã ãã
ä»ã®çç±ã«ããç¡å·®å¥ã¢ãŒãã ãããã£ãŠã -p ã確èªããããã«äœ¿çšããããšã¯ã§ããŸãã
ãã£ããã£ããããã©ãã£ãã¯ã¯ããã·ã³ãšã®éã§éåä¿¡ããããã©ãã£ãã¯ã®ã¿ã§ãã
Wiresharkã® å®è¡äžããããŒããã£ã¹ããã©ãã£ãã¯ãããã³åä¿¡ããã¢ãã¬ã¹ãžã®ãã«ããã£ã¹ããã©ãã£ãã¯
ãã®ãã·ã³ã«ãã£ãŠã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã ã®æåã®çºçåã«äœ¿çšãããå Žå -i
ãªãã·ã§ã³ã®å Žåãã€ã³ã¿ãŒãã§ã€ã¹ã¯ç¡å·®å¥ã¢ãŒãã«ãªããŸããã åŸã«äœ¿çšããå Žå -i
ãªãã·ã§ã³ãæåŸã«æå®ãããã€ã³ã¿ãŒãã§ãŒã¹ -i ãã®ãªãã·ã§ã³ã®åã«çºçãããªãã·ã§ã³
ç¡å·®å¥ã¢ãŒãã«ã¯ãªããŸããã
-P
éåžžãç¹å¥ãªãã¹èšå®ã¯èªåçã«æ€åºãããŸãã ããã¯ç¹å¥ãªå Žåã«äœ¿çšãããŸãã
ããšãã°ãUSBã¹ãã£ãã¯ã®æ¢ç¥ã®å ŽæããWiresharkãèµ·åããŸãã
åºæºã¯æ¬¡ã®åœ¢åŒã§ã ããŒ:pathããã§ã ã㌠ã®äžã€ã§ãããŸãïŒ
persconf:path èšå®ãã¡ã€ã«ãªã©ã®å人çšæ§æãã¡ã€ã«ã®ãã¹ã
ããŒã¹ããŒã¿:path å人ããŒã¿ãã¡ã€ã«ã®ãã¹ãæåã«éãããã©ã«ãã§ãã åŸ
æåã®åæåã§ã¯ãæè¿ã®ãã¡ã€ã«ãæåŸã«äœ¿çšããããã©ã«ããä¿æããŸãã
-r
ãããã±ããããŒã¿ãèªã¿åã ãã¡ã€ã«å ããµããŒããããŠããä»»æã®ãã£ããã£ãã¡ã€ã«åœ¢åŒã«ããããšãã§ããŸãïŒ
gzipå§çž®ããããã¡ã€ã«ïŒã ããã§ååä»ããã€ããstdinã䜿çšããããšã¯ã§ããŸããïŒ ãããã£ããã£ããã«ã¯
ãã€ããŸãã¯stdin䜿çšãã -i -
-NS
ã§æå®ããããã£ããã£ãã¡ã€ã«ãèªã¿åãå Žå -r ãã©ã°ãæå®ããããã£ã«ã¿ãŒãçºçãããŸã
ïŒãã£ããã£ãã£ã«ã¿ãŒã®æ§æã§ã¯ãªãã衚瀺ãã£ã«ã¿ãŒã®æ§æã䜿çšããŸãïŒ
ãã£ããã£ãã¡ã€ã«ããèªã¿åããããã¹ãŠã®ãã±ããã«é©çšãããŸãã ãã£ã«ã¿ã«äžèŽããªããã±ããã¯
ç Žæ£ãããŸããã
-s
ã©ã€ãããŒã¿ããã£ããã£ãããšãã«äœ¿çšããããã©ã«ãã®ã¹ãããã·ã§ããã®é·ããèšå®ããŸãã ã«éããŸãã ã¹ãããã¬ã³
åãããã¯ãŒã¯ãã±ããã®ãã€ãã¯ãã¡ã¢ãªã«èªã¿èŸŒãŸãããããã£ã¹ã¯ã«ä¿åãããŸãã å€0
ã¹ãããã·ã§ããã®é·ãã65535ã«æå®ããŠããã±ããå šäœããã£ããã£ãããããã«ããŸãã ããã¯
ããã©ã«ãã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã ã®æåã®çºçåã«äœ¿çšãããå Žå -i
ãªãã·ã§ã³ã®å Žåãããã©ã«ãã®ã¹ãããã·ã§ããã®é·ããèšå®ããŸãã åŸã«äœ¿çšããå Žå -i ãªãã·ã§ã³ãããã¯èšå®ããŸã
æåŸã«æå®ãããã€ã³ã¿ãŒãã§ã€ã¹ã®ã¹ãããã·ã§ããã®é·ã -i åã«çºçãããªãã·ã§ã³
ãã®ãªãã·ã§ã³ã ã¹ãããã·ã§ããã®é·ããç¹ã«èšå®ãããŠããªãå Žåãããã©ã«ãã®ã¹ãããã·ã§ãã
æäŸãããŠããå Žåãé·ãã䜿çšãããŸãã
-Sãã±ãããçä¿¡ãããšããã±ãã衚瀺ãèªåçã«æŽæ°ããŸãã
-ta | ad | adoy | d | dd | e | r | u | ud | udoy
ãã±ãããªã¹ããŠã£ã³ããŠã«è¡šç€ºããããã±ããã¿ã€ã ã¹ã¿ã³ãã®åœ¢åŒãèšå®ããŸãã The
圢åŒã¯æ¬¡ã®ããããã«ãªããŸãã
a 絶察æéïŒã¿ã€ã ãŸãŒã³ã®çŸå°æéãšããŠã®çµ¶å¯Ÿæéã¯ãå®éã®æéã§ãã
ãã±ããããã£ããã£ãããæ¥ä»ã¯è¡šç€ºãããŸãã
ad 絶察æ¥ä»ä»ãïŒYYYY-MM-DDãšããŠè¡šç€ºããã絶察æ¥ä»ãããã³ããŒã«ã«ãšããŠè¡šç€ºãããæå»
ã¿ã€ã ãŸãŒã³å ã®æéã¯ããã±ããããã£ããã£ãããå®éã®æ¥æã§ãã
adoy 幎ã®æ¥ã䜿çšããæ¥ä»ä»ãã®çµ¶å¯Ÿæ¥ïŒYYYY / DOYãšããŠè¡šç€ºããã絶察æ¥ã
ã¿ã€ã ãŸãŒã³ã®çŸå°æéãšããŠã®æéã¯ããã±ããããã£ãå®éã®æ¥æã§ãã
ææãã
d ãã«ã¿ïŒãã«ã¿æéã¯ãåã®ãã±ããããã£ããã£ãããŠããã®æéã§ãã
dd delta_displayedïŒdelta_displayedæéã¯ãåå衚瀺ãããŠããã®æéã§ã
ãã±ããããã£ããã£ãããŸãã
e ãšããã¯ïŒãšããã¯ããã®ç§æ°ïŒ1幎1970æ00æ¥00:00:XNUMXïŒ
r çžå¯ŸïŒçžå¯Ÿæéã¯ãæåã®ãã±ãããš
çŸåšã®ãã±ãã
u UTCïŒUTCãšããŠã®çµ¶å¯Ÿæéã¯ããã±ããããã£ããã£ãããå®éã®æéã§ããã
衚瀺ãããæ¥ä»
ud UTCãšæ¥ä»ïŒYYYY-MM-DDãšããŠè¡šç€ºããã絶察æ¥ä»ãšãUTCãšããŠè¡šç€ºãããæå»ã¯
ãã±ããããã£ããã£ãããå®éã®æ¥æ
ãŠã〠æ¥ä»ã䜿çšããUTCïŒYYYY / DOYãšããŠè¡šç€ºããã絶察æ¥ä»ãããã³
UTCãšããŠã®æéã¯ããã±ããããã£ããã£ãããå®éã®æ¥æã§ãã
ããã©ã«ãã®åœ¢åŒã¯çžå¯Ÿåœ¢åŒã§ãã
-vããŒãžã§ã³ãåºåããŠçµäºããŸãã
-w
ããã©ã«ãã®ãã£ããã£ãã¡ã€ã«åãèšå®ããŸãã
-ãã
ã«æž¡ããªãã·ã§ã³ãæå®ããŸã Wiresharkã® ã¢ãžã¥ãŒã«ã eXtensionãªãã·ã§ã³ã¯
ãã©ãŒã æ¡åŒµããŒ:å€ããã§ã æ¡åŒµã㌠ããããšãã§ããŸãïŒ
lua_script:lua_script_ãã¡ã€ã«å äŒãã Wiresharkã® ã«å ããŠãæå®ãããã¹ã¯ãªãããããŒãããŸã
ããã©ã«ãã®Luaã¹ã¯ãªããã
lua_scriptNUM:åŒæ° äŒãã Wiresharkã® äžããããåŒæ°ãluaã¹ã¯ãªããã«æž¡ã
'lum'ã§èå¥ãããŸããããã¯ã 'lua_script'ã³ãã³ãã®ã€ã³ããã¯ã¹ä»ããããé åºã§ãã
ããšãã°ãã-X lua_scriptïŒmy.luaãã䜿çšããŠããŒããããã¹ã¯ãªãããXNUMXã€ã ãã®å Žåãã-Xã
lua_script1ïŒfoo 'ã¯ãæåå' foo 'ã' my.lua 'ã¹ã¯ãªããã«æž¡ããŸãã XNUMXã€ã®ã¹ã¯ãªããã®å Žå
'-X lua_scriptïŒmy.lua'ã '-X lua_scriptïŒother.lua'ãªã©ãèªã¿èŸŒãŸããŸãã
é åºã«ãããšãã-X lua_script2ïŒbarãã¯æååãbarããXNUMXçªç®ã®luaã«æž¡ããŸã
ã¹ã¯ãªãããã€ãŸããother.luaãã
èªã¿åã圢åŒ:ãã¡ã€ã«åœ¢åŒ äŒãã Wiresharkã® æå®ããããã¡ã€ã«åœ¢åŒã䜿çšããŠã
ãã¡ã€ã«ïŒã§äžãããããã¡ã€ã« -r ã³ãã³ããªãã·ã§ã³ïŒã
stdin_descr:説æ äŒãã Wiresharkã® ãã£ããã£ãããšãã«æå®ããã説æã䜿çšãã
æšæºå ¥åããïŒ-i -).
-y
ãã£ããã£ãã³ãã³ãã©ã€ã³ããéå§ãããå Žå -kã䜿çšããããŒã¿ãªã³ã¯ã¿ã€ããèšå®ããŸã
ãã±ããã®ãã£ããã£äžã ã«ãã£ãŠå ±åãããå€ -L 䜿çšã§ããå€ã§ãã
ãã®ãªãã·ã§ã³ã¯è€æ°åçºçããå¯èœæ§ããããŸãã ã®æåã®çºçåã«äœ¿çšãããå Žå -i
ãªãã·ã§ã³ã®å Žåãããã©ã«ãã®ãã£ããã£ãªã³ã¯ã¿ã€ããèšå®ããŸãã åŸã«äœ¿çšããå Žå -i ãªãã·ã§ã³ãããã¯èšå®ããŸã
æåŸã«æå®ãããã€ã³ã¿ãŒãã§ã€ã¹ã®ãã£ããã£ãªã³ã¯ã¿ã€ã -i ãªãã·ã§ã³ãçºçããŸã
ãã®ãªãã·ã§ã³ã®åã ãã£ããã£ãªã³ã¯ã¿ã€ããç¹ã«èšå®ãããŠããªãå Žåãããã©ã«ã
æäŸãããŠããå Žåã¯ããã£ããã£ãªã³ã¯ã¿ã€ãã䜿çšãããŸãã
-Y
äžãããã衚瀺ãã£ã«ã¿ãŒããå§ããŸãã
-z
å ¥æ Wiresharkã® ããŸããŸãªã¿ã€ãã®çµ±èšãåéããçµæã
åãªã¢ã«ã¿ã€ã ã§æŽæ°ããããŠã£ã³ããŠã
çŸåšå®è£ ãããŠããçµ±èšã¯æ¬¡ã®ãšããã§ãã
-z å©ããŸã
ã®å¯èœãªãã¹ãŠã®å€ã衚瀺ããŸã -z.
-z afpãsrt [ãfilter ]
Apple FilingProtocolãµãŒãã¹ã®å¿çæéã®çµ±èšã衚瀺ããŸãã
-z convãtype[,filter ]
ãã£ããã£ã§è¡šç€ºãããå¯èœæ§ã®ãããã¹ãŠã®äŒè©±ãäžèŠ§è¡šç€ºããããŒãã«ãäœæããŸãã
type çæããäŒè©±ãšã³ããã€ã³ãã¿ã€ããæå®ããŸã
çµ±èšåŠ; çŸåšãµããŒããããŠãããã®ã¯æ¬¡ã®ãšããã§ãã
ãethãã€ãŒãµãããã¢ãã¬ã¹
ãfcããã¡ã€ããã£ãã«ã¢ãã¬ã¹
ãfddiãFDDIã¢ãã¬ã¹
ãipãIPv4ã¢ãã¬ã¹
ãipv6ãIPv6ã¢ãã¬ã¹
ãipxãIPXã¢ãã¬ã¹
ãtcpãTCP / IPãœã±ãããã¢IPv4ãšIPv6ã®äž¡æ¹ããµããŒããããŠããŸã
ãtrãããŒã¯ã³ãªã³ã°ã¢ãã¬ã¹
ãudpãUDP / IPãœã±ãããã¢IPv4ãšIPv6ã®äž¡æ¹ããµããŒããããŠããŸã
ãªãã·ã§ã³ã® filter ãæå®ãããŠããå Žåããã£ã«ã¿ãŒã«äžèŽãããã±ããã®ã¿ã
èšç®ã«äœ¿çšãããŸãã
ããŒãã«ã«ã¯ãäŒè©±ããšã«XNUMXè¡ã衚瀺ãããçªå·ã衚瀺ãããŸã
åæ¹åã®ãã±ãã/ãã€ãã®æ°ãããã³ãã±ãã/ãã€ãã®ç·æ°ã
ããã©ã«ãã§ã¯ãããŒãã«ã¯ãã±ããã®ç·æ°ã«åŸã£ãŠãœãŒããããŸãã
ãããã®ããŒãã«ã¯ãé©åãªãã®ãéžæããããšã«ãããå®è¡æã«çæããããšãã§ããŸãã
ã¡ãã¥ãŒãããŒã«/çµ±èš/äŒè©±ãªã¹ã/ãããã®äŒè©±ã¿ã€ãã
-z dcerpcãsrtãååãŸã㯠UUID,äž»èŠãª.ãã€ããŒ[,filter ]
DCERPCã€ã³ã¿ãŒãã§ã€ã¹ã®ã³ãŒã«/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸã å or
ãŠã€ãã ããŒãžã§ã³ äž»èŠãª.ãã€ããŒã åéãããããŒã¿ã¯ãããããã®åŒã³åºãã®æ°ã§ã
æé ãMinSRTãMaxSRTããã³AvgSRTã ã€ã³ã¿ãŒãã§ãŒã¹ å & ãŠã€ã ã±ãŒã¹ã§ã-
éæã
äŸïŒ -z dcerpc,srt,12345778-1234-abcd-ef00-0123456789ac,1.0 ããŒã¿ãåéããŸã
CIFSSAMRã€ã³ã¿ãŒãã§ã€ã¹çšã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z dcerpc,srt,12345778-1234-abcd-ef00-0123456789ac,1.0,ip.addr==1.2.3.4
ç¹å®ã®ãã¹ãã®SAMRSRTçµ±èšãåéããŸãã
-z bootpãstat [ãfilter ]
DHCPïŒBOOTPïŒçµ±èšã衚瀺ããŸãã
-z ãšãã¹ããŒã
å°é家ã®æ å ±ã衚瀺ããŸãã
-z fcãsrt [ãfilter ]
FCã®ã³ãŒã«/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã åéãããããŒã¿ã¯
åãã¡ã€ããŒãã£ãã«ã³ãã³ããMinSRTãMaxSRTãããã³AvgSRTã®åŒã³åºãæ°ã
äŸïŒ -z fcãsrt ãµãŒãã¹å¿çæéãæéãã«ã¿ãšããŠèšç®ããŸã
亀æã®æåã®ãã±ãããšäº€æã®æåŸã®ãã±ããã®éã
ããŒã¿ã¯ããã¹ãŠã®éåžžã®FCã³ãã³ãã«å¯ŸããŠåå¥ã®ããŒãã«ãšããŠè¡šç€ºãããŸãã
ãã£ããã£ã«è¡šç€ºãããã³ãã³ãã«ã¯ãçµ±èšã衚瀺ãããŸãã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "fcãsrtãfc.id == 01.02.03" FCãã±ããã®çµ±èšã®ã¿ãåéããŸã
FCã¢ãã¬ã¹01.02.03ã®ãã¹ãã«ãã£ãŠäº€æãããŸãã
-z h225ãcounter [ããã£ã«ã¿ãŒ]
ITU-TH.225ã¡ãã»ãŒãžãšãã®çç±ãæ°ããŸãã æåã®åã«ãªã¹ãã衚瀺ãããŸã
çŸåšã®ãã£ããã£ã§çºçããH.225ã¡ãã»ãŒãžãšH.225ã¡ãã»ãŒãžã®çç±ã®
ãã¡ã€ã«ã åã¡ãã»ãŒãžãŸãã¯çç±ã®çºçæ°ã¯ã
XNUMXçªç®ã®åã
äŸïŒ -z h225ãã«ãŠã³ã¿ãŒ
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "h225ãcounterãip.addr == 1.2.3.4" H.225ã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹1.2.3.4ã§ãã¹ãã«ãã£ãŠäº€æããããã±ããã
-z h225ãsrt [ããã£ã«ã¿ãŒ]
ITU-T H.225 RASã®èŠæ±/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã
åéãããããŒã¿ã¯ãåITU-T H.225RASã¡ãã»ãŒãžã¿ã€ãã®åŒã³åºãæ°ã§ãã
æå°SRTãæ倧SRTãå¹³åSRTãæå°ãã±ããæ°ãããã³æ倧ãã±ããæ°ã
æªåŠçã®ãªã¯ãšã¹ãïŒæªå¿çã®ãªã¯ãšã¹ãïŒã®æ°ãååŸãããç Žæ£ãããŸã
å¿çïŒäžèŽããèŠæ±ã®ãªãå¿çïŒãšéè€ã¡ãã»ãŒãžã
äŸïŒ -z h225ãsrt
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "h225ãsrtãip.addr == 1.2.3.4" ITU-TH.225ã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹1.2.3.4ã§ãã¹ãã«ãã£ãŠäº€æãããRASãã±ããã
-z ioãstat
1ç§ééã§ãã£ããã£ã®ãã±ãã/ãã€ãçµ±èšãåéããŸãã ãã®
ãªãã·ã§ã³ã¯ãæ倧5ã€ã®è²åããããã°ã©ããå«ããŠã£ã³ããŠãéããŸãã
XNUMXç§ããããŸãã¯XNUMXç§ãããã®ãã€ãæ°ã®çµ±èšãèšç®ããŠã
衚瀺ãããŸãã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãã®ã°ã©ããŠã£ã³ããŠã¯ãAnalyzeïŒStatisticsïŒTrafficïŒIO-Statãããéãããšãã§ããŸãã
ã¡ãã¥ãŒé ç®ã
-z ldapãsrt [ãfilter ]
LDAPã®åŒã³åºã/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã åéãããããŒã¿ã¯
å®è£ ãããåLDAPã³ãã³ããMinSRTãMaxSRTãããã³AvgSRTã®åŒã³åºãæ°ã
äŸïŒ -z ldapãsrt ãµãŒãã¹å¿çæéãæéãã«ã¿ãšããŠèšç®ããŸã
ãªã¯ãšã¹ããšã¬ã¹ãã³ã¹ã®éã
ããŒã¿ã¯ãå®è£ ãããŠãããã¹ãŠã®LDAPã³ãã³ãã«å¯ŸããŠåå¥ã®ããŒãã«ãšããŠè¡šç€ºãããŸãã
ãã£ããã£ã«è¡šç€ºãããã³ãã³ãã®ã¿ã«çµ±èšã衚瀺ãããŸãã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸ: äœ¿çš -z "ldapãsrtãip.addr == 10.1.1.1" LDAPã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹10.1.1.1ã§ãã¹ãã«ãã£ãŠäº€æããããã±ããã
çŸåšå®è£ ãããŠãããçµ±èšæ å ±ã衚瀺ãããå¯äžã®LDAPã³ãã³ã
å©çšã§ããã®ã¯æ¬¡ã®ãšããã§ããBINDSEARCHMODIFYADD DELETE MODRDN COMPARE EXTENDED
-z megacoãsrt [ããã£ã«ã¿ãŒ]
MEGACOã®èŠæ±/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã ïŒããã¯
ã«äŒŒãŠ -z smbãsrtïŒã åéãããããŒã¿ã¯ãæ¢ç¥ã®ååŒã³åºãã®æ°ã§ãã
MEGACOã³ãã³ããæå°SRTãæ倧SRTãå¹³åSRTã
äŸïŒ -z megacoãsrt
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "megacoãsrtãip.addr == 1.2.3.4" MEGACOã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹1.2.3.4ã§ãã¹ãã«ãã£ãŠäº€æããããã±ããã
-z mgcpãsrt [ããã£ã«ã¿ãŒ]
MGCPã®èŠæ±/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã ïŒããã¯
ã«äŒŒãŠ -z smbãsrtïŒã åéãããããŒã¿ã¯ãæ¢ç¥ã®åMGCPã®ã³ãŒã«æ°ã§ãã
ã¿ã€ããæå°SRTãæ倧SRTãå¹³åSRTã
äŸïŒ -z mgcpãsrt
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "mgcpãsrtãip.addr == 1.2.3.4" MGCPãã±ããã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹1.2.3.4ã§ãã¹ãã«ãã£ãŠäº€æãããŸãã
-z mtp3ãmsus [ã ]
MTP3MSUçµ±èšã衚瀺ããŸãã
-z ãã«ããã£ã¹ããçµ±èš[ã ]
UDPãã«ããã£ã¹ãã¹ããªãŒã çµ±èšã衚瀺ããŸãã
-z rpcãprograms
æ¢ç¥ã®ãã¹ãŠã®ONC-RPCããã°ã©ã /ããŒãžã§ã³ã®åŒã³åºã/å¿çSRTããŒã¿ãåéããŸãã ããŒã¿
åéãããã®ã¯ãåãããã³ã«/ããŒãžã§ã³ãMinSRTãMaxSRTãããã³
AvgSRTã
-z rpcãsrtãååãŸãã¯çªå·,ããŒãžã§ã³[ã ]
ããã°ã©ã ã®ã³ãŒã«/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸã å/ããŒãžã§ã³ or
æ°/ããŒãžã§ã³ã åéãããããŒã¿ã¯ãåããã·ãŒãžã£ã®åŒã³åºãæ°ãMinSRTã
MaxSRTããã³AvgSRTã ããã°ã©ã å 倧æåãšå°æåã¯åºå¥ãããŸããã
äŸïŒ -z rpcãsrtã100003,3 NFSv3ã®ããŒã¿ãåéããŸãã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z rpcãsrtãnfsã3ãnfs.fh.hash == 0x12345678 NFS v3SRTãåéããŸã
ç¹å®ã®ãã¡ã€ã«ã®çµ±èšã
-z scsiãsrtãã³ãã³ãã»ãã[ã ]
SCSIã³ãã³ãã»ããã®ã³ãŒã«/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã
ã³ãã³ãã»ããã¯0ïŒSBC 1ïŒSSC 5ïŒMMCã§ãã
åéãããããŒã¿ã¯ãåããã·ãŒãžã£ãMinSRTãMaxSRTãããã³
AvgSRTã
äŸïŒ -z scsiãsrtã0 SCSI BLOCK COMMANDSïŒSBCïŒã®ããŒã¿ãåéããŸãã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z scsiãsrtã0ãip.addr == 1.2.3.4 ã®SCSISBCSRTçµ±èšãåéããŸã
ç¹å®ã®iscsi / ifcp / fcipãã¹ãã
-z sipãstat [ããã£ã«ã¿ãŒ]
ãã®ãªãã·ã§ã³ã¯ãSIPã¡ãã»ãŒãžã®ã«ãŠã³ã¿ãŒãã¢ã¯ãã£ãã«ããŸãã ããªãã¯ã®æ°ãååŸããŸã
åSIPã¡ãœããããã³åSIPã¹ããŒã¿ã¹ã³ãŒãã®çºçã ããã«ããªãã
åéä¿¡ãããSIPã¡ãã»ãŒãžã®æ°ãååŸããŸãïŒSIP over UDPã®å Žåã®ã¿ïŒã
äŸïŒ -z sipãstat
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "sipãstatãip.addr == 1.2.3.4" SIPãã±ããã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹1.2.3.4ã§ãã¹ãã«ãã£ãŠäº€æãããŸãã
-z smbãsrt [ãfilter ]
SMBã®ã³ãŒã«/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã åéãããããŒã¿ã¯
åSMBã³ãã³ããMinSRTãMaxSRTãããã³AvgSRTã®åŒã³åºãæ°ã
äŸïŒ -z smbãsrt
ããŒã¿ã¯ããã¹ãŠã®éåžžã®SMBã³ãã³ãã®åå¥ã®ããŒãã«ãšããŠè¡šç€ºãããŸãã
Transaction2ã³ãã³ããšãã¹ãŠã®NTãã©ã³ã¶ã¯ã·ã§ã³ã³ãã³ãã ãã®ã³ãã³ãã®ã¿
ãã£ããã£ã«è¡šç€ºããããšãçµ±èšã衚瀺ãããŸãã æåã®ã³ãã³ãã®ã¿
xAndXã³ãã³ããã§ãŒã³ã§èšç®ã«äœ¿çšãããŸãã ã ããäžè¬çãª
SessionSetupAndX + TreeConnectAndXãã§ãŒã³ãSessionSetupAndXåŒã³åºãã®ã¿ã
çµ±èšã§äœ¿çšãããŸãã ããã¯ãå°æ¥ä¿®æ£ãããå¯èœæ§ã®ããæ¬ é¥ã§ãã
ãã®ãªãã·ã§ã³ã¯ãã³ãã³ãã©ã€ã³ã§è€æ°å䜿çšã§ããŸãã
ãªãã·ã§ã³ã® filter ãæäŸãããŠããå Žåãçµ±èšã¯ãããã«ã€ããŠã®ã¿èšç®ãããŸã
ãã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã
äŸïŒ -z "smbãsrtãip.addr == 1.2.3.4" SMBãã±ããã®çµ±èšã®ã¿ãåéããŸã
IPã¢ãã¬ã¹1.2.3.4ã§ãã¹ãã«ãã£ãŠäº€æãããŸãã
-z VoIPãé話
ãã®ãªãã·ã§ã³ã¯ããã£ããã£ãã¡ã€ã«ã§èŠã€ãã£ãVoIPé話ã衚瀺ãããŠã£ã³ããŠã衚瀺ããŸãã
ããã¯ãçµ±èšã¡ãã¥ãŒã«ç§»åããŠéžæãããšããšåããŠã£ã³ããŠã§ãã
VoIPé話ã
äŸïŒ -z VoIPãé話
-z wlanãstat [ã ]
IEEE802.11ãããã¯ãŒã¯ãšã¹ããŒã·ã§ã³ã®çµ±èšã衚瀺ããŸãã
-z wspãstat [ã ]
WSPãã±ããã«ãŠã³ã¿ãŒã衚瀺ããŸãã
--disable-protocol
proto_nameã®åæãç¡å¹ã«ããŸãã
--enable-ãã¥ãŒãªã¹ãã£ãã¯
ãã¥ãŒãªã¹ãã£ãã¯ãããã³ã«ã®åæãæå¹ã«ããŸãã
--disable-ãã¥ãŒãªã¹ãã£ãã¯
ãã¥ãŒãªã¹ãã£ãã¯ãããã³ã«ã®åæãç¡å¹ã«ããŸãã
INTERFACE
ã¡ãã¥ãŒ ITEMS
ãã¡ã€ã«ïŒéã
ãã¡ã€ã«ïŒæè¿éã
ãã¡ã€ã«ïŒããŒãž
å¥ã®ãã£ããã£ãã¡ã€ã«ãçŸåšããŒããããŠãããã¡ã€ã«ã«ããŒãžããŸãã The ãã¡ã€ã«ïŒããŒãž ãã€ã¢ãã°ããã¯ã¹
ãã§ã«ãããã®ãšæ¯èŒããŠããPrependedãããChronologicallyãããŸãã¯ãAppendedãã®ããŒãžãèš±å¯ããŸã
XNUMXã€ãããŒãããŸããã
ãã¡ã€ã«ïŒéãã
ãã£ããã£ãã¡ã€ã«ãéããéããŸãã The ãã¡ã€ã«ïŒéã ãã€ã¢ãã°ããã¯ã¹ã䜿çšãããšããã£ã«ã¿ã䜿çšã§ããŸã
æå®; ãã£ããã£ãã¡ã€ã«ãèªã¿åããããšãèªã¿åããããã¹ãŠã®ãã±ããã«ãã£ã«ã¿ãé©çšãããŸã
ãã¡ã€ã«ããããã£ã«ã¿ãŒã«äžèŽããªããã±ããã¯ç Žæ£ãããŸãã The ãã¡ã€ã«ïŒéã
æè¿ã® ã¯ãµãã¡ãã¥ãŒã§ã以åã«éãããã¡ã€ã«ã®ãªã¹ãã衚瀺ãããŸãã
ãã¡ã€ã«ïŒä¿å
ãã¡ã€ã«ïŒååãä»ããŠä¿å
çŸåšã®ãã£ããã£ããŸãã¯ãã®ãã£ããã£ããçŸåšè¡šç€ºãããŠãããã±ãããã«ä¿åããŸãã
ãã¡ã€ã«ã ãã§ãã¯ããã¯ã¹ã䜿çšãããšããã¹ãŠã®ãã±ãããä¿åãããã
çŸåšã®è¡šç€ºãã£ã«ã¿ãŒããã³/ãŸãã¯çŸåšããŒã¯ãããŠãããã®ãééãã
ãªãã·ã§ã³ã¡ãã¥ãŒã§ã¯ãïŒç¹ã«ãã¡ã€ã«åœ¢åŒã®ãªã¹ãããïŒãéžæã§ããŸã
ãã£ããã£ããŸãã¯ãã®ãã£ããã£ããçŸåšè¡šç€ºãããŠãããã±ãããä¿åã§ããŸãïŒããã¡ã€ã«
ä¿åãã圢åŒã
ãã¡ã€ã«ïŒãã¡ã€ã«ã»ããïŒãªã¹ããã¡ã€ã«
çŸåšããŒããããŠãããã¡ã€ã«ã»ããã®ãã¹ãŠã®ãã¡ã€ã«ãäžèŠ§è¡šç€ºãããã€ã¢ãã°ããã¯ã¹ã衚瀺ããŸã
ãã¡ã€ã«ã ãã¡ã€ã«ã»ããã¯ããè€æ°ãã䜿çšãããã£ããã£ããåŸããããã¡ã€ã«ã®è€åã§ãã
ãã¡ã€ã«ã/ããªã³ã°ãããã¡ãã¢ãŒãããã¡ã€ã«åã®ãã¿ãŒã³ã§èªèã§ããŸããäŸïŒ
Filename_00001_20050604101530.pcapã
ãã¡ã€ã«ïŒãã¡ã€ã«ã»ããïŒæ¬¡ã®ãã¡ã€ã«
ãã¡ã€ã«ïŒãã¡ã€ã«ã»ããïŒåã®ãã¡ã€ã«
çŸåšããŒããããŠãããã¡ã€ã«ããã¡ã€ã«ã»ããã®äžéšã§ããå ŽåïŒäžèšãåç §ïŒã次ã®/ãéããŸã
ãã®ã»ããã®åã®ãã¡ã€ã«ã
ãã¡ã€ã«ïŒãšã¯ã¹ããŒã
ãã£ããã£ããããŒã¿ãå€éšåœ¢åŒã«ãšã¯ã¹ããŒãããŸãã 泚ïŒããŒã¿ãã€ã³ããŒãããŠæ»ãããšã¯ã§ããŸãã
Wiresharkã«ä¿åããããããã£ããã£ãã¡ã€ã«ãå¿ ãä¿æããŠãã ããã
ãã¡ã€ã«ïŒå°å·
çŸåšã®ãã£ããã£ãããã±ããããŒã¿ãå°å·ããŸãã ãã±ããã®ç¯å²ãéžæã§ããŸã
å°å·ïŒã©ã®ãã±ãããå°å·ããããïŒãããã³åãã±ããã®åºå圢åŒïŒããããã®æ¹æ³
ãã±ãããå°å·ãããŸãïŒã åºå圢åŒã¯è¡šç€ºãããå€ãšåæ§ã«ãªãããã
èŠçŽè¡ããã±ãã詳现ãã¥ãŒãããã³/ãŸãã¯ãã±ããã®XNUMXé²ãã³ãã¯æ¬¡ã®ããã«ãªããŸãã
å°å·ãããŸãã
å°å·ãªãã·ã§ã³ã¯ã ç·šéïŒèšå® ã¡ãã¥ãŒé ç®ããŸãã¯ãã€ã¢ãã°ããã¯ã¹
ãã®ã¡ãã¥ãŒé ç®ã«ãã£ãŠãããã¢ãã衚瀺ãããŸãã
ãã¡ã€ã«ïŒçµäº
ã¢ããªã±ãŒã·ã§ã³ãçµäºããŸãã
ç·šéïŒã³ããŒïŒèª¬æ
ãããã³ã«ããªãŒã§éžæãããã£ãŒã«ãã®èª¬æãã¯ãªããããŒãã«ã³ããŒããŸãã
ç·šéïŒã³ããŒïŒãã£ãŒã«ãå
ãããã³ã«ããªãŒã§éžæãããã£ãŒã«ãã®ãã£ãŒã«ãåãã¯ãªããããŒãã«ã³ããŒããŸãã
ç·šéïŒã³ããŒïŒå€
ãããã³ã«ããªãŒã§éžæãããã£ãŒã«ãã®å€ãã¯ãªããããŒãã«ã³ããŒããŸãã
ç·šéïŒã³ããŒïŒãã£ã«ã¿ãŒãšããŠ
ãã±ããã®è©³çŽ°ã§çŸåšåŒ·èª¿è¡šç€ºãããŠããããŒã¿ã«åºã¥ããŠè¡šç€ºãã£ã«ã¿ãŒãäœæããŸã
ãã®ãã£ã«ã¿ãŒãã¯ãªããããŒãã«ã³ããŒããŸãã
ãã®ããŒã¿ã衚瀺ãã£ã«ã¿ãŒåŒã§ãã¹ãã§ãããã£ãŒã«ãã§ããå Žåã
ãã£ã«ã¿ã¯ãã®ãã£ãŒã«ãããã¹ãããŸãã ãã以å€ã®å Žåã衚瀺ãã£ã«ã¿ãŒã¯
ãã±ããå ã®çµ¶å¯Ÿãªãã»ããã ãããã£ãŠããã±ãããä¿¡é Œã§ããªãå¯èœæ§ããããŸã
ãœãŒã¹ã«ãŒãã£ã³ã°ãããããŒã¯ã³ãªã³ã°ãªã©ãå¯å€é·ã®ããããŒãæã€ãããã³ã«ãå«ãŸããŠããŸã
ãã±ããã
ç·šéïŒãã±ããã®æ€çŽ¢
çŸåšéžæãããŠãããã±ããïŒãŸãã¯æãå€ãã®ãã±ããïŒããå§ããŠãåæ¹ãŸãã¯åŸæ¹ã«æ€çŽ¢ããŸã
ãã±ãããéžæãããŠããªãå Žåã¯ãæè¿éžæããããã±ããïŒã æ€çŽ¢æ¡ä»¶ã¯è¡šç€ºããããšãã§ããŸã
ãã£ã«ã¿åŒãXNUMXé²æ°ã®æååããŸãã¯ããã¹ãæååã
ããã¹ãæååãæ€çŽ¢ããå Žåã¯ããã±ããããŒã¿ãæ€çŽ¢ããããæ€çŽ¢ããããšãã§ããŸã
ãã±ãããªã¹ããã€ã³ãŸãã¯ãã±ãã詳现ãã€ã³ã®æ å ±åã®ããã¹ãã
XNUMXé²æ°ã¯ãã³ãã³ãããªãªãããŸãã¯ããã·ã¥ã§åºåãããšãã§ããŸãã ããã¹ãæåå
æ€çŽ¢ã¯ASCIIãŸãã¯UnicodeïŒãããã¯ãã®äž¡æ¹ïŒã«ããããšãã§ãã倧æåãšå°æåãåºå¥ããªãå ŽåããããŸãã
ç·šéïŒæ¬¡ãæ€çŽ¢
ç·šéïŒåãæ€çŽ¢
åã®æ€çŽ¢ããã®ãã£ã«ã¿ãŒã«äžèŽãããã±ãããåæ¹/åŸæ¹ã«æ€çŽ¢ãã
çŸåšéžæãããŠãããã±ããïŒãŸãã¯ãæåŸã«éžæããããã±ããã®å Žåã¯æåŸã«éžæããããã±ããïŒããéå§ããŸã
ãã±ããã¯éžæãããŠããŸããïŒã
ç·šéïŒãã±ããã®ããŒã¯ïŒãã°ã«ïŒ
éžæãããã±ããã«ããŒã¯ãä»ããŸãïŒãŸãã¯çŸåšããŒã¯ãããŠããå Žåã¯ããŒã¯ãå€ããŸãïŒã ãã£ãŒã«ããframe.markedãã¯
ããŒã¯ããããã±ããã«èšå®ãããããšãã°ã衚瀺ãã£ã«ã¿ã䜿çšã§ããããã«ãªããŸã
ããŒã¯ããããã±ããã®ã¿ã衚瀺ãã[ç·šéïŒãã±ããã®æ€çŽ¢]ãã€ã¢ãã°ã䜿çšã§ããããã«ããŸã
次ãŸãã¯åã®ããŒã¯ããããã±ãããæ€çŽ¢ããŸãã
ç·šéïŒæ¬¡ã®ããŒã¯ãæ¢ã
ç·šéïŒåã®ããŒã¯ãæ¢ã
次/åã®ããŒã¯ããããã±ãããæ€çŽ¢ããŸãã
ç·šéïŒãã¹ãŠã®ãã±ããã«ããŒã¯ãä»ãã
ç·šéïŒãã¹ãŠã®ãã±ããã®ããŒã¯ãå€ã
çŸåšè¡šç€ºãããŠãããã¹ãŠã®ãã±ãããããŒã¯/ããŒã¯è§£é€ããŸãã
ç·šéïŒæéåç §ïŒæéåç §ã®èšå®ïŒãã°ã«ïŒ
éžæãããã±ãããæéåç §ãã±ãããšããŠèšå®ïŒãŸãã¯çŸåšèšå®ãããŠããå Žåã¯æªèšå®ïŒããŸãã ãã€
ãã±ããã¯æéåç §ãã±ãããšããŠèšå®ããããã±ãããªã¹ããã€ã³ã®ã¿ã€ã ã¹ã¿ã³ã
æååã* REF *ãã«çœ®ãæããããŸãã åŸã§ã®çžå¯Ÿæéã¿ã€ã ã¹ã¿ã³ã
ãã±ããã¯ããã®ã¿ã€ã ãªãã¡ã¬ã³ã¹ã®ã¿ã€ã ã¹ã¿ã³ãã«é¢é£ããŠèšç®ãããŸã
ãã±ããã§ããããã£ããã£ã®æåã®ãã±ããã§ã¯ãããŸããã
æéåç §ãã±ãããšããŠéžæããããã±ããã¯ãåžžã«
ãã±ãããªã¹ããã€ã³ã 衚瀺ãã£ã«ã¿ãŒã¯ããããã®ãã±ããã«åœ±é¿ãäžãããé衚瀺ã«ãããããããšã¯ãããŸããã
ã环ç©ãã€ãæ°ãã®åã衚瀺ãããŠããå Žåããã®ã«ãŠã³ã¿ãŒã¯æ¬¡ã®å Žæã§ãªã»ãããããŸãã
ãã¹ãŠã®æéåç §ãã±ããã
ç·šéïŒæéåç §ïŒæ¬¡ãæ€çŽ¢
ç·šéïŒæéåç §ïŒåãæ€çŽ¢
æéåç §ãã±ãããåæ¹/åŸæ¹ã«æ€çŽ¢ããŸãã
ç·šéïŒæ§æãããã¡ã€ã«
æ§æãããã¡ã€ã«ã管çããŠãè€æ°ã®ããªãã¡ã¬ã³ã¹ã®ã»ããã䜿çšã§ããããã«ããŸãã
æ§æã
ç·šéïŒèšå®
GUIããã£ããã£ãå°å·ãããã³ãããã³ã«ãªãã·ã§ã³ãèšå®ããŸãïŒä»¥äžã®ãèšå®ããã€ã¢ãã°ãåç §ïŒã
衚瀺ïŒã¡ã€ã³ããŒã«ããŒ
衚瀺ïŒãã£ã«ã¿ãŒããŒã«ããŒ
衚瀺ïŒã¹ããŒã¿ã¹ããŒ
ã¡ã€ã³ãŠã£ã³ããŠã³ã³ãããŒã«ã衚瀺ãŸãã¯é衚瀺ã«ããŸãã
衚瀺ïŒãã±ãããªã¹ã
衚瀺ïŒãã±ããã®è©³çŽ°
ãã¥ãŒïŒãã±ãããã€ã
ã¡ã€ã³ãŠã£ã³ããŠãã€ã³ã衚瀺ãŸãã¯é衚瀺ã«ããŸãã
ãã¥ãŒïŒæé衚瀺圢åŒ
ãã±ãããªã¹ããŠã£ã³ããŠã«è¡šç€ºããããã±ããã¿ã€ã ã¹ã¿ã³ãã®åœ¢åŒãèšå®ããŸãã
ãã¥ãŒïŒåå解決ïŒååã解決
çŸåšéžæãããŠããã¢ã€ãã ã®ååã解決ããŠã¿ãŠãã ããã
ãã¥ãŒïŒåå解決ïŒ...ã¬ã€ã€ãŒãæå¹ã«ãã
ãã£ã¹ãã¬ã€å ã®ååãžã®ã¢ãã¬ã¹ã®å€æãæå¹ãŸãã¯ç¡å¹ã«ããŸãã
衚瀺ïŒãã±ãããªã¹ãã®è²ä»ã
çè²èŠåãæå¹ãŸãã¯ç¡å¹ã«ããŸãã ç¡å¹ã«ãããšããã©ãŒãã³ã¹ãåäžããŸãã
衚瀺ïŒã©ã€ããã£ããã£ã®èªåã¹ã¯ããŒã«
ã©ã€ããã£ããã£ãè¡ãããŠããéããã±ãããªã¹ãã®èªåã¹ã¯ããŒã«ãæå¹ãŸãã¯ç¡å¹ã«ããŸã
é²è¡äžã
衚瀺ïŒãºãŒã ã€ã³
衚瀺ïŒãºãŒã ã¢ãŠã
ã¡ã€ã³ãŠã£ã³ããŠããŒã¿ããºãŒã ã€ã³/ãºãŒã ã¢ãŠãããŸãïŒãã©ã³ããµã€ãºãå€æŽããŸãïŒã
ãã¥ãŒïŒéåžžãµã€ãº
ãºãŒã ã€ã³/ãºãŒã ã¢ãŠãã®ãºãŒã ã€ã³ä¿æ°ãéåžžã®ãã©ã³ããµã€ãºã«ãªã»ããããŸãã
衚瀺ïŒãã¹ãŠã®åã®ãµã€ãºãå€æŽ
çŸåšã®ãã±ãã衚瀺ã«æãåãããã«ãã¹ãŠã®åã®ãµã€ãºãå€æŽããŸãã
衚瀺ïŒãµãããªãŒã®å±é/æãããã¿
çŸåšéžæãããŠããã¢ã€ãã ãšãã®ãµãããªãŒããã±ããå ã§å±é/æãããã¿ãŸã
詳现ã
衚瀺ïŒãã¹ãŠå±é
衚瀺ïŒãã¹ãŠæãããã
ãã±ãã詳现ã®ãã¹ãŠã®ãã©ã³ããå±é/æãããã¿ãŸãã
衚瀺ïŒäŒè©±ã®è²ä»ã
äŒè©±ã®è²ãéžæããŸãã
衚瀺ïŒã«ã©ãŒãªã³ã°ã®ãªã»ãã1-10
äŒè©±ã®è²ããªã»ããããŸãã
ãã¥ãŒïŒã¬ããã«ãŒã«
次ã®ãªã¹ãã®ãã±ããæ å ±ã®åæ¯è²ãšèæ¯è²ãå€æŽããŸãã
衚瀺ãã£ã«ã¿ãŒã«åºã¥ããã±ããã 衚瀺ãã£ã«ã¿ãŒã®ãªã¹ãã¯ããããã«é©çšãããŸã
ãã±ãããé çªã«ã æåã®è¡šç€ºãã£ã«ã¿ãŒããã±ãããšäžèŽããåŸãè¿œå ã®
ãªã¹ãå ã®è¡šç€ºãã£ã«ã¿ãŒã¯ç¡èŠãããŸãã ãããã£ãŠããã£ã«ã¿ãªã³ã°ããŠããå Žå
ãããã³ã«ãååšããå Žåã¯ãæåã«äžäœã¬ãã«ã®ãããã³ã«ããªã¹ãããå¿ èŠããããŸãã
äžäœã¬ãã«ã®ãããã³ã«ã¯æåŸã§ãã
ã«ã©ãŒåã®ããã¿
ãã±ããã¯ãã«ã©ãŒãã£ã«ã¿ãŒã®ãªã¹ãã«åŸã£ãŠè²ä»ããããŸãã åãã£ã«ã¿ãŒã¯ã§æ§æãããŠããŸã
ååããã£ã«ã¿ãŒåŒãè²ä»ãã ãã±ããã¯æ¬¡ã®ããã«è²åããããŸã
äžèŽããæåã®ãã£ã«ã¿ãŒã ã«ã©ãŒãã£ã«ã¿ãŒåŒã¯ãŸã£ããåããã®ã䜿çšããŸã
衚瀺ãã£ã«ã¿ãŒåŒãšããŠã®æ§æã
Wiresharkãèµ·åãããšãã«ã©ãŒãã£ã«ã¿ãŒã¯æ¬¡ã®å ŽæããããŒããããŸãã
1.ãŠãŒã¶ãŒã®å人çšã«ã©ãŒãã£ã«ã¿ãŒãã¡ã€ã«ããŸãã¯ãã¡ã€ã«ãååšããªãå Žåã¯ã
2.ã°ããŒãã«ã«ã©ãŒãã£ã«ã¿ãŒãã¡ã€ã«ã
ãããã®ã©ã¡ããååšããªãå Žåããã±ããã¯è²ä»ããããŸããã
衚瀺ïŒæ°ãããŠã£ã³ããŠã«ãã±ããã衚瀺
ãã±ãã詳现ãã¥ãŒãšXNUMXé²ãã³ããŠã£ã³ããŠãå«ãæ°ãããŠã£ã³ããŠãäœæããŸãã
çŸåšéžæãããŠãããã±ããã ãã®ãŠã£ã³ããŠã«ã¯ããã®ãã±ããã®è©³çŽ°ãåŒãç¶ã衚瀺ãããŸã
å¥ã®ãã±ãããéžæãããå Žåã§ãããŒã¿ã
衚瀺ïŒãªããŒã
ãã£ããã£ãã¡ã€ã«ããªããŒãããŸãã ãšåã ãã¡ã€ã«ïŒéãã & ãã¡ã€ã«ïŒéã åã³åããã¡ã€ã«ã
æ»ã
以åã«ã¢ã¯ã»ã¹ãããã±ããå±¥æŽã«æ»ããŸãã
é²ã
以åã«ã¢ã¯ã»ã¹ãããã±ããå±¥æŽãé²ããŸãã
GoïŒGo To Packet
ç¹å®ã®çªå·ã®ãã±ããã«ç§»åããŸãã
GoïŒå¯Ÿå¿ãããã±ããã«ç§»å
ãã±ããçªå·ãå«ããã±ãã詳现ãã€ã³ã®ãã£ãŒã«ããéžæãããŠããå Žåã¯ãã«ç§»åããŸãã
ãã®ãã£ãŒã«ãã§æå®ããããã±ããçªå·ã ïŒããã¯ã
ãã±ããã®è©³çŽ°ãžã®ãã®ãšã³ããªã¯ããã£ã«ã¿ãªã³ã°å¯èœãªãã£ãŒã«ããšããŠè©³çŽ°ã«å ¥ããŸã
ããã¹ããšããŠã§ã¯ãªããïŒããã¯ãããšãã°ã次ã®ãã±ããã«ç§»åããããã«äœ¿çšã§ããŸãã
è¿ä¿¡ã«å¯Ÿå¿ãããªã¯ãšã¹ãããŸãã¯ãªã¯ãšã¹ãã«å¯Ÿå¿ããè¿ä¿¡ïŒãã®å ŽåïŒ
ãã±ããçªå·ããã±ããã®è©³çŽ°ã«å ¥åãããŠããŸãã
GoïŒåã®ãã±ãã
GoïŒNext Packet
GoïŒFirst Packet
GoïŒLast Packet
ãã£ããã£ã®å/次/æå/æåŸã®ãã±ããã«ç§»åããŸãã
GoïŒäŒè©±äžã®åã®ãã±ãã
GoïŒäŒè©±äžã®æ¬¡ã®ãã±ãã
äŒè©±ã®å/次ã®ãã±ããã«ç§»åããŸãïŒTCPãUDPããŸãã¯IPïŒ
ãã£ããã£ïŒã€ã³ã¿ãŒãã§ã€ã¹
çŸåšç¥ãããŠãããã¹ãŠã®ã€ã³ã¿ãŒãã§ã€ã¹ãšçŸåšã®ã€ã³ã¿ãŒãã§ã€ã¹ã衚瀺ãããã€ã¢ãã°ããã¯ã¹ã衚瀺ããŸã
ãããã¯ãŒã¯ãã©ãã£ãã¯éã ãã£ããã£ã»ãã·ã§ã³ã¯ããããéå§ã§ããŸãã 泚æïŒç¶æãã
ãã®ããã¯ã¹ãéããšãã·ã¹ãã ã®è² è·ãé«ããªããŸãã
ãã£ããã£ïŒãªãã·ã§ã³
ã©ã€ããã±ãããã£ããã£ãéå§ããŸãïŒä»¥äžã®ããã£ããã£ãªãã·ã§ã³ãã€ã¢ãã°ããåç §ïŒã ãã¡ã€ã«åããªãå Žå
ãæå®ãããšããã£ããã£ãä¿æããããã®äžæãã¡ã€ã«ãäœæãããŸãã ã®å Žæ
éå§ããåã«TMPDIRç°å¢å€æ°ãèšå®ããããšã«ããããã¡ã€ã«ãéžæã§ããŸãã
Wiresharkã®ã ãã以å€ã®å Žåãããã©ã«ãã®TMPDIRã®å Žæã¯ã·ã¹ãã ã«äŸåããŸããã
ã©ã¡ã / var / tmp or / tmpã«.
ãã£ããã£ïŒéå§
以åã«éžæãããªãã·ã§ã³ã䜿çšããŠã©ã€ããã±ãããã£ããã£ãéå§ããŸãã ããã¯éããŸãã
ãªãã·ã§ã³ãã€ã¢ãã°ããã¯ã¹ãããã³åãã§ç¹°ãè¿ããã£ããã£ããã®ã«äŸ¿å©ãªå ŽåããããŸã
ãªãã·ã§ã³ã
ãã£ããã£ïŒåæ¢
å®è¡äžã®ã©ã€ããã£ããã£ãåæ¢ããŸãã
ãã£ããã£ïŒåèµ·å
ã©ã€ããã£ããã£ã®å®è¡äžã«ãã©ã€ããã£ããã£ãåæ¢ããåããªãã·ã§ã³ã§åèµ·åããŸãã
ããã¯ã貎éãªãã±ããããªãã£ãå Žåã«ãç¡é¢ä¿ãªãã±ãããåé€ããã®ã«äŸ¿å©ã§ãã
ãããŸã§ã«ãã£ããã£ãããŸããã
ãã£ããã£ïŒãã£ããã£ãã£ã«ã¿
ä¿åãããã£ããã£ãã£ã«ã¿ãŒã®ãªã¹ããç·šéããŠããã£ã«ã¿ãŒãè¿œå ãå€æŽããŸãã¯è¿œå ã§ããããã«ããŸãã
åé€ãããŸããã
åæïŒãã£ã«ã¿ãŒã®è¡šç€º
ä¿åãã衚瀺ãã£ã«ã¿ãŒã®ãªã¹ããç·šéããŠããã£ã«ã¿ãŒãè¿œå ãå€æŽããŸãã¯è¿œå ã§ããããã«ããŸãã
åé€ãããŸããã
åæïŒãã£ã«ã¿ãŒãã¯ãã®è¡šç€º
è€éãªãã¯ãã®ã·ã§ãŒãã«ãããäœæãã
åæïŒãã£ã«ã¿ãŒãšããŠé©çš
ãã±ããã®è©³çŽ°ã§çŸåšåŒ·èª¿è¡šç€ºãããŠããããŒã¿ã«åºã¥ããŠè¡šç€ºãã£ã«ã¿ãŒãäœæããŸã
ãã£ã«ã¿ãé©çšããŸãã
ãã®ããŒã¿ã衚瀺ãã£ã«ã¿ãŒåŒã§ãã¹ãã§ãããã£ãŒã«ãã§ããå Žåã
ãã£ã«ã¿ã¯ãã®ãã£ãŒã«ãããã¹ãããŸãã ãã以å€ã®å Žåã衚瀺ãã£ã«ã¿ãŒã¯
ãã±ããå ã®çµ¶å¯Ÿãªãã»ããã ãããã£ãŠããã±ãããä¿¡é Œã§ããªãå¯èœæ§ããããŸã
ãœãŒã¹ã«ãŒãã£ã³ã°ãããããŒã¯ã³ãªã³ã°ãªã©ãå¯å€é·ã®ããããŒãæã€ãããã³ã«ãå«ãŸããŠããŸã
ãã±ããã
ã éžæãã ãªãã·ã§ã³ã¯ãããŒã¿ã®äžèŽããã¹ããã衚瀺ãã£ã«ã¿ãŒãäœæããŸãã the
ããã¢ã«ãŠã³ããéãå ŽåïŒ éžæãã ãªãã·ã§ã³ã¯ãããŒã¿ã®äžäžèŽããã¹ããã衚瀺ãã£ã«ã¿ãŒãäœæããŸãã
ã éžæãã, Or éžæãã, ããã¢ã«ãŠã³ããéãå ŽåïŒ éžæãã, Or ããã¢ã«ãŠã³ããéãå ŽåïŒ éžæãã ãªãã·ã§ã³ãè¿œå
äžéšïŒãŸãã¯äžéšïŒã®ã¹ããªããã®è¡šç€ºãã£ã«ã¿ãŒã®ç«¯ANDãŸãã¯OR
æŒç®åã®åŸã«æ°ãã衚瀺ãã£ã«ã¿ãŒåŒãç¶ããŸãã
åæïŒãã£ã«ã¿ãŒãæºåãã
ãã±ããã®è©³çŽ°ã§çŸåšåŒ·èª¿è¡šç€ºãããŠããããŒã¿ã«åºã¥ããŠã衚瀺ãã£ã«ã¿ãŒãäœæããŸãã
äžéšïŒãŸãã¯äžéšïŒã®ãã£ã«ã¿ãŒã¹ããªããã¯æŽæ°ãããŠããŸããããŸã é©çšãããŠããŸããã
åæïŒæå¹ãªãããã³ã«
ç¹å®ã®ãããã³ã«ã«å¯ŸããŠãããã³ã«åæãæå¹ãŸãã¯ç¡å¹ã«ã§ããããã«ããŸãã
åã ã®ãããã³ã«ã¯ããªã¹ãå ã§ã¯ãªãã¯ãããã次ã®æ¹æ³ã§æå¹ãŸãã¯ç¡å¹ã«ã§ããŸãã
ãããã匷調衚瀺ããã¹ããŒã¹ããŒãæŒããŸãã ãªã¹ãå šäœãæå¹ã«ããããšãã§ããŸãã
ç¡å¹ã«ãããããªã¹ãã®äžã®ãã¿ã³ã䜿çšããŠå転ããŸãã
ãããã³ã«ãç¡å¹ã«ãªã£ãŠããå Žåãç¹å®ã®ãã±ããã®åæã¯ãã®ãšãã«åæ¢ããŸã
ãããã³ã«ã«å°éããWiresharkã¯æ¬¡ã®ãã±ããã«ç§»åããŸãã äžäœå±€
ããã§ãªããã°åŠçãããã¯ãã®ãããã³ã«ã¯è¡šç€ºãããŸããã ã«ãšã£ãŠ
ããšãã°ãTCPãç¡å¹ã«ãããšãTCPãHTTPãSMTPã
Telnetãããã³TCPã®ã¿ã«äŸåãããã®ä»ã®ãããã³ã«ã
ãããã³ã«ã®ãªã¹ããä¿åã§ãããããWiresharkã¯ãããã³ã«ã䜿çšããŠèµ·åããŸã
ãã®ãªã¹ãã§ã¯ç¡å¹ã«ãªã£ãŠããŸãã
åæïŒååãä»ããŠãã³ãŒã
ãã±ãããéžæããŠããå Žåã¯ããã€ã¢ãã°ã衚瀺ããŠããã±ãããå€æŽã§ããŸã
ãã£ã»ã¯ã¿ã¯ããã®ãã±ããããã³ãŒãããããã«äœ¿çšãããŸãã ãã€ã¢ãã°ã«ã¯ããªã³ã¯ããšã«XNUMXã€ã®ããã«ããããŸã
ã¬ã€ã€ãŒããããã¯ãŒã¯ã¬ã€ã€ãŒããã©ã³ã¹ããŒãã¬ã€ã€ãŒã®ãããã³ã«/ããŒãçªå·ã
ãããã¯åå¥ã«å€æŽãããŸãã ããšãã°ãéžæãããã±ãããTCPã®å Žå
ããŒã12345ãžã®ãã±ããããã®ãã€ã¢ãã°ã䜿çšããŠãWiresharkã«ãã¹ãŠããã³ãŒãããããã«æ瀺ã§ããŸãã
ãã®TCPããŒããšã®éã®ãã±ãããHTTPãã±ãããšããŠéä¿¡ããŸãã
åæïŒãŠãŒã¶ãŒæå®ã®ãã³ãŒã
ãããã³ã«IDãããã£ã»ã¯ã¿ãžã®ãããã³ã°ãè¡ããããã©ããã瀺ãæ°ãããŠã£ã³ããŠãäœæããŸã
ãŠãŒã¶ãŒã«ãã£ãŠå€æŽãããŸããã ãã®ãŠã£ã³ããŠã§ã¯ããŠãŒã¶ãŒã¯ãã¹ãŠã®ãã³ãŒããèªåã®ãŠãŒã¶ãŒã«ãªã»ããããããšãã§ããŸã
ããã©ã«ãå€ã
åæïŒTCPã¹ããªãŒã ããã©ããŒãã
TCPãã±ãããéžæããŠããå Žåã¯ãTCPã®ããŒã¿ã¹ããªãŒã ã®å 容ã衚瀺ããŸã
ãã®ãã±ãããå±ããæ¥ç¶ã¯ãããã¹ããšããŠå¥ã®ãŠã£ã³ããŠã«è¡šç€ºããã
ãã£ã«ã¿ãªã³ã°ãããç¶æ ã®ãã±ããã®ãªã¹ãããã®TCPã®äžéšã§ãããã±ããã®ã¿ãå«ãŸããŸãã
衚瀺ãããŠããæ¥ç¶ã ã§EnterããŒãæŒããšã以åã®ãã¥ãŒã«æ»ãããšãã§ããŸãã
衚瀺ãã£ã«ã¿ãŒã®ããã¹ãããã¯ã¹ãããã«ãããå€ã衚瀺ãã£ã«ã¿ãŒãåŒã³åºãããŸãïŒãŸãã¯ãªã»ãããããŸãïŒã
衚瀺ãã£ã«ã¿ãŒãªãã«æ»ããŸãïŒã
ããŒã¿ã¹ããªãŒã ã衚瀺ããããŠã£ã³ããŠã§ã¯ã次ãéžæã§ããŸãã
ã»äŒè©±å šäœã衚瀺ããããäŒè©±ã®çåŽãŸãã¯å察åŽã衚瀺ãããã
ã»è¡šç€ºãããŠããããŒã¿ãASCIIãŸãã¯EBCDICããã¹ããšããŠæ±ããã©ããã
çã®XNUMXé²ããŒã¿ãšããŠ;
ãšåãå°å·ãªãã·ã§ã³ã䜿çšããŠãçŸåšè¡šç€ºãããŠãããã®ãå°å·ã§ããŸã
ã«äœ¿çšãããŸã ãã¡ã€ã«ïŒå°å· ãã±ãã ã¡ãã¥ãŒé ç®ããŸãã¯ããã¹ããšããŠãã¡ã€ã«ã«ä¿åããŸãã
åæïŒUDPã¹ããªãŒã ããã©ããŒãã
åæïŒSSLã¹ããªãŒã ããã©ããŒãã
ïŒAnalyzeïŒFollow TCP Streamãšåæ§ïŒ
åæïŒå°é家æ å ±
åæïŒãšãã¹ããŒãæ å ±ã³ã³ããžãã
ïŒçš®é¡ïŒãã£ããã£ãã¡ã€ã«ã§Wiresharkã«ãã£ãŠæ€åºãããç°åžžã®ãã°ã
åæïŒäŒè©±ãã£ã«ã¿ãŒ
çµ±èšïŒèŠçŽ
çµéæéããã±ããæ°ã
ãã€ãã«ãŠã³ããªã©ã 衚瀺ãã£ã«ã¿ãŒãæå¹ãªå ŽåãèŠçŽæ å ±ã¯
ãã£ããã£ãšçŸåšè¡šç€ºãããŠãããã±ããã«ã€ããŠè¡šç€ºãããŸãã
çµ±èšïŒãããã³ã«éå±€
ããããã®ãã±ããæ°ãšãããã®ãã±ããã®ãã€ãæ°ã衚瀺ããŸã
ãã¬ãŒã¹å ã®ãããã³ã«ã ãããã³ã«ãåãéå±€ã«ç·šæããŸã
ãã¬ãŒã¹ã§èŠã€ãããŸããã ãããã³ã«ãååšãããã±ãããã«ãŠã³ãããããšã«å ããŠã
ãããã³ã«ãã®æåŸã®ãããã³ã«ã§ãããã±ããã«ã€ããŠãã«ãŠã³ããè¡ãããŸãã
ã¹ã¿ãã¯ã ãããã®æåŸã®ãããã³ã«ã«ãŠã³ãã¯ããã±ããæ°ïŒããã³ãã€ãã«ãŠã³ãïŒã瀺ããŸã
ãããã®ãã±ããã«é¢é£ä»ããããŠããŸãïŒ çµãã£ã ç¹å®ã®ãããã³ã«ã§ã è¡šã§ã¯ã圌ãã¯
ããšã³ããã±ãããããã³ããšã³ããã€ããã®äžã«ãªã¹ããããŠããŸãã
çµ±èšïŒäŒè©±
äŒè©±ã®ãªã¹ã; ãããã³ã«ã§éžæå¯èœã çµ±èšïŒäŒè©±ãªã¹ããåç §ããŠãã ãã
ãåç §ããŠãã ããã
çµ±èšïŒãšã³ããã€ã³ã
ãã±ãã/ãã€ã/ ....ã«ãŠã³ãã®ãããã³ã«ããšã®ãšã³ããã€ã³ãã¢ãã¬ã¹ã®ãªã¹ãã
çµ±èšïŒãã±ããã®é·ã
ãã±ããé·ã®ã°ã«ãŒãåãããã«ãŠã³ãïŒ0ã19ãã€ãã20ã39ãã€ãã...ïŒ
çµ±èšïŒIOã°ã©ã
ç°ãªãè²ã§æ倧5ã€ã®ã°ã©ãã衚瀺ããŠç€ºãããšãã§ãããŠã£ã³ããŠãéããŸã
æå®ããããã®ãšäžèŽãããã¹ãŠã®ãã±ããã®ãã±ããæ°ãŸãã¯XNUMXç§ãããã®ãã€ãæ°
ãã£ã«ã¿ãŒã ããã©ã«ãã§ã¯ãXNUMXã€ã®ãã±ããæ°ã瀺ãã°ã©ããXNUMXã€ã ã衚瀺ãããŸãã
ç§ã
ãŠã£ã³ããŠã®äžéšã«ã¯ãX軞ãšY軞ã®ã°ã©ããšã¹ã±ãŒã«ãå«ãŸããŠããŸãã ããã
ã°ã©ããé·ãããŠãŠã£ã³ããŠå ã«åãŸããªãæ°Žå¹³ã¹ã¯ããŒã«ããŒãäžã«ãããŸã
ã°ã©ããå·ŠãŸãã¯å³ã«ã¹ã¯ããŒã«ã§ããæç»é åã æ°Žå¹³
軞ã¯ãã£ããã£ãŸã§ã®æéã衚瀺ãã瞊軞ã¯
ãã®æã®æž¬å®éã
æç»é åãšã¹ã¯ããŒã«ããŒã®äžã«ã¯ãã³ã³ãããŒã«ããããŸãã å·Šäžã«
次ã®ãããªåã ã®ã°ã©ããå¶åŸ¡ããããã®XNUMXã€ã®åæ§ã®ã³ã³ãããŒã«ã»ããã«ãªããŸãã
ãè¡šç€ºïŒ ãã©ã®ãã¿ã³ã§åã ã®ã°ã©ãã®ãªã³/ãªããåãæ¿ããŸãã ããã
ããã§ãã¯ãããšãã°ã©ãã衚瀺ãããŸãã "è²ïŒ "ããã¯ãã ã®ãã¿ã³ã§ã
ãã®ã°ã©ãã®æç»ã«äœ¿çšãããè²ã衚瀺ããŸãïŒè²ã¯Gtk2ã§ã®ã¿äœ¿çšå¯èœã§ãïŒ
ããŒãžã§ã³ïŒãããŠæåŸã«ããã£ã«ã¿ãŒïŒ 衚瀺ãæå®ããããã«äœ¿çšã§ãã "
ãã®ç¹å®ã®ã°ã©ãã®ãã£ã«ã¿ãŒã
filter-textã空ã®å Žåããã¹ãŠã®ãã±ããã次ã®æ°éã®èšç®ã«äœ¿çšãããŸã
ãã®ã°ã©ãã filter-textãæå®ãããŠããå Žåããã®è¡šç€ºã«äžèŽãããã±ããã®ã¿
æ°éã®èšç®ã§ã¯ãã£ã«ã¿ãŒãèæ ®ãããŸãã
5ã€ã®ã°ã©ãã³ã³ãããŒã«ã®å³åŽã«ã¯ãã°ããŒãã«ãªåŽé¢ãå¶åŸ¡ããããã®XNUMXã€ã®ã¡ãã¥ãŒããããŸãã
æç»é åãšã°ã©ãã ãåäœïŒãã¡ãã¥ãŒã¯ãäœã枬å®ããããå¶åŸ¡ããããã«äœ¿çšãããŸãã
ãpackets / tickãããbytes / tickããŸãã¯ãadvanced ...ã
ãã±ãã/ãã£ãã¯ã¯ãïŒæå®ãããŠããå ŽåïŒè¡šç€ºã«äžèŽãããã±ããã®æ°ã枬å®ããŸã
å枬å®ééã®ã°ã©ãã®ãã£ã«ã¿ãŒã
bytes / tickã¯ãïŒif
æå®ïŒå枬å®ééã§ã®ã°ã©ãã®è¡šç€ºãã£ã«ã¿ãŒã
é«åºŠãª...以äžãåç §
ãç®çãééïŒãã¯ã䜿çšãã枬å®ééãæå®ããŸãã ããã©ã«ãã¯1ç§ã§ã
ããã¯ãããŒã¿ã1ç§ééã§ã«ãŠã³ããããããšãæå³ããŸãã
ããã£ãã¯ãããã®ãã¯ã»ã«æ°ïŒãã¯ãå枬å®ééã®å¹ ãäœãã¯ã»ã«ã«ãªãããæå®ããŸã
äœå³ãšãªã¢ã ããã©ã«ãã¯ãã£ãã¯ããã5ãã¯ã»ã«ã§ãã
ãY-scaleïŒãã¯ãy軞ã®æ倧å€ãå¶åŸ¡ããŸãã ããã©ã«ãå€ã¯ãautoãã§ããããã¯ã
ãã Wiresharkã® maxvalueãèªåçã«èª¿æŽããããšããŸãã
"advanced ..." UnitïŒadvanced ...ãéžæãããŠããå ŽåããŠã£ã³ããŠã«ã¯ããã«XNUMXã€è¡šç€ºãããŸã
XNUMXã€ã®ã°ã©ãã®ããããã®ã³ã³ãããŒã«ã XNUMXã€ã®ã³ã³ãããŒã«ã¯ã次ã®ã¿ã€ãã®ã¡ãã¥ãŒã«ãªããŸãã
èšç®ã¯ãSUMãCOUNTãMAXãMINãAVGãããã³LOADããéžæã§ããXNUMXã€ã®ã³ã³ãããŒã«ã
ããã¹ãããã¯ã¹ãåäžã®è¡šç€ºãã£ã«ã¿ãŒãã£ãŒã«ãã®ååãæå®ã§ããŸãã
ã¿ã€ããšãã£ãŒã«ãã®çµã¿åããã«ã¯ã次ã®å¶éãé©çšãããŸãã
SUMïŒãã¹ãŠã®ã¿ã€ãã®æŽæ°ã§äœ¿çšå¯èœã§ããããã¹ãŠã®ãªã«ã¬ã³ã¹ã®SUMãèšç®ããŸã
枬å®ééã®ãã®ãã£ãŒã«ãã®ã äžéšã®ãã£ãŒã«ãã¯è€æ°çºçããå¯èœæ§ãããããšã«æ³šæããŠãã ãã
åããã±ããå ã®åæ°ã§ããã¹ãŠã®ã€ã³ã¹ã¿ã³ã¹ãåèšãããŸãã äŸïŒ 'tcp.len'
ããã¯ãåééã§TCPãä»ããŠè»¢éããããã€ããŒãããŒã¿ã®éãã«ãŠã³ãããŸãã
COUNTïŒãã¹ãŠã®ãã£ãŒã«ãã¿ã€ãã§äœ¿çšã§ããŸãã ããã«ãããç¹å®ã®åæ°ãã«ãŠã³ããããŸã
ãã£ãŒã«ãã¯åééã§çºçããŸãã äžéšã®ãã£ãŒã«ãã¯ãããããã§è€æ°åçºçããå¯èœæ§ãããããšã«æ³šæããŠãã ãã
ãã±ããã§ããããã®å Žåãåã€ã³ã¹ã¿ã³ã¹ã¯åå¥ã«ã«ãŠã³ãããã
COUNTã¯ãã±ããæ°ããã倧ãããªããŸãã
MAXïŒãã¹ãŠã®æŽæ°ããã³çžå¯Ÿæéãã£ãŒã«ãã§äœ¿çšã§ããŸãã ããã¯æ倧ãèšç®ããŸã
ééäžã«ãã£ãŒã«ãã«è¡šç€ºãããæŽæ°/æéå€ã äŸïŒ 'smb.time'
ããã¯ãæ倧SMBå¿çæéãããããããŸãã
MINïŒãã¹ãŠã®æŽæ°ããã³çžå¯Ÿæéãã£ãŒã«ãã§äœ¿çšã§ããŸãã ããã¯æå°å€ãèšç®ããŸã
ééäžã«ãã£ãŒã«ãã«è¡šç€ºãããæŽæ°/æéå€ã äŸïŒ 'smb.time'
ããã«ãããæå°SMBå¿çæéããããããããŸãã
AVGïŒãã¹ãŠã®æŽæ°ããã³çžå¯Ÿæéãã£ãŒã«ãã§äœ¿çšå¯èœãããã«ããã
ééäžã«ãã£ãŒã«ãã§èŠãããå¹³åèŠãããæŽæ°/æéå€ã äŸïŒ
'smb.time'ã¯ãå¹³åSMBå¿çæéãããããããŸãã
LOADïŒçžå¯Ÿæéãã£ãŒã«ãïŒå¿çæéïŒã§ã®ã¿äœ¿çšã§ããŸãã
é«åºŠãªäŸïŒNFSå¿çæéMAX / MIN / AVGãæéã®çµéãšãšãã«ã©ã®ããã«å€åãããã衚瀺ããŸãã
æåã®ã°ã©ãã次ã®ããã«èšå®ããŸãã
filterïŒnfs && rpc.time
CalcïŒMAX rpc.time
XNUMXçªç®ã®ã°ã©ããã«èšå®ããŸã
filterïŒnfs && rpc.time
CalcïŒAVG rpc.time
XNUMXçªç®ã®ã°ã©ããã«èšå®ããŸã
filterïŒnfs && rpc.time
CalcïŒMIN rpc.time
é«åºŠãªäŸïŒãã¹ãabcdããã®å¹³åãã±ãããµã€ãºãã©ã®ããã«å€åãããã衚瀺ããŸã
æéããããŠã
æåã®ã°ã©ããã«èšå®ããŸã
filterïŒip.addr == abcd && frame.pkt_len
CalcïŒAVG frame.pkt_len
LOADïŒLOAD io-statã¿ã€ãã¯ããããŸã§ã«èŠããã®ãšã¯å€§ããç°ãªããŸãã
MINãMAXãAVGã«ãã£ãŠãããããããå¿çæéèªäœã¯ã
ãµãŒããŒã®è² è·ïŒãµãŒããŒã®å¿çæéã«åœ±é¿ããŸãïŒãè² è·ã®æž¬å®å€
ã¯ã©ã€ã¢ã³ãã®è² è·ã ããã枬å®ããã®ã¯ãã¯ã©ã€ã¢ã³ããçæããã¯ãŒã¯ããŒãã®éã§ãã
以åã®ã³ãã³ããå®äºãããšãã«ãã¯ã©ã€ã¢ã³ããæ°ããã³ãã³ããçºè¡ããé床ã ããªãã¡
ã¯ã©ã€ã¢ã³ããç¶æã§ãã䞊è¡æ§ã®ã¬ãã«ã æ°å€ã倧ããã»ã©ã
ã¯ã©ã€ã¢ã³ããæ°ããã³ãã³ããçºè¡ããé床ãéããªããŸãã LOADãããŠã³ããå Žåãããã¯åå ã§ããå¯èœæ§ããããŸã
ã¯ã©ã€ã¢ã³ãã®è² è·ã«ãããã¯ã©ã€ã¢ã³ããæ°ããã³ãã³ããçºè¡ããã®ãé ããªããŸãïŒä»ã®ã³ãã³ããããå ŽåããããŸãïŒ
çç±ããããŸãããã¯ã©ã€ã¢ã³ããçºè¡ãããã³ãã³ããæã£ãŠããªãå¯èœæ§ããããŸã
ãã®æïŒã
è² è·ã¯åæå®è¡æ°/éè€ããI / Oã®æ°ã§æž¬å®ãããå€1000ã¯
XNUMXã€ã®I / Oã®äžå®ã®è² è·ããããŸãã
åãã£ãã¯ééã§ããªãŒããŒã©ããã®éã枬å®ãããŸãã äžã®ã°ã©ããåç §ããŠãã ãã
XNUMXã€ã®ã³ãã³ããå«ãŸããŠããŸããã°ã©ãã®äžã«ã¯ãåééã®LOADå€ããããŸãã
èšç®ãããŸãã
| | | | | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | | | |
| | o ===== * | | | | | |
| | | | | | | | | | | | | | | | | |
| o ======== * | o ============ * | | |
| | | | | | | | | | | | | | | | | |
-------------------------------------------------- >æé
500 1500 500 750 1000 500 0 0
çµ±èšïŒäŒè©±ãªã¹ã
ãã®ãªãã·ã§ã³ã¯ãéã®ãã¹ãŠã®äŒè©±ã®ãªã¹ãã衚瀺ããæ°ãããŠã£ã³ããŠãéããŸã
XNUMXã€ã®ãšã³ããã€ã³ãã ãªã¹ãã«ã¯ãåºæã®äŒè©±ããšã«XNUMXã€ã®è¡ããããåèšã衚瀺ãããŸã
衚瀺ããããã±ãã/ãã€ãã®æ°ãããã³åæ¹åã®ãã±ãã/ãã€ãã®æ°ã
ããã©ã«ãã§ã¯ããªã¹ãã¯ãã±ããæ°ã«åŸã£ãŠãœãŒããããŸããã
åããããŒã ãªã¹ããæé ãŸãã¯éé ã§äžŠã¹æ¿ããããšãã§ããŸã
ä»»æã®åã§ã
æåã«äŒè©±ãã¯ãªãã¯ããŠéžæãã次ã«å³ããŠã¹ã䜿çšãã
ãã¿ã³ïŒããŠã¹ã®å³ãã¿ã³ããããã©ãããã©ãŒã ã®å ŽåïŒwiresharkã¯ã
ãã£ããã£ã«é©çšããããã€ãã®ç°ãªããã£ã«ã¿ãŒæäœãæäŸãããããã¢ããã¡ãã¥ãŒã
ãããã®çµ±èšãŠã£ã³ããŠã¯ãWiresharkã³ãã³ãã©ã€ã³ãã次ã®ã³ãã³ãã䜿çšããŠåŒã³åºãããšãã§ããŸãã
-z conv åŒæ°ã
çµ±èšïŒãµãŒãã¹å¿çæé
ã»AFP
ã»ãã£ã¡ã«
ã»DCE-RPC
ãŠã£ã³ããŠãéããŠãä»»æã®DCE-RPCã®ãµãŒãã¹å¿çæéã®çµ±èšã衚瀺ããŸã
ããã°ã©ã ã€ã³ã¿ãŒãã§ãŒã¹ãšãã£ã¹ãã¬ã€ æé , æ° of ã³ãŒââã«, æå° SRT, æ倧 SRT
& å¹³å SRT ãã®ããã°ã©ã /ããŒãžã§ã³ã®ãã¹ãŠã®æé ã ãããã®ãŠã£ã³ããŠãéããŸãã
ã©ã€ããã£ããã£ãå®è¡ãããšãããŸãã¯
æ°ãããã£ããã£ãã¡ã€ã«ã Wiresharkã®.
ãã®ãã€ã¢ãã°ã§ã¯ããªãã·ã§ã³ã®ãã£ã«ã¿ãŒæååã䜿çšããããšãã§ããŸãã ãªãã·ã§ã³ã®å Žå
ãã£ã«ã¿æååã¯ãããã«äžèŽããDCE-RPCèŠæ±/å¿çãã¢ã§ã®ã¿äœ¿çšãããŸãã
ãã£ã«ã¿ã¯çµ±èšã®èšç®ã«äœ¿çšãããŸãã ãã£ã«ã¿æååãæå®ãããŠããªãå Žå
ãã¹ãŠã®èŠæ±/å¿çãã¢ã䜿çšãããŸãã
ã» çŽåŸ
ã»ãã¡ã€ããŒãã£ãã«
ãŠã£ã³ããŠãéããŠããã¡ã€ããã£ãã«ãšã®ãµãŒãã¹å¿çæéã®çµ±èšã衚瀺ããŸãã
ãã£ã¹ãã¬ã€ FC ã¿ã€ã, æ° of ã³ãŒââã«, æå° SRT, æ倧 SRT & å¹³å SRT ãã¹ãŠã®
FCã¿ã€ãã éãããããã®ãŠã£ã³ããŠã¯ãå€æŽãåæ ããããã«åãªã¢ã«ã¿ã€ã ã§æŽæ°ãããŸã
ã©ã€ããã£ããã£ãå®è¡ãããšãããŸãã¯æ°ãããã£ããã£ãã¡ã€ã«ã Wiresharkã®ãéžæããŸãã
ãµãŒãã¹å¿çæéã¯ãã®æåã®ãã±ããéã®æéãã«ã¿ãšããŠèšç®ãããŸãã
亀æãšäº€æã®æåŸã®ãã±ããã
ãã®ãã€ã¢ãã°ã§ã¯ããªãã·ã§ã³ã®ãã£ã«ã¿ãŒæååã䜿çšããããšãã§ããŸãã ãªãã·ã§ã³ã®å Žå
ãã£ã«ã¿æååã¯ãããã«äžèŽããFCã®æå/æåŸã®äº€æãã¢ã§ã®ã¿äœ¿çšãããŸãã
ãã£ã«ã¿ã¯çµ±èšã®èšç®ã«äœ¿çšãããŸãã ãã£ã«ã¿æååãæå®ãããŠããªãå Žå
ãã¹ãŠã®èŠæ±/å¿çãã¢ã䜿çšãããŸãã
ã»GTP
ã»H.225 RAS
ITU-T H.225 RASã®èŠæ±/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã
åéãããããŒã¿ã¯ æ° of åŒã³åºã æ¢ç¥ã®ITU-TH.225 RASã¡ãã»ãŒãžã¿ã€ãããšã«ã
æå° SRT, æ倧 SRT, å¹³å SRT, æå° in ãã±ãã, æ倧 in ãã±ãã.
ããªãã¯ãŸãã®æ°ãååŸããŸã Open ã€ãªããç³è« ïŒå¿çã®ãªããªã¯ãšã¹ãïŒã æšãŠã
è¿ä¿¡ ïŒäžèŽããèŠæ±ã®ãªãå¿çïŒããã³éè€ã¡ãã»ãŒãžã ãããã¯
éãããŠã£ã³ããŠã¯ãã©ã€ããè¡ããšãã«å€æŽãåæ ããããã«åãªã¢ã«ã¿ã€ã ã§æŽæ°ãããŸã
ãã£ããã£ãŸãã¯æ°ãããã£ããã£ãã¡ã€ã«ãèªã¿èŸŒããšã Wiresharkã®.
éå§ããåã«ããã€ã¢ãã°ããã¯ã¹ã§ãªãã·ã§ã³ã®ãã£ã«ã¿æååãé©çšã§ããŸãã
èšç®ã çµ±èšã¯ãããã«äžèŽããåŒã³åºãã§ã®ã¿èšç®ãããŸã
ãã£ã«ã¿ã
ã»LDAP
ã»ã¡ã¬ã³
ã»MGCP
MGCPã®èŠæ±/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã ããŒã¿
åéãããŸã æ° of åŒã³åºã æ¢ç¥ã®MGCPã¿ã€ãããšã«ã æå° SRT, æ倧 SRT,
å¹³å SRT, æå° in ãã±ãã, æ倧 in ãã±ããã éãããããã®ãŠã£ã³ããŠã¯
ã©ã€ããã£ããã£ãå®è¡ãããšãããŸãã¯
æ°ãããã£ããã£ãã¡ã€ã«ã Wiresharkã®.
éå§ããåã«ããã€ã¢ãã°ããã¯ã¹ã§ãªãã·ã§ã³ã®ãã£ã«ã¿æååãé©çšã§ããŸãã
èšç®ã çµ±èšã¯ãããã«äžèŽããåŒã³åºãã§ã®ã¿èšç®ãããŸã
ãã£ã«ã¿ã
ã»NCP
ã»ONC-RPC
ãŠã£ã³ããŠãéããŠãä»»æã®ONC-RPCããã°ã©ã ã€ã³ã¿ãŒãã§ã€ã¹ã®çµ±èšã衚瀺ããŸãã
ãã£ã¹ãã¬ã€ æé , æ° of ã³ãŒââã«, æå° SRT, æ倧 SRT & å¹³å SRT for
ãã®ããã°ã©ã /ããŒãžã§ã³ã®ãã¹ãŠã®æé ã éãããããã®ãŠã£ã³ããŠã¯ã§æŽæ°ãããŸã
ã©ã€ããã£ããã£ãè¡ããšãããŸãã¯æ°ãããã®ãèªããšãã«å€æŽãåæ ããããã®åãªã¢ã«ã¿ã€ã
ãã¡ã€ã«ãã«ãã£ããã£ãã Wiresharkã®.
ãã®ãã€ã¢ãã°ã§ã¯ããªãã·ã§ã³ã®ãã£ã«ã¿ãŒæååã䜿çšããããšãã§ããŸãã ãªãã·ã§ã³ã®å Žå
ãã£ã«ã¿æååã¯ãããã«äžèŽããONC-RPCèŠæ±/å¿çãã¢ã§ã®ã¿äœ¿çšãããŸãã
ãã£ã«ã¿ã¯çµ±èšã®èšç®ã«äœ¿çšãããŸãã ãã£ã«ã¿æååãæå®ãããŠããªãå Žå
ãã¹ãŠã®èŠæ±/å¿çãã¢ã䜿çšãããŸãã
æåã«äŒè©±ãã¯ãªãã¯ããŠéžæãã次ã«å³ããŠã¹ã䜿çšãã
ãã¿ã³ïŒããŠã¹ã®å³ãã¿ã³ããããã©ãããã©ãŒã ã®å ŽåïŒwiresharkã衚瀺ãããŸã
ãã£ããã£ã«é©çšããããã€ãã®ç°ãªããã£ã«ã¿ãŒæäœãæäŸãããããã¢ããã¡ãã¥ãŒã
ã»RADIUS
ã»SCSI
ã»SMB
SMBã®ã³ãŒã«/å¿çSRTïŒãµãŒãã¹å¿çæéïŒããŒã¿ãåéããŸãã åéãããããŒã¿ã¯
åSMBã³ãã³ããMinSRTãMaxSRTãããã³AvgSRTã®åŒã³åºãæ°ã
ããŒã¿ã¯ããã¹ãŠã®éåžžã®SMBã³ãã³ãã®åå¥ã®ããŒãã«ãšããŠè¡šç€ºãããŸãã
Transaction2ã³ãã³ããšãã¹ãŠã®NTãã©ã³ã¶ã¯ã·ã§ã³ã³ãã³ãã ãã®ã³ãã³ãã®ã¿
ãã£ããã£ã«è¡šç€ºããããšãçµ±èšã衚瀺ãããŸãã ã®æåã®ã³ãã³ãã®ã¿
xAndXã³ãã³ããã§ãŒã³ãèšç®ã«äœ¿çšãããŸãã ã ããäžè¬çãª
SessionSetupAndX + TreeConnectAndXãã§ãŒã³ãSessionSetupAndXåŒã³åºãã®ã¿ã
çµ±èšã§äœ¿çšãããŸãã ããã¯ãå°æ¥ä¿®æ£ãããå¯èœæ§ã®ããæ¬ é¥ã§ãã
éå§ããåã«ããã€ã¢ãã°ããã¯ã¹ã§ãªãã·ã§ã³ã®ãã£ã«ã¿æååãé©çšã§ããŸãã
èšç®ã çµ±èšã¯ãããã«äžèŽããåŒã³åºãã§ã®ã¿èšç®ãããŸã
ãã£ã«ã¿ã
æåã«äŒè©±ãã¯ãªãã¯ããŠéžæãã次ã«å³ããŠã¹ã䜿çšãã
ãã¿ã³ïŒããŠã¹ã®å³ãã¿ã³ããããã©ãããã©ãŒã ã®å ŽåïŒwiresharkã衚瀺ãããŸã
ãã£ããã£ã«é©çšããããã€ãã®ç°ãªããã£ã«ã¿ãŒæäœãæäŸãããããã¢ããã¡ãã¥ãŒã
ã»SMB2
çµ±èšïŒBOOTP-DHCP
çµ±èšïŒæ¯èŒ
XNUMXã€ã®ãã£ããã£ãã¡ã€ã«ãæ¯èŒãã
çµ±èšïŒãããŒã°ã©ã
ãããŒã°ã©ãïŒäžè¬/ TCP
çµ±èšïŒHTTP
HTTPè² è·åæ£ããã±ããã«ãŠã³ã¿ãŒãããã³èŠæ±
çµ±èšïŒIPã¢ãã¬ã¹
IPã¢ãã¬ã¹ã«ããã«ãŠã³ã/ã¬ãŒã/ããŒã»ã³ã
çµ±èšïŒIPå®å
IPã¢ãã¬ã¹/ãããã³ã«/ããŒãããšã®ã«ãŠã³ã/ã¬ãŒã/ããŒã»ã³ã
çµ±èšïŒIPãããã³ã«ã¿ã€ã
IPãããã³ã«ã¿ã€ãããšã®ã«ãŠã³ã/ã¬ãŒã/ããŒã»ã³ã
çµ±èšïŒONC-RPCããã°ã©ã
ãã®ãã€ã¢ãã°ã¯ããã¹ãŠã®ONC-RPCã®éçŽãããSRTçµ±èšã瀺ããŠã£ã³ããŠãéããŸãã
ãã£ããã£ãã¡ã€ã«ã«ååšããããã°ã©ã /ããŒãžã§ã³ã
çµ±èšïŒTCPã¹ããªãŒã ã°ã©ã
ã°ã©ãïŒåŸåŸ©; ã¹ã«ãŒããã; ã¿ã€ã ã·ãŒã±ã³ã¹ïŒã¹ãã£ãŒãã³ã¹ïŒ; ã¿ã€ã ã·ãŒã±ã³ã¹ïŒtcptraceïŒ
çµ±èšïŒUDPãã«ããã£ã¹ãã¹ããªãŒã
éä¿¡å /å®å ã¢ãã¬ã¹/ããŒãã®ãã¢ã«ãããã«ããã£ã¹ãã¹ããªãŒã ã«ãŠã³ã/ã¬ãŒã/ ...
çµ±èšïŒWLANãã©ãã£ãã¯
WLANãã©ãã£ãã¯çµ±èš
ãã¬ãã©ããŒïŒITU-TH.225
ITU-TH.225ã¡ãã»ãŒãžãšãã®çç±ãæ°ããŸãã æåã®åã«ã¯ã次ã®ãªã¹ãã衚瀺ãããŸãã
çŸåšã®ãã£ããã£ãã¡ã€ã«ã§çºçããH.225ã¡ãã»ãŒãžãšH.225ã¡ãã»ãŒãžã®çç±ã
åã¡ãã»ãŒãžãŸãã¯çç±ã®çºçæ°ã¯XNUMXçªç®ã«è¡šç€ºãããŸã
æ¡ã éãããã®ãŠã£ã³ããŠã¯ã次ã®å Žåã«å€æŽãåæ ããããã«åãªã¢ã«ã¿ã€ã ã§æŽæ°ãããŸã
ã©ã€ããã£ããã£ãå®è¡ãããšãããŸãã¯æ°ãããã£ããã£ãã¡ã€ã«ã Wiresharkã®.
ã«ãŠã³ã¿ãŒãéå§ããåã«ããã€ã¢ãã°ããã¯ã¹ã§ãªãã·ã§ã³ã®ãã£ã«ã¿ãŒæååãé©çšã§ããŸãã
çµ±èšã¯ããã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã§ã®ã¿èšç®ãããŸãã
ãã¬ãã©ããŒïŒSIP
SIPã¡ãã»ãŒãžã®ã«ãŠã³ã¿ãŒãã¢ã¯ãã£ãã«ããŸãã ããããã®çºçæ°ãååŸããŸã
SIPã¡ãœãããšåSIPã¹ããŒã¿ã¹ã³ãŒãã ããã«ãããªãã¯ãŸãã®æ°ãååŸããŸã
SIPã¡ãã»ãŒãžãåéããŸãïŒSIP over UDPã®å Žåã®ã¿ïŒã
éãããã®ãŠã£ã³ããŠã¯ãã©ã€ããè¡ããšãã«å€æŽãåæ ããããã«åãªã¢ã«ã¿ã€ã ã§æŽæ°ãããŸã
ãã£ããã£ãŸãã¯æ°ãããã£ããã£ãã¡ã€ã«ãèªã¿èŸŒããšã Wiresharkã®.
ã«ãŠã³ã¿ãŒãéå§ããåã«ããã€ã¢ãã°ããã¯ã¹ã§ãªãã·ã§ã³ã®ãã£ã«ã¿ãŒæååãé©çšã§ããŸãã
çµ±èšã¯ããã®ãã£ã«ã¿ãŒã«äžèŽããåŒã³åºãã§ã®ã¿èšç®ãããŸãã
ããŒã«ïŒãã¡ã€ã¢ãŠã©ãŒã«ACLã«ãŒã«
ãã«ãïŒç®æ¬¡
ããã€ãã®ãã«ãããã¹ãã
ãã«ãïŒãµããŒããããŠãããããã³ã«
ãµããŒããããŠãããããã³ã«ã®ãªã¹ããšãã£ã«ã¿ãŒãããã³ã«ãã£ãŒã«ãã®è¡šç€ºã
ãã«ãïŒããã¥ã¢ã«ããŒãž
ãããã®ããã¥ã¢ã«ããŒãžã®ããŒã«ã«ã«ã€ã³ã¹ããŒã«ãããHTMLããŒãžã§ã³ãWebãã©ãŠã¶ã«è¡šç€ºããŸãã
ãã«ãïŒWiresharkãªã³ã©ã€ã³
Webãã©ãŠã¶ã§éããªã³ã©ã€ã³ãªãœãŒã¹ãžã®ããŸããŸãªãªã³ã¯
ã
ãã«ãïŒWiresharkã«ã€ããŠ
ããŒãžã§ã³ãªã©ãWiresharkã«é¢ããããŸããŸãªæ å ±ïŒä»¥äžã®ãAboutããã€ã¢ãã°ãåç §ïŒãåç §ããŠãã ããã
䜿çšãããã©ã«ããå©çšå¯èœãªãã©ã°ã€ã³ã...
WINDOWS
ã¡ã€ã³ãŠã€ã³ããŠ
ã¡ã€ã³ãŠã£ã³ããŠã«ã¯ãã¡ãã¥ãŒãããã€ãã®ããŒã«ããŒãã¡ã€ã³ãšãªã¢ãªã©ã®éåžžã®ãã®ãå«ãŸããŠããŸã
ãšã¹ããŒã¿ã¹ããŒã ã¡ã€ã³ãšãªã¢ã¯XNUMXã€ã®ãã€ã³ã«åå²ãããŠãããåãã€ã³ã®ãµã€ãºãå€æŽã§ããŸã
åä»åãç·ã®å³ç«¯ã«ã芪æãã䜿çšããŸãã
ã¡ã€ã³ãŠã£ã³ããŠã¯ä»¥åãããã¯ããã«æè»ã§ãã ã¡ã€ã³ãŠã£ã³ããŠã®ã¬ã€ã¢ãŠãã¯
ã«ãã£ãŠã«ã¹ã¿ãã€ãºããã ã¬ã€ã¢ãŠã ã«ãã£ãŠãããã¢ããããããã€ã¢ãã°ããã¯ã¹ã®ããŒãž ç·šéïŒèšå®
以äžã«ãããã©ã«ãèšå®ã§ã®ã¬ã€ã¢ãŠãã«ã€ããŠèª¬æããŸãã
ã¡ã€ã³ããŒã«ããŒ
äžéšã®ã¡ãã¥ãŒé ç®ã¯ããããããã°ããã¢ã¯ã»ã¹ã§ããŸãã ããæ¹æ³ã¯ãããŸãã
ããŒã«ããŒã®é ç®ãã«ã¹ã¿ãã€ãºããŸãããããŒã«ããŒã¯æ¬¡ã®æ¹æ³ã§é衚瀺ã«ã§ããŸãã
ãã¥ãŒïŒã¡ã€ã³ ããŒã«ããŒ.
ãã£ã«ã¿ããŒã«ããŒ
ãã£ã«ã¿ããŒã«ããŒã«è¡šç€ºãã£ã«ã¿ãå ¥åã§ããŸãã HTTPã®ãã£ã«ã¿ãŒã
HTTPSããã³DNSãã©ãã£ãã¯ã¯æ¬¡ã®ããã«ãªããŸãã
{80 443}ã®tcp.port
éžæãã ãã£ã«ã¿ïŒ ãã¿ã³ã䜿çšãããšãååä»ããã£ã«ã¿ãŒã®ãªã¹ãããéžæã§ããŸãã
ãªãã·ã§ã³ã§ä¿åã§ããŸãã ReturnããŒãŸãã¯EnterããŒãæŒããã
ç³ã蟌ã ãã¿ã³ãã¯ãªãã¯ãããšããã£ã«ã¿ãŒãçŸåšã®ãªã¹ãã«é©çšãããŸãã
ãã±ããã ã®éžæ ãªã»ãã ãã¿ã³ãæŒããšè¡šç€ºãã£ã«ã¿ãŒãã¯ãªã¢ããããã¹ãŠã
ãã±ãããïŒåã³ïŒè¡šç€ºãããŸãã
ããŒã«ããŒã®é ç®ãã«ã¹ã¿ãã€ãºããæ¹æ³ã¯ãããŸããããããŒã«ããŒã§ã¯
ã«ãã£ãŠé ããã ãã¥ãŒïŒãã£ã«ã¿ãŒ ããŒã«ããŒ.
ãã±ãããªã¹ããã€ã³
äžéšã®ãã€ã³ã«ã¯ãã¹ã¯ããŒã«ã§ãããããã¯ãŒã¯ãã±ããã®ãªã¹ããå«ãŸããŠããŸã
ãéžæããŸãã ããã©ã«ãã§ã¯ããã±ããçªå·ããã±ããã¿ã€ã ã¹ã¿ã³ãããœãŒã¹ãããã³
å®å ã¢ãã¬ã¹ããããã³ã«ãããã³èª¬æãåãã±ããã«è¡šç€ºãããŸãã
ã ã³ã©ã ã«ãã£ãŠãããã¢ããããããã€ã¢ãã°ããã¯ã¹ã®ããŒãž ç·šéïŒèšå® å€æŽã§ããŸã
ããïŒãã ããæ®å¿µãªãããçŸåšãèšå®ãä¿åããå¿ èŠããããŸãã
ãããã®å€æŽãæå¹ã«ããã«ã¯ãWiresharkãçµäºããŠåèµ·åããŸãïŒã
åã®èŠåºããã¯ãªãã¯ãããšã衚瀺ã¯ããã«ãã£ãŠãœãŒããããŸã
æ¡; èŠåºããããäžåºŠã¯ãªãã¯ãããšããã®äžŠã¹æ¿ãé åºãéã«ãªããŸã
ã³ã©ã ã
ãããã³ã«ã¹ã¿ãã¯ã®äžäœã«ããæ å ±ã衚瀺ããããã«åªããŠããŸãã
å¯èœã§ããããšãã°ãIPã¢ãã¬ã¹ã¯IPãã±ããã«è¡šç€ºãããŸãããMACå±€ã¯
äžæãªãã±ããã¿ã€ãã®ã¢ãã¬ã¹ã衚瀺ãããŸãã
ããŠã¹ã®å³ãã¿ã³ã䜿çšããŠãæäœã®ã¡ãã¥ãŒããããã¢ããã§ããŸãã
ããŠã¹ã®äžãã¿ã³ã䜿çšããŠããã±ããã«ããŒã¯ãä»ããããšãã§ããŸãã
ãã±ãã詳现ãã€ã³
äžå€®ã®ãã€ã³ã«ã¯ãçŸåšéžæãããŠãã詳现ã衚瀺ãããŸã
ãã±ããã ãã£ã¹ãã¬ã€ã«ã¯ãã®åãããã³ã«ããããŒã®åãã£ãŒã«ããšãã®å€ã衚瀺ãããŸãã
ã¹ã¿ãã¯ã ããŠã¹ã®å³ãã¿ã³ã䜿çšããŠãæäœã®ã¡ãã¥ãŒããããã¢ããã§ããŸãã
ãã±ãããã€ããã€ã³
äžçªäžã®ãã€ã³ã«ã¯ãå®éã®ãã±ããããŒã¿ã®XNUMXé²ããã³ASCIIãã³ããå«ãŸããŠããŸãã
ãã±ããã®è©³çŽ°ã§ãã£ãŒã«ããéžæãããšãã®å¯Ÿå¿ãããã€ãã匷調衚瀺ãããŸã
ãã®ã»ã¯ã·ã§ã³ã
ããŠã¹ã®å³ãã¿ã³ã䜿çšããŠãæäœã®ã¡ãã¥ãŒããããã¢ããã§ããŸãã
ã¹ããŒã¿ã¹ããŒ
ã¹ããŒã¿ã¹ããŒã¯XNUMXã€ã®éšåã«åãããŠãããå·ŠåŽã¯ã³ã³ããã¹ãã«äŸåããŸã
ããŒãããããã¡ã€ã«ã«é¢ããæ å ±ãªã©ãäžå€®ã«è¡šç€ºãããŸãã
ãã±ããæ°ã衚瀺ãããå³åŽã«çŸåšã®æ§æã衚瀺ãããŸã
ãããã£ãŒã«ã
ã¹ããŒã¿ã¹ããŒã¯ã«ãã£ãŠé ãããšãã§ããŸã 衚瀺ïŒã¹ããŒã¿ã¹ããŒ.
ç°å¢èšå®
ã ç°å¢èšå® ãã€ã¢ãã°ã䜿çšãããšãåäœã®ããŸããŸãªå人çãªå¥œã¿ãå¶åŸ¡ã§ããŸã
of Wiresharkã®.
ãŠãŒã¶ãŒã€ã³ã¿ãŒãã§ã€ã¹ã®èšå®
ã ãŠãŒã¶ãŒ ã€ã³ã¿ãã§ãŒã¹ ããŒãžã¯ãGUIã®å°ããªåŽé¢ãç¬èªã®ãã®ã«å€æŽããããã«äœ¿çšãããŸã
å人çãªå¥œã¿ïŒ
éžæããŒ
ãã±ãããªã¹ãã®éžæããŒãšãã±ããã®è©³çŽ°ã«ã¯ã次ã®ãããããå«ããããšãã§ããŸãã
ãåç §ããŸãã¯ãéžæãåäœã éžæããŒã«ãåç §ããããå Žå
åäœãç¢å°ããŒã¯éžæããŒã®ã¢ãŠãã©ã€ã³ã移åããŸãã
å€æŽããã«ãªã¹ãã®æ®ãã®éšåã詳现ãé²èŠ§ã§ããããã«ããŸã
ã¹ããŒã¹ããŒãæŒããŸã§éžæããŸãã éžæããŒã«
ãéžæãåäœãç¢å°ããŒã¯éžæããŒã移åããŠå€æŽããŸã
ãã±ãããªã¹ããŸãã¯ãã±ãã詳现ã®æ°ããã¢ã€ãã ãžã®éžæã
ãŠã£ã³ããŠã®äœçœ®ãä¿å
ãã®ã¢ã€ãã ãéžæãããšãWiresharkã®ã¡ã€ã³ãŠã£ã³ããŠã®äœçœ®ã
Wiresharkãçµäºãããšãã«ä¿åãããWiresharkãå床起åããããšãã«äœ¿çšãããŸãã
ãŠã£ã³ããŠãµã€ãºãä¿å
ãã®ã¢ã€ãã ãéžæãããšãWiresharkã®ã¡ã€ã³ãŠã£ã³ããŠã®ãµã€ãºã¯æ¬¡ã®ããã«ãªããŸãã
Wiresharkã®çµäºæã«ä¿åãããWiresharkã®åèµ·åæã«äœ¿çšãããŸãã
ãŠã£ã³ããŠã®æ倧åç¶æ ãä¿å
ãã®ã¢ã€ãã ãéžæãããŠããå ŽåãWiresharkã®ã¡ã€ã³ãŠã£ã³ããŠã®ç¶æ ãæ倧åããŸã
Wiresharkãååšããå Žåã¯ä¿åãããWiresharkã®èµ·åæã«äœ¿çšãããŸã
åã³ã
ãã¡ã€ã«ãéããã€ã¢ãã°ã®åäœ
ãã®ã¢ã€ãã ã«ããããŠãŒã¶ãŒã¯Wiresharkã次ã®ãªã¹ããåŠçããæ¹æ³ãéžæã§ããŸãã
ãã¬ãŒã¹ãã¡ã€ã«ãéããšãã®[ãã¡ã€ã«ãéã]ãã€ã¢ãã°ã ãæåŸã«èŠããŠ
Directoryãã«ãããWiresharkã¯ãã€ã¢ãã°ãèªåçã«
ã®èµ·åéã§ãã£ãŠããæåŸã«éãããã¡ã€ã«ã®ãã£ã¬ã¯ããª
Wiresharkã ãåžžã«ãã£ã¬ã¯ããªã§éããã䜿çšãããšããŠãŒã¶ãŒã¯
ãã€ã¢ãã°ãåžžã«ããã©ã«ãã§äœ¿çšããæ°žç¶ãã£ã¬ã¯ããªã
ãã£ã¬ã¯ããª
ãŠãŒã¶ãŒãæ°žç¶çãªãã¡ã€ã«ãªãŒãã³ãã£ã¬ã¯ããªãæå®ã§ããããã«ããŸãã ãã¬ãŒãªã³ã°
ã¹ã©ãã·ã¥ãŸãã¯ããã¯ã¹ã©ãã·ã¥ãèªåçã«è¿œå ãããŸãã
ãã¡ã€ã«ãªãŒãã³ãã¬ãã¥ãŒã¿ã€ã ã¢ãŠã
ãã®é ç®ã«ããããŠãŒã¶ãŒã¯èªæžã«è²»ããæéãå®çŸ©ã§ããŸãã
ãã¡ã€ã«ããã£ããã£ããŠã[ãã¡ã€ã«ãéã]ãã€ã¢ãã°ã«ãã¬ãã¥ãŒããŒã¿ã衚瀺ããŸãã
æè¿ã®æ倧ãªã¹ããšã³ããªãéã
[ãã¡ã€ã«]ã¡ãã¥ãŒã¯ãæè¿ã®ãã¡ã€ã«ãªã¹ãããµããŒãããŠããŸãã ãã®ã¢ã€ãã ã«ããããŠãŒã¶ãŒã¯æ¬¡ã®ããšãã§ããŸãã
ãã®ãªã¹ãã§è¿œè·¡ãããã¡ã€ã«ã®æ°ãæå®ããŸãã
ä¿åãããŠããªããã£ããã£ãã¡ã€ã«ãèŠæ±ãã
ãã¡ã€ã«ãä¿åãããŠããªãå Žåã«ãã£ããã£ãã¡ã€ã«ãŸãã¯Wiresharkèªäœãéãããšã
ããã§ãããã®ã¢ã€ãã ã
èšå®ããŸãã
æ€çŽ¢äžã«ã©ãã
ãã®é ç®ã¯ãæåãŸãã¯æåŸã«å°éãããšãã®åäœã決å®ããŸã
ãã£ããã£ãã¡ã€ã«ã®ã èšå®ãããšãæ€çŽ¢ãã©ããã¢ã©ãŠã³ãããŠç¶è¡ããŸãã
ãã以å€ã®å Žåã¯åæ¢ããŸãã
èšå®ãã€ã¢ãã°ã«ä¿åãã¿ã³ã衚瀺ãããŸã
ãã®é ç®ã¯ãããŸããŸãªãã€ã¢ãã°ã«æ瀺çãª[ä¿å]ãã¿ã³ããããã©ãããå€å¥ããŸã
ãŸãã¯ããã®ä¿åã¯OK / Applyã§æé»çã«è¡ãããŸãã
Webãã©ãŠã¶ã³ãã³ã
ãã®ãšã³ããªã¯ãWebãã©ãŠã¶ãèµ·åããããã®ã³ãã³ãã©ã€ã³ãæå®ããŸãã 䜿çšãããŸã
WikiããŠãŒã¶ãŒã¬ã€ããªã©ã®ãªã³ã©ã€ã³ã³ã³ãã³ãã«ã¢ã¯ã»ã¹ããããã 'ïŒ s'ã䜿çšããŠé 眮ããŸã
ã³ãã³ãã©ã€ã³ã®ãªã¯ãšã¹ãURLã
[ãšãã¹ããŒãæ å ±]ãã€ã¢ãã°ã®ã¿ãã©ãã«ã«LEDã衚瀺ããŸã
ãã®é ç®ã¯ãLEDã®ãããªã«ã©ãŒç»åãã«è¡šç€ºããããã©ããã決å®ããŸã
[ãšãã¹ããŒãæ å ±]ãã€ã¢ãã°ã®ã¿ãã©ãã«ã
ã¬ã€ã¢ãŠãèšå®
ã ã¬ã€ã¢ãŠã ããŒãžã§ã¯ãã¡ã€ã³ãŠã£ã³ããŠã®äžè¬çãªã¬ã€ã¢ãŠããæå®ã§ããŸãã ããªãã¯ã§ãã
XNUMXã€ã®ç°ãªãã¬ã€ã¢ãŠãããéžæããXNUMXã€ã®ãã€ã³ã«ã³ã³ãã³ããå ¥åããŸã
奜ãã§ãã
ã¹ã¯ããŒã«ããŒ
XNUMXã€ã®ãã€ã³ã®åçŽã¹ã¯ããŒã«ããŒã¯ã
å·ŠãŸãã¯å³ã
亀äºã®è¡ã®è²
XNUMXé²ãã£ã¹ãã¬ã€
éžæãããããã³ã«ã®XNUMXé²ãã³ã衚瀺ã®åŒ·èª¿è¡šç€ºæ¹æ³
itemã¯ãå転ãããªãŸãã¯å€ªåã®ããããã䜿çšããããã«èšå®ã§ããŸãã
ããŒã«ããŒã¹ã¿ã€ã«
ãã£ã«ã¿ããŒã«ããŒã®é 眮
ã«ã¹ã¿ã ãŠã£ã³ããŠã¿ã€ãã«
åèšå®
ã ã³ã©ã ããŒãžã§ã¯ãååã®çªå·ãã¿ã€ãã«ãããã³åœ¢åŒãæå®ã§ããŸã
ãã±ãããªã¹ãã«ãããŸãã
ã ã³ã©ã ã¿ã€ãã« ãšã³ããªã¯ãã«è¡šç€ºãããåã®ã¿ã€ãã«ãæå®ããããã«äœ¿çšãããŸã
ãã±ãããªã¹ãã®äžçªäžã åã«è¡šç€ºãããããŒã¿ã®ã¿ã€ãã¯æ¬¡ã®ãšããã§ãã
ã䜿çšããŠæå® ã³ã©ã 圢åŒã§ã¢ãŒã«ã€ããããããžã§ã¯ããä¿åããŸãïŒ ãªãã·ã§ã³ã¡ãã¥ãŒã å·ŠåŽã®ãã¿ã³ã®å
次ã®ã¢ã¯ã·ã§ã³ãå®è¡ããŸãã
æ°èŠãªã¹ãã«æ°ããåãè¿œå ããŸãã
åé€
çŸåšéžæãããŠãããªã¹ãã¢ã€ãã ãåé€ããŸãã
äžäž
éžæãããªã¹ãã¢ã€ãã ãXNUMXã€äžãŸãã¯äžã«ç§»åããŸãã
ãã©ã³ãèšå®
ã ãã©ã³ã ããŒãžã§ã¯ãã»ãšãã©ã®ããã¹ãã«äœ¿çšãããã©ã³ããéžæã§ããŸãã
è²ã®èšå®
ã è² ããŒãžã䜿çšããŠãTCPã«è¡šç€ºãããããã¹ãã®è²ãå€æŽã§ããŸã
ã¹ããªãŒã ãŠã£ã³ããŠããã³ããŒã¯ããããã±ããçšã è²ãå€æŽããã«ã¯ããéžæããã ãã§ã
ãèšå®ïŒãã¡ãã¥ãŒããå±æ§ãååŸããã«ã©ãŒã»ã¬ã¯ã¿ãŒã䜿çšããŠç®çã®å€ãååŸããŸã
è²ã æ°ããããã¹ãã®è²ããµã³ãã«ããã¹ããšããŠè¡šç€ºãããŸãã
ãã£ããã£èšå®
ã ãã£ãã㣠ããŒãžã§ã¯ãã©ã€ããã±ããããã£ããã£ããããã®ããŸããŸãªãã©ã¡ãŒã¿ãæå®ã§ããŸã
ããŒã¿; ãããã¯ããã£ããã£ãæåã«éå§ããããšãã«äœ¿çšãããŸãã
ã ã€ã³ã¿ãã§ãŒã¹ïŒ ã³ã³ãããã¯ã¹ã䜿çšãããšããã£ããã£å ã®ã€ã³ã¿ãŒãã§ã€ã¹ãæå®ã§ããŸã
ãã±ããããŒã¿ããŸãã¯ãã±ããããŒã¿ãååŸããFIFOã®ååã
ã äžã€ ã¿ã€ãïŒ ãªãã·ã§ã³ã¡ãã¥ãŒã䜿çšãããšãäžéšã®ã€ã³ã¿ãŒãã§ã€ã¹ã§ããŒã¿ãéžæã§ããŸã
ãã£ããã£ãããã±ããã«è¡šç€ºãããªã³ã¯ããããŒã ããšãã°ãäžéšã®
OSããã³libpcapã®äžéšã®ããŒãžã§ã³ã§ã¯ã802.11ã€ã³ã¿ãŒãã§ã€ã¹ã§æ¬¡ã®ããã«éžæã§ããŸãã
ãã±ãããã€ãŒãµããããã±ãããšããŠè¡šç€ºãããã©ããïŒåœã®ã€ãŒãµãããã䜿çšïŒ
ããããŒïŒãŸãã¯802.11ãã±ãããšããŠã
ã ãªããã å ãã±ãã ããž ... ãã€ã ãã§ãã¯ããã¯ã¹ã䜿çšãããšãã¹ãããã·ã§ããã®é·ãã次ã®ããã«èšå®ã§ããŸã
ã©ã€ãããŒã¿ããã£ããã£ãããšãã«äœ¿çšããŸãã ãã§ãã¯ããã¯ã¹ããªã³ã«ããŠããã
ã¹ãããã·ã§ããã®é·ããšããŠäœ¿çšãããã€ãã
ã ãã£ã«ã¿ïŒ ããã¹ãå ¥åã䜿çšãããšã次ã®å Žåã«äœ¿çšãããã£ããã£ãã£ã«ã¿ãŒåŒãèšå®ã§ããŸã
ãã£ããã£ã
ç°å¢å€æ°SSH_CONNECTIONãSSH_CLIENTãREMOTEHOSTã
DISPLAYãŸãã¯SESSIONNAMEãèšå®ãããŠããå ŽåãWiresharkã¯ããã©ã«ãã®ãã£ããã£ãã£ã«ã¿ãŒãäœæããŸã
ãããã®å€æ°ã§å®çŸ©ããããã¹ããšããŒãããã®ãã©ãã£ãã¯ãé€å€ããŸãã
ã ãã£ãã㣠ãã±ãã in ç¡å·®å¥ ã¢ãŒã ãã§ãã¯ããã¯ã¹ã䜿çšãããšã
ãã£ããã£ãããšãã¯ãã€ã³ã¿ãŒãã§ã€ã¹ãç¡å·®å¥ã¢ãŒãã«ããŸãã
ã ã¢ãããã€ã ãªã¹ã of ãã±ãã in ãªã¢ã« æé ãã§ãã¯ããã¯ã¹ã䜿çšãããšã
ãã±ããã衚瀺ããããã衚瀺ãæŽæ°ããå¿ èŠããããŸãã
ã ãªãŒãããã㯠ã¹ã¯ããŒãªã³ã° in ã©ã€ã ãã£ããã£ãŒ ãã§ãã¯ããã¯ã¹ã䜿çšãããšã
ããªã¢ã«ã¿ã€ã ã§ãã±ããã®ãªã¹ããæŽæ°ããããã£ããã£ããã±ãããªã¹ããã€ã³ã¯
èªåçã«ã¹ã¯ããŒã«ããŠãæåŸã«ãã£ããã£ããããã±ããã衚瀺ããŸãã
å°å·èšå®
äžéšã®ã©ãžãªãã¿ã³ å°å· ããŒãžããéžæã§ããŸã
ã§ãã±ãããå°å·ãã ãã¡ã€ã«ïŒå°å· ãã±ãã ããã¹ããŸãã¯PostScriptãšããŠã®ã¡ãã¥ãŒé ç®ãããã³
åºåãã³ãã³ãã«çŽæ¥éä¿¡ãããããã¡ã€ã«ã«ä¿åããŸãã The ã³ãã³ãïŒ
UNIXäºæã·ã¹ãã ã®ããã¹ãå ¥åããã¯ã¹ã¯ããã¡ã€ã«ãéä¿¡ããã³ãã³ãã§ãã
ïŒé垞㯠lprïŒã ãããŠãã® ãã¡ã€ã«ïŒ å ¥åããã¯ã¹ã§ã¯ããã¡ã€ã«ã®ååãå ¥åã§ããŸã
ä¿åãããã ããã«ããéžæããããšãã§ããŸã ãã¡ã€ã«ïŒ ãã¿ã³ãåç §ããŠ
ç¹å®ã®ä¿åãã¡ã€ã«ã®ãã¡ã€ã«ã·ã¹ãã ã
åå解決ã®èšå®
ã æå¹ã«ããŸã ãã㯠å å解èœ, æå¹ã«ããŸã ãããã¯ãŒã¯ å åè§£èœ & æå¹ã«ããŸã
茞é å åè§£èœ ãã§ãã¯ããã¯ã¹ã䜿çšãããšãMACã¢ãã¬ã¹ãæå®ã§ããŸãã
ãããã¯ãŒã¯ã¢ãã¬ã¹ãããã³ãã©ã³ã¹ããŒãå±€ã®ããŒãçªå·ã¯ã次ã®ããã«å€æããå¿ èŠããããŸãã
ååã
ã æå¹ã«ããŸã åæ DNS å åè§£èœ Wiresharkãè€æ°ãéä¿¡ã§ããããã«ããŸã
åå解決èŠæ±ãšç¶è¡ããåã«çµæãåŸ ããªã
解åã ããã«ããããããã¯ãŒã¯å解決ã«ããåæãé«éåãããŸããã
æåã¯è§£å床ãèŠéãå¯èœæ§ããããŸãã åæãªã¯ãšã¹ãæ°ãèšå®ã§ããŸã
ãã¡ããã
SMI ãã¹
SMI ã¢ãžã¥ãŒã«
RTPãã¬ãŒã€ãŒã®èšå®
ãã®ããŒãžã§ã¯ãRTPãã¬ãŒã€ãŒã«è¡šç€ºããããã£ã³ãã«æ°ãéžæã§ããŸã
çªã ããã¯çªã®é«ãã決å®ããããå€ãã®ãã£ãã«ãå¯èœã§ããã
ã¹ã¯ããŒã«ããŒã§è¡šç€ºã§ããŸãã
ãããã³ã«èšå®
Wiresharkãåæããå¶åŸ¡ããããŸããŸãªãããã³ã«ã®ããŒãžããããŸã
Wiresharkããããã®ãããã³ã«ãåŠçããæ¹æ³ã
ãã£ããã£ãã£ã«ã¿ãŒãªã¹ãã®ç·šé
衚瀺ãã£ã«ã¿ãŒãªã¹ãã®ç·šé
ãã£ããã£ãã£ã«ã¿ãŒ
ãã£ã¹ãã¬ã€ãã£ã«ã¿ãŒ
èªã¿åããã£ã«ã¿ãŒ
æ€çŽ¢ãã£ã«ã¿ãŒ
ã ç·šé ãã£ãã㣠ãã£ã«ã¿ ãªã¹ã ãã€ã¢ãã°ã§ã¯ããã£ããã£ãäœæãå€æŽãããã³åé€ã§ããŸã
ãã£ã«ã¿ãããã³ ç·šé ãã£ã¹ãã¬ã€ ãã£ã«ã¿ ãªã¹ã ãã€ã¢ãã°ã§ã¯ãäœæãå€æŽãããã³åé€ã§ããŸã
ãã£ã«ã¿ã衚瀺ããŸãã
ã ãã£ãã㣠ãã£ã«ã¿ ãã€ã¢ãã°ã§ã¯ããªã¹ããããŠãããã¹ãŠã®ç·šéæäœãå®è¡ã§ããŸãã
ãã±ããããã£ããã£ãããšãã«äœ¿çšãããã£ã«ã¿ãéžæãŸãã¯æ§ç¯ã§ããŸãã
ã ãã£ã¹ãã¬ã€ ãã£ã«ã¿ ãã€ã¢ãã°ã§ã¯ããªã¹ããããŠãããã¹ãŠã®ç·šéæäœãå®è¡ã§ããŸãã
çŸåšã®ãã£ããã£ããã£ã«ã¿ãªã³ã°ããããã«äœ¿çšãããã£ã«ã¿ãéžæãŸãã¯æ§ç¯ã§ããŸã
衚瀺ãããŸããã
ã èªã ãã£ã«ã¿ ãã€ã¢ãã°ã䜿çšãããšããªã¹ããããŠãããã¹ãŠã®ç·šéæäœãå®è¡ã§ããŸãã
ãã£ããã£ãã¡ã€ã«ã®èªã¿åããã£ã«ã¿ãŒãšããŠäœ¿çšãããã£ã«ã¿ãŒãéžæãŸãã¯äœæããŸãã
ãªãŒãã³ã
ã ãæ€çŽ¢ ãã£ã«ã¿ ãã€ã¢ãã°ã§ã¯ããªã¹ããããŠãããã¹ãŠã®ç·šéæäœãå®è¡ã§ããŸãã
æ€çŽ¢æäœã§äœ¿çšãããã£ã«ã¿ãŒåŒãéžæãŸãã¯äœæã§ããŸãã
ããããã¹ãŠã®ãã€ã¢ãã°ã§ã ãã£ã«ã¿ å ãšã³ããªã¯ãã®èª¬æçãªååãæå®ããŸã
ãã£ã«ã¿ãäŸãã° ãŠãšããµã€ã & DNS ãã©ãã£ãã¯ãéžæããŸãã ãã£ã«ã¿ æåå ãšã³ããªã¯å®éã«
äžèšã®ããã«å®è¡ãããã£ã«ã¿ãªã³ã°ã¢ã¯ã·ã§ã³ã«ã€ããŠèª¬æããŸãããã€ã¢ãã°ãã¿ã³ã¯å®è¡ããŸã
次ã®ã¢ã¯ã·ã§ã³:
æ°èŠXNUMXã€ã®å ¥åããã¯ã¹ã«ããã¹ããããå Žåãæ°ããé¢é£ãªã¹ãé ç®ãäœæããŸãã
ç·šéçŸåšéžæãããŠãããªã¹ãã¢ã€ãã ããå ¥åããã¯ã¹ã®å 容ãšäžèŽããããã«å€æŽããŸãã
åé€
çŸåšéžæãããŠãããªã¹ãã¢ã€ãã ãåé€ããŸãã
åŒãè¿œå ...
ãã£ã«ã¿åŒã衚瀺ããå Žåã¯ããã€ã¢ãã°ããã¯ã¹ããããã¢ããããŠã
ç¹å®ã®ãã£ãŒã«ãããã¹ãããããã®ãã£ã«ã¿ãŒåŒã ãã£ãŒã«ãåã®ãªã¹ããæäŸããŸãã
å¿ èŠã«å¿ããŠããã£ãŒã«ãã§å®è¡ãããã¹ããéžæããããã®ãªã¹ã
ãããŠãããæ¯èŒããããã®å€ã ãã®ãã€ã¢ãã°ããã¯ã¹ã§ã[OK]ãã¿ã³ã衚瀺ãããŸã
äœæãããã£ã«ã¿ãŒåŒãã«å ¥åãããŸã ãã£ã«ã¿ æåå
çŸåšã®ã«ãŒãœã«äœçœ®ã®ãšã³ããªã
OK㧠ãã£ãã㣠ãã£ã«ã¿ ãã€ã¢ãã°ããã€ã¢ãã°ããã¯ã¹ãéãããã£ã«ã¿ãŒãäœæããŸã
ãã£ã«ã¿ æåå ãã£ã«ã¿ãå ¥åããŸã ãã£ãã㣠ç°å¢èšå® ãã€ã¢ãã°ã ã®äžã«
ãã£ã¹ãã¬ã€ ãã£ã«ã¿ ãã€ã¢ãã°ããã€ã¢ãã°ããã¯ã¹ãéãããã£ã«ã¿ãŒãäœæããŸã ãã£ã«ã¿
æåå çŸåšã®è¡šç€ºãã£ã«ã¿ãŒãå ¥åãããããçŸåšã®ãã£ããã£ã«é©çšããŸãã
èªã ãã£ã«ã¿ ãã€ã¢ãã°ããã€ã¢ãã°ããã¯ã¹ãéãããã£ã«ã¿ãŒãäœæããŸã
ãã£ã«ã¿ æåå ãã£ã«ã¿ãå ¥åããŸã Open ãã£ãã㣠File ãã€ã¢ãã°ã ã®äžã« ãæ€çŽ¢
ãã£ã«ã¿ ãã€ã¢ãã°ããã€ã¢ãã°ããã¯ã¹ãéãããã£ã«ã¿ãŒãäœæããŸã ãã£ã«ã¿ æåå
ãã£ã«ã¿ãå ¥åããŸã ããå®æãããã¯ãŒã¯ã¹ããŒã¹ã«æ²ç€ºããŸããã? ãã±ãã ãã€ã¢ãã°ã
é©çšãã£ã«ã¿ãŒãäœæããŸã ãã£ã«ã¿ æåå çŸåšã®è¡šç€ºãã£ã«ã¿ãŒãå ¥åãã
çŸåšã®ãã£ããã£ã«é©çšããŸãã
ä¿åç·šéäžã®ãã£ã«ã¿ãŒã®ãªã¹ãããã£ããã£ãã£ã«ã¿ãŒã®ãªã¹ãã§ããå Žåã
ããŒãœãã«ãã£ããã£ãã£ã«ã¿ãŒãã¡ã€ã«ãžã®çŸåšã®ãã£ã«ã¿ãŒãªã¹ããããã³
ç·šéäžã®ãã£ã«ã¿ãŒã¯è¡šç€ºãã£ã«ã¿ãŒã®ãªã¹ãã§ãããçŸåšã®ãã£ã«ã¿ãŒãä¿åããŸã
ããŒãœãã«ãã£ã¹ãã¬ã€ãã£ã«ã¿ãŒãã¡ã€ã«ã«ãªã¹ãããŸãã
éããã®ãã£ã«ã¿ãŒã§äœãããã«ãã€ã¢ãã°ãéããŸã ãã£ã«ã¿ æåå
ãšã³ããªã
[ã«ã©ãŒãã£ã«ã¿ãŒ]ãã€ã¢ãã°
ãã®ãã€ã¢ãã°ã«ã¯ãã«ã©ãŒãã£ã«ã¿ã®ãªã¹ãã衚瀺ãããå€æŽã§ããŸãã
ãã£ã«ã¿ãŒãªã¹ã
ãã¯ãªãã¯ãããšãåäžã®è¡ãéžæã§ããŸãã ã䜿çšããŠè€æ°ã®è¡ãéžæã§ããŸã
CtrlããŒãšShiftããŒãããŠã¹ãã¿ã³ãšçµã¿åãããŠäœ¿çšââããŸãã
NEWãªã¹ãã®äžéšã«æ°ãããã£ã«ã¿ãŒãè¿œå ãã[ã«ã©ãŒãã£ã«ã¿ãŒã®ç·šé]ãã€ã¢ãã°ãéããŸã
ç®±ã å°ãªããšããã£ã«ã¿ãŒãå€æŽãããåã«ããã£ã«ã¿ãŒåŒãå€æŽããå¿ èŠããããŸã
åãä»ããŸãã ã«ã©ãŒãã£ã«ã¿ãŒåŒã®åœ¢åŒã¯ãã®åœ¢åŒãšåãã§ãã
ãã£ã«ã¿ã衚瀺ããŸãã æ°ãããã£ã«ã¿ãŒãéžæãããŠãããããããã«äžã«ç§»åã§ããŸã
ããŠã³ãåé€ããŸãã¯ç·šéã æ··ä¹±ãé¿ããããã«ãåã«ãã¹ãŠã®ãã£ã«ã¿ãŒãéžæ解é€ãããŠããŸã
æ°ãããã£ã«ã¿ãŒãäœæãããŸãã
EDIT
éžæãããã£ã«ã¿ãŒã®[ã«ã©ãŒãã£ã«ã¿ãŒã®ç·šé]ãã€ã¢ãã°ããã¯ã¹ãéããŸãã ïŒãã®ãã¿ã³ã
ç¡å¹ã«ãããšãè€æ°ã®ãã£ã«ã¿ãŒãéžæãããŠããå¯èœæ§ãããããããŸãã«ãªããŸãã
ç·šéããäºå®ã§ããïŒ
æå¹
éžæããã«ã©ãŒãã£ã«ã¿ãŒãæå¹ã«ããŸãã
ç¡å¹ã«ãã
éžæããã«ã©ãŒãã£ã«ã¿ãŒãç¡å¹ã«ããŸãã
DELETE
éžæããã«ã©ãŒãã£ã«ã¿ãŒãåé€ããŸãã
茞åºãã
ã«ã©ãŒãã£ã«ã¿ãŒã®çŸåšã®ãªã¹ããä¿åãããã¡ã€ã«ãéžæã§ããŸãã
éžæãããã£ã«ã¿ãŒã®ã¿ãä¿åããããšãã§ããŸãã ãã¿ã³ãæäŸãããŸã
ãã£ã«ã¿ãã°ããŒãã«ã«ã©ãŒãã£ã«ã¿ãã¡ã€ã«ã«ä¿åããŸãïŒååãªæ°ãå¿ èŠã§ãïŒ
ãã¡ããããã®ãã¡ã€ã«ãæžã蟌ãããã®æš©éïŒã
ã€ã³ããŒã
ã«ã©ãŒãã£ã«ã¿ãŒãå«ããã¡ã€ã«ãéžæããŠãã«è¿œå ããããšãã§ããŸã
çŸåšã®ãªã¹ãã®äžçªäžã è¿œå ããããã¹ãŠã®ãã£ã«ã¿ãŒãéžæãããŠããããã
ã°ã«ãŒããšããŠãªã¹ãå ã®æ£ããäœçœ®ã«ç§»åããŸããã æ··ä¹±ãé¿ããããã«ããã¹ãŠ
æ°ãããã£ã«ã¿ãŒãã€ã³ããŒããããåã«ããã£ã«ã¿ãŒã¯éžæ解é€ãããŸãã ãã¿ã³ãçšæãããŠããŸã
ã°ããŒãã«ã«ã©ãŒãã£ã«ã¿ãŒãã¡ã€ã«ãããã£ã«ã¿ãŒãããŒãããŸãã
CLEAR
å人çšã«ã©ãŒãã£ã«ã¿ãŒãã¡ã€ã«ãåé€ããã°ããŒãã«ã«ã©ãŒãã£ã«ã¿ãŒãã¡ã€ã«ãåèªã¿èŸŒã¿ãã
ååšããå Žåã¯ããã€ã¢ãã°ãéããŸãã
UPéžæãããã£ã«ã¿ãŒããªã¹ãã®äžæ¹ã«ç§»åãããã£ã«ã¿ãŒã
ãã±ããã®è²ä»ãã«äœ¿çšãããŸãã
ããŠã³
éžæãããã£ã«ã¿ãŒããªã¹ãã®äžã«ç§»åãããã£ã«ã¿ãŒã移åããå¯èœæ§ãäœãããŸã
ãã±ããã®è²ä»ãã«äœ¿çšãããŸãã
OKãã€ã¢ãã°ãéãããã®ãŸãŸã®ç¶æ ã§ã«ã©ãŒãã£ã«ã¿ãŒã䜿çšããŸãã
APPLY
ã«ã©ãŒãã£ã«ã¿ãŒã®çŸåšã®ãªã¹ãã«åŸã£ãŠãã±ããã«è²ãä»ããŸãããè²ã¯ä»ããŸãã
ãã€ã¢ãã°ãéããŸãã
ã»ãŒã
ã«ã©ãŒãã£ã«ã¿ãŒã®çŸåšã®ãªã¹ããå人çšã«ã©ãŒãã£ã«ã¿ãŒãã¡ã€ã«ã«ä¿åããŸãã
ãããè¡ããªãéãã次ã«Wiresharkãèµ·åãããšãã«äœ¿çšãããŸããã
éãã
ãã±ããã®è²ãå€æŽããã«ãã€ã¢ãã°ãéããŸãã ãäºæ¿ãã ãã
ã«ã©ãŒãã£ã«ã¿ãŒã®çŸåšã®ãªã¹ãã«å ããå€æŽã¯å ã«æ»ãããŸããã
ãã£ããã£ãªãã·ã§ã³ãã€ã¢ãã°
ã ãã£ãã㣠ãªãã·ã§ã³ 察話 ã©ã€ãããã£ããã£ããããã®ããŸããŸãªãã©ã¡ãŒã¿ãæå®ã§ããŸã
ãã±ããããŒã¿ã
ã ã€ã³ã¿ãã§ãŒã¹ïŒ ãã£ãŒã«ãã§ã¯ããã±ããããŒã¿ããã£ããã£ããã€ã³ã¿ãŒãã§ã€ã¹ãæå®ã§ããŸã
ãŸãã¯ããã€ããä»ããŠãã±ããããŒã¿ãååŸããã³ãã³ãã
ã ãªã³ã¯ å±€ ããã ã¿ã€ãïŒ ãã£ãŒã«ãã§ã¯ãã€ã³ã¿ãŒãã§ã€ã¹ã®ãªã³ã¯å±€ããããŒãæå®ã§ããŸã
ã¿ã€ãã ã»ãšãã©ã®ã€ã³ã¿ãŒãã§ã€ã¹ã«ã¯ããããŒã¿ã€ããXNUMXã€ãããªãããããã®ãã£ãŒã«ãã¯éåžžç¡å¹ã«ãªã£ãŠããŸãã
ã ãã£ãã㣠ãã±ãã in ç¡å·®å¥ ã¢ãŒã ãã§ãã¯ããã¯ã¹ã䜿çšãããšã
ãã£ããã£ãããšãã¯ãã€ã³ã¿ãŒãã§ã€ã¹ãç¡å·®å¥ã¢ãŒãã«ããå¿ èŠããããŸãã
ã ãªããã å ãã±ãã ããž ... ãã€ã ãã§ãã¯ããã¯ã¹ãšãã£ãŒã«ãã§æ倧å€ãæå®ã§ããŸã
ãã£ããã£ããŠä¿åãããã±ãããããã®ãã€ãæ°ã ãã§ãã¯ããã¯ã¹ããã§ãã¯ãããŠããªãå Žåã
å¶éã¯65535ãã€ãã«ãªããŸãã
ã ãã£ãã㣠ãã£ã«ã¿ïŒ ãšã³ããªã䜿çšãããšãtcpdumpã¹ã¿ã€ã«ã䜿çšããŠãã£ããã£ãã£ã«ã¿ãæå®ã§ããŸã
äžèšã®ããã«æååããã£ã«ã¿ãªã³ã°ããŸãã
ã ãã¡ã€ã«ïŒ ãšã³ããªã䜿çšãããšããã£ããã£ããããã±ãããä¿åãããã¡ã€ã«ãæå®ã§ããŸãã
ã®ããã« ããªã³ã¿ ãªãã·ã§ã³ äžèšã®ãã€ã¢ãã°ã æå®ããªãå Žåããã£ããã£ããããã±ããã¯
äžæãã¡ã€ã«ã«ä¿åãããŸãã ãããã®ãã±ããããã¡ã€ã«ã«ä¿åã§ããŸãã ãã¡ã€ã«ïŒä¿å
As ã¡ãã¥ãŒé ç®ã
ã ã ã®è©Šåã« ãã¡ã€ã« ãã§ãã¯ããã¯ã¹ã䜿çšãããšããã£ããã£ãã§å®è¡ããå¿ èŠãããããšãæå®ã§ããŸã
ãè€æ°ãã¡ã€ã«ãã¢ãŒãã ãã®ãªãã·ã§ã³ã¯ã ã¢ãããã€ã ãªã¹ã of ãã±ãã in ãªã¢ã«
æé ãªãã·ã§ã³ããã§ãã¯ãããŸãã
ã Next file ãããã ... ã¡ã¬ãã€ã ãã§ãã¯ããã¯ã¹ãšãã£ãŒã«ãã䜿çšãããšã
æå®ããããã¡ã€ã«ãµã€ãºã«éããå Žåã¯ã次ã®ãã¡ã€ã«ãžã®åãæ¿ããè¡ãå¿ èŠããããŸãã ããªãã¯ã§ãã
ãŸããé©åãªåäœãéžæããŸããããã¡ã€ã«ãµã€ãºã¯æ倧2GiBã§ããããšã«æ³šæããŠãã ããã
ãè€æ°ãã¡ã€ã«ãã¢ãŒãã§ã¯ãã¡ã€ã«ãµã€ãºãå¿ èŠãªããããã§ãã¯ããã¯ã¹ã¯åŒ·å¶çã«ãªã³ã«ãªããŸã
æå®ããã
ã Next file ãããã ... åïŒ ãã§ãã¯ããã¯ã¹ãšãã£ãŒã«ãã䜿çšãããšã
次ã®ãã¡ã€ã«ãžã®åãæ¿ãã¯ãããšãæå®ãããæéãçµéããåŸã«è¡ãå¿ èŠããããŸãã
æå®ããããã£ããã£ãµã€ãºã«éããŠããŸããã
ã ãªã³ã° ãããã¡ ã ... ãã¡ã€ã« ãã£ãŒã«ãã§ã¯ããªã³ã°ã®ãã¡ã€ã«æ°ãæå®ã§ããŸã
ãããã¡ã ãã®æ©èœã¯ãæå®ãããåŸãæåã®ãã¡ã€ã«ã«å床ãã£ããã£ãããŸã
䜿çšããããã¡ã€ã«ã®æ°ã
ã Force Stop ãã£ããã£ãŒ After ... ãã¡ã€ã« ãã£ãŒã«ãã§ã¯ããã£ããã£ãã¡ã€ã«ã®æ°ãæå®ã§ããŸã
ãã£ããã£ãåæ¢ãããŸã§äœ¿çšãããŸãã
ã Force Stop ãã£ããã£ãŒ After ... ãã±ãã ãã§ãã¯ããã¯ã¹ãšãã£ãŒã«ãã§æå®ã§ããŸã
Wiresharkã¯ãããã€ãã®ãã±ããããã£ããã£ããåŸããã£ããã£ãåæ¢ããå¿ èŠããããŸãã ã®å Žå
ãã§ãã¯ããã¯ã¹ããã§ãã¯ãããŠããªãå ŽåãWiresharkã¯äžå®æ°ã®ãã£ããã£ãåæ¢ããŸãã
ãã£ããã£ããããã±ããã
ã Force Stop ãã£ããã£ãŒ After ... ã¡ã¬ãã€ã ãã§ãã¯ããã¯ã¹ãšãã£ãŒã«ãã§æå®ã§ããŸã
Wiresharkã¯ããã£ããã£ããããã±ãããéä¿¡ãããŠãããã¡ã€ã«ã®åŸã§ãã£ããã£ãåæ¢ããå¿ èŠããããŸã
ä¿åããããµã€ãºã¯ãæå®ãããã¡ã¬ãã€ãæ°ä»¥äžã«ãªããŸãã ã®å Žå
ãã§ãã¯ããã¯ã¹ããã§ãã¯ãããŠããªãå ŽåãWiresharkã¯ãã£ããã£ãã¡ã€ã«ãµã€ãºã§ãã£ããã£ãåæ¢ããŸãã
ïŒãã ããWiresharkãå®è¡ãããŠãããªãã¬ãŒãã£ã³ã°ã·ã¹ãã ããŸãã¯äœ¿çšå¯èœãªãã£ã¹ã¯
ã¹ããŒã¹ããã£ããã£ãã¡ã€ã«ã®æ倧ãµã€ãºãå¶éããå ŽåããããŸãïŒã ãã®ãªãã·ã§ã³ã¯ç¡å¹ã«ãªã£ãŠããŸãã
ãè€æ°ãã¡ã€ã«ãã¢ãŒãã䜿çšãããŠããå Žåã
ã Force Stop ãã£ããã£ãŒ After ... ç§ïŒsïŒ ãã§ãã¯ããã¯ã¹ãšãã£ãŒã«ãã§æå®ã§ããŸã
Wiresharkã¯ãããã€ãã®ãã£ããã£ãè¡ãããåŸããã£ããã£ãåæ¢ããå¿ èŠããããŸã
ç§; ãã§ãã¯ããã¯ã¹ããã§ãã¯ãããŠããªãå ŽåãWiresharkã¯ãã°ããããŠãããã£ããã£ãåæ¢ããŸãã
äžå®æéãçµéããŸããã
ã ã¢ãããã€ã ãªã¹ã of ãã±ãã in ãªã¢ã« æé ãã§ãã¯ããã¯ã¹ã䜿çšãããšã衚瀺ãããã©ãããæå®ã§ããŸã
ãã±ããããã£ããã£ããããšãã«æŽæ°ããå¿ èŠããããŸããæå®ããå Žåã¯ã ãªãŒããããã¯
ã¹ã¯ããŒãªã³ã° in ã©ã€ã ãã£ããã£ãŒ ãã§ãã¯ããã¯ã¹ã䜿çšãããšããã±ãããªã¹ããã€ã³ãæå®ã§ããŸãã
æ°ãããã±ãããå°çãããšãèªåçã«ã¹ã¯ããŒã«ããŠãæåŸã«ãã£ããã£ããããã±ããã衚瀺ããŸãã
ã æå¹ã«ããŸã ãã㯠å å解èœ, æå¹ã«ããŸã ãããã¯ãŒã¯ å åè§£èœ & æå¹ã«ããŸã 茞é
å åè§£èœ ãã§ãã¯ããã¯ã¹ã䜿çšãããšãMACã¢ãã¬ã¹ããããã¯ãŒã¯ã¢ãã¬ã¹ã
ãã©ã³ã¹ããŒãå±€ã®ããŒãçªå·ã¯ååã«å€æããå¿ èŠããããŸãã
ç§ãã¡ã«ã€ããŠ
ã ç§ãã¡ã«ã€ã㊠ãã€ã¢ãã°ã§ã¯ãWiresharkã«é¢ããããŸããŸãªæ å ±ã衚瀺ã§ããŸãã
AboutïŒWireshark
ã Wiresharkã® ãã®ããŒãžã§ã¯ãWiresharkã«é¢ããäžè¬çãªæ å ±ã衚瀺ã§ããŸãã
ã€ã³ã¹ããŒã«ãããŠããããŒãžã§ã³ãã©ã€ã»ã³ã¹æ å ±ãªã©ã
æŠèŠïŒèè
ã äœæè ããŒãžã«ã¯ãäœæè ãšãã¹ãŠã®å¯çš¿è ã衚瀺ãããŸãã
æŠèŠïŒãã©ã«ã
ã ãã©ã«ã ãã®ããŒãžã§ã¯ãWiresharkãæ€çŽ¢ããŠãããã£ã¬ã¯ããªåã衚瀺ã§ããŸãã
ããŸããŸãªæ§æããã³ãã®ä»ã®ãã¡ã€ã«ã
AboutïŒãã©ã°ã€ã³
ã ãã©ã°ã€ã³ ãã®ããŒãžã§ã¯ãã·ã¹ãã ã§äœ¿çšå¯èœãªãã£ã»ã¯ã¿ãã©ã°ã€ã³ã¢ãžã¥ãŒã«ã衚瀺ã§ããŸãã
ã ãã©ã°ã€ã³ ãªã¹ã ã«ããåãã£ã»ã¯ã¿ãã©ã°ã€ã³ã¢ãžã¥ãŒã«ã®ååãšããŒãžã§ã³ã瀺ããŸã
ããªãã®ã·ã¹ãã ã
Unixäºæã·ã¹ãã ã§ã¯ããã©ã°ã€ã³ã¯æ¬¡ã®ãã£ã¬ã¯ããªã§æ€çŽ¢ãããŸãã
ã lib / wireshark / plugins / $ VERSION ã¡ã€ã³ã€ã³ã¹ããŒã«ãã£ã¬ã¯ããªã®äžã®ãã£ã¬ã¯ããª
ïŒäŸãã°ã / usr / local / lib / wireshark / plugins / $ VERSIONïŒã ãã®åŸ
$ HOME / .wireshark / plugins.
Windowsã·ã¹ãã ã§ã¯ããã©ã°ã€ã³ã¯æ¬¡ã®ãã£ã¬ã¯ããªã§æ€çŽ¢ãããŸãã
ãã©ã°ã€ã³\ $ VERSION ã¡ã€ã³ã€ã³ã¹ããŒã«ãã£ã¬ã¯ããªã®äžã®ãã£ã¬ã¯ããªïŒããšãã°ã
CïŒ\ Program Files \ Wireshark \ plugins \ $ VERSIONïŒã ãã®åŸ
ïŒ APPDATAïŒ \ Wireshark \ plugins \ $ VERSION ïŒãŸãã¯ãïŒ APPDATAïŒ ãå®çŸ©ãããŠããªãå Žåã¯ã
ïŒ USERPROFILEïŒ \ Application Data \ Wireshark \ plugins \ $ VERSION).
$ VERSIONã¯ããã©ã°ã€ã³ã€ã³ã¿ãŒãã§ã€ã¹ã®ããŒãžã§ã³çªå·ã§ãããéåžžã¯ããŒãžã§ã³ã§ãã
Wiresharkã®æ°ã ãã£ã»ã¯ã¿ãã©ã°ã€ã³ã¢ãžã¥ãŒã«ã¯è€æ°ããµããŒãããå Žåãããããšã«æ³šæããŠãã ãã
ãããã³ã«; ãã£ã»ã¯ã¿éã§å¿ ãããXNUMX察XNUMXã®å¯Ÿå¿ããããšã¯éããŸãã
ãã©ã°ã€ã³ã¢ãžã¥ãŒã«ãšãããã³ã«ã ãã£ã»ã¯ã¿ãã©ã°ã€ã³ã¢ãžã¥ãŒã«ã§ãµããŒããããŠãããããã³ã«ã¯æ¬¡ã®ãšããã§ãã
ã䜿çšããŠæå¹åããã³ç¡å¹å ç·šéïŒãããã³ã« çµã¿èŸŒã¿ã®ãããã³ã«ãšåãããã«ããã€ã¢ãã°ããã¯ã¹
Wiresharkã¯ããã§ãã
ãã£ããã£ãŒ ãã£ã«ã¿ æ§æ
ã®ããã¥ã¢ã«ããŒãžãåç §ããŠãã ãã pcap ãã£ã«ã¿ãŒïŒ7ïŒãŸãã¯ããããååšããªãå Žåã¯ã tcpdumpïŒ8ïŒããŸãã¯ããã®å Žå
ååšããªãã ã
DISPLAY ãã£ã«ã¿ æ§æ
ã§ãã£ã«ã¿ãªã³ã°å¯èœãªãããã³ã«ããã³ãããã³ã«ãã£ãŒã«ãã®å®å šãªããŒãã«ã«ã€ããŠã¯ Wiresharkã®
ã Wiresharkãã£ã«ã¿ãŒïŒ4ïŒããã¥ã¢ã«ããŒãžã
onworks.netãµãŒãã¹ã䜿çšããŠwiresharkããªã³ã©ã€ã³ã§äœ¿çšãã