??ν???Sniffer?????Linux????????
???????????? ???????[ 2013/4/9 10:16:58 ] ????????
?????????????????????????? Sniffer???????????Sniffer ?????簲????????????н??????????????繥?????????Э?????????????????????? Linux ?????????????????????? Tcpdump??Ethereal ?? EtherApe ???????????ν??? Sniffer ?????????????????????????Ч????????У??????? Sniffer ????????????????????????Щ?????????????????????????
?????? Tcpdump??????????з???????????????????????????????磬???????λ???????????
?????? Ethereal???????λ????????????????????????з????Tcpdump??ú???????????????????
?????? EtherApe????????λ???????????????????Ethereal?????EtherApe??????????????????????м??
?????? Tcpdump
???????????????????????????????? Tcpdump ?????????????????????????????Tcpdump ???????????????????????????Э???????????????е??????????????????
????????????????????????? Tcpdump ?????????????????????????????????????
?????? Tcpdump ???
????GNU/Linux ???а???????????????п????http://www.tcpdump.org?????
?????? Tcpdump ?????????
????Tcpdump??????????з???????????????????????й?????????????????????????????????????
????Tcpdump ?????????????
????-a????????????????????????????????
????-d????????????????????????????????????
????-dd?????????????????????C??????????
????-ddd???????????????????????????????
????-e???????????·?????????
????-f????internet???????????????
????-l??????????????л??巽?
????-n??????????????????????????????????????????г????????(??IP???)?????????????DNS???
????-t???????????
????-v?????????????????????IP???е?TTL????????????
????-vv???????????????
????-c??????????????????????????
????-F?????????????ж?????????????????????????????????????
????-i?????????????????
????-r?????????????ж???????(???????????-w??????)
????-w????????????????д???????????У?????????з????????
????-T???????????????????????????????
?????? ????
?????? ???????????????5?? ARP ???????????????????????????????
[plain] view plaincopy
[root@Rocky ~]# tcpdump arp -i eth0 -c 5 -n
tcpdump: verbose output suppressed?? use -v or -vv for full protocol decode
listening on eth0?? link-type EN10MB (Ethernet)?? capture size 96 bytes
10:59:46.728425 arp who-has 192.168.1.1 tell 192.168.1.110
11:00:17.315719 arp who-has 192.168.1.1 tell 192.168.1.111
11:00:17.317911 arp who-has 192.168.1.1 tell 192.168.1.111
11:00:17.418271 arp who-has 192.168.1.1 tell 192.168.1.111
11:00:17.418980 arp who-has 192.168.1.1 tell 192.168.1.111
5 packets captured
5 packets received by filter
0 packets dropped by kernel
??????
???·???
??????????????????
2023/3/23 14:23:39???д?ò??????????
2023/3/22 16:17:39????????????????????Щ??
2022/6/14 16:14:27??????????????????????????
2021/10/18 15:37:44???????????????
2021/9/17 15:19:29???·???????·
2021/9/14 15:42:25?????????????
2021/5/28 17:25:47??????APP??????????
2021/5/8 17:01:11
sales@spasvo.com