Здесь ссылки на снифферы и обзоры. Задавшись вопросом о том, что мне нужны инструменты для просмотра http заголовков, я начал пробовать Telnet... понял, что надо понимать и заголовки tcp, ip, ethernet... Вспомнил про книгу "Технологии защиты информации в интернете" Попытался найти ее электронную версию, не нашел сразу... но нашел потом (см. более поздние посты).
Wireshark Loopback capture setup
RawCap is a free command line network sniffer for Windows that uses raw sockets
This listing contains many of the tools mentioned in the course of the book
Сервис - мишень для атак ... платный
RFC1180 Семейство протоколов TCP/IP в переводе Брежнева и Смелянского
ТЕЛЕКОММУНИКАЦИОННЫЕ ТЕХНОЛОГИИ: СЕТИ TCP/IP Мамаев
Сети TCP/IP Мамаев
TCP WireShark
Screencast: Burp Suite tutorial highlights Burp Proxy, other key tools
Pages in category "OWASP WebScarab Project"
More on Open Source Security Tools and Applications
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows
Cracking Wifi Wpa/Wps Easily Using Reaver 1.1
Welcome to the DigitalOcean API documentation - облачный сервис за 5
Loopback capture setup¶
The following will explain capturing on loopback interfaces a bit.
If you are trying to capture traffic from a machine to itself, that traffic will not be sent over a real network interface, even if it's being sent to an address on one of the machine's network adapters. This means that you will not see it if you are trying to capture on, for example, the interface device for the adapter to which the destination address is assigned. You will only see it if you capture on the "loopback interface", if there is such an interface and it is possible to capture on it; see the next section for information on the platforms on which you can capture on the "loopback interface".
If you are trying to capture traffic from a machine to itself, that traffic will not be sent over a real network interface, even if it's being sent to an address on one of the machine's network adapters. This means that you will not see it if you are trying to capture on, for example, the interface device for the adapter to which the destination address is assigned. You will only see it if you capture on the "loopback interface", if there is such an interface and it is possible to capture on it; see the next section for information on the platforms on which you can capture on the "loopback interface".
RawCap is a free command line network sniffer for Windows that uses raw sockets¶
In []:
Properties of RawCap:
Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
RawCap.exe is just 23 kB
No external libraries or DLL's needed other than .NET Framework 2.0
No installation required, just download RawCap.exe and sniff
Can sniff most interface types, including WiFi and PPP interfaces
Minimal memory and CPU load
Reliable and simple to use
This listing contains many of the tools mentioned in the course of the book, with links to where you can download the latest versions.
Proxy / spider tool suites
Browser extensions (Firefox)
Browser extensions (Internet Explorer)
Java
ActiveX
Flash
Vulnerability scanners
Miscellaneous
In []:
2.2. Структура связей протокольных модулей
Логическая структура сетевого программного обеспечения, реализующего
протоколы семейства TCP/IP в каждом узле сети internet, изображена на
рис.1. Прямоугольники обозначают обработку данных, а линии, соединяющие
прямоугольники, - пути передачи данных. Горизонтальная линия внизу
рисунка обозначает кабель сети Ethernet, которая используется в качестве
примера физической среды; "o" - это трансивер. Знак "*" - обозначает
------------------------------
| прикладные процессы |
| ... \ | / ... \ | / ... |
| ------- ------- |
| | TCP | | UDP | |
| ------- ------- |
| \ / |
| ------ |
| ------- | IP | |
| | ARP | -*---- |
| ------- | |
| \ | |
| -------- |
| | ENET | |
| ---@---- |
| | |
------------|-----------------
|
-------------------o--------
кабель Ethernet
Рис.1. Структура протокольных модулей в узле сети TCP/IP
Взаимозависимость протоколов семейства TCP/IP *
In []:
Ниже на рисунке предсавлена схема взаимосвязей между протоколами
семейства TCP/IP.
Прикладной FTP TELNET SMTP TFTP DNS Сужба времени Эхо
уровень | | | | | | |
-------------- --------------------------
| |
Транспортный TCP GGP HMP EGP UDP
уровень | | | | |
-------------------------------
|
Межсетевой IP/ICMP
уровень |
--------------------------------------
| | | |
Сетевой Локальные ARPANET SATNET Пакетная
уровень сети радиосеть
Рис.13. Структура взаимосвязей протоколов семейства TCP/IP
Подробное описание протоколов можно найти в RFC, тематический ката-
лог которых приведен в Приложении 1, а состояние стандартов отражено в
Приложении 2.
-
How to use BlackStratus' LOG Storm, a free log management tool
VIDEO - Keith Barker of CBT Nuggets demonstrates how to use LOG Storm, a free log management system from BlackStratus that organizes and prioritizes enterprise log data. -
How to use TripWire SecureScan, a free vulnerability scanning tool
VIDEO - Video: Learn how to use TripWire SecureScan, the free vulnerability scanning tool that helps enterprises detect Heartbleed on networks and devices. -
How to use Kismet: A free Wi-Fi network-monitoring tool
VIDEO - In this video, CBT Nuggets' Keith Barker shows how to use the free Wi-Fi network monitoring tool Kismet to find possibly malicious wireless networks. -
Enterprise disk encryption options after the end of TrueCrypt
Tip - The recent news that TrueCrypt is insecure and has been retired has left many enterprises struggling to decide which encryption technologies to trust. Expert Michael Cobb offers other enterprise encryption options. -
TailsOS
Definition - TailsOS is a LiveDistro-based operating system that is configured to run from removable storage and to leave no information stored on the computer after the user’s session.
A LiveDistro is a distribution of an operating system on some bootable storage medium. The operating system and associated applications run from the storage device. -
After Heartbleed: New realities of open source software security
Tip - In the wake of Heartbleed, many enterprises are revisiting open source software security. Expert Michael Cobb offers a reality check. -
Open source PCI DSS: A strategy for cheaper, easier PCI compliance
Tip - Could open source security software solve PCI DSS compliance problems? Mike Chapple looks at how open source technologies can meet compliance needs. -
TrueCrypt
Definition - TrueCrypt is a cross-platform open source program for file and full disk encryption (FDE).
Посты чуть ниже также могут вас заинтересовать
Комментариев нет:
Отправить комментарий