Wireshark : packets sniff - PowerPoint PPT Presentation
1 / 23
Title:
Wireshark : packets sniff
Description:
Project #1 ECM 5088 Special Topics in Wireless Ad Hoc Networks Wireshark (I) Assigned on Sept. 18, due on Oct. 2 by 11pm * Wireshark Packets Sniff Experiment ... – PowerPoint PPT presentation
Number of Views:460
Avg rating:3.0/5.0
Title: Wireshark : packets sniff
1
Project 1 ECM 5088 Special Topics in
Wireless Ad Hoc Networks Wireshark (I)
Assigned on Sept. 18, due on Oct. 2 by 11pm
2
WiresharkPackets Sniff Experiment
3
Wireshark(?Ethereal)
- ?????????? (sniff)?
- Free software
- ??????????, ???????????????????
- Wireshark??pcap?????,
- ??????pcap???????
- ?2006?,?Ethereal???Wireshark?
4
???!?
- Ethereal ??????? Gerald Combs ? NIS ??? CACE,??
Ethereal ???? NIS ???,???????????????????,Etherea
l???Wireshark? - ????http//www.linux.com/feature/54968
5
pcap
- Unix-like systems ?? libpcap library
- originally developed by the tcpdump developers
- Windows ?? WinPcap .
- WinPcap ? libpcap library?Windows??
- WinPcap ????????????(kernel-level packet filter)
,?????????????????
6
????
- ???????????????
- ?????????????????????
- ????????????????
- ????????????????????
7
- ????????(Intrusion Detection Software,
IDS),????????????,??????????????,????????????????
?????????????? - ???????????????,??????????????????????????????
- ???????????????????
8
Wireshark?????????type
Linux MacOSX Solaris Windows
ATM Yes No Yes Unknown
Bluetooth Yes1 No No No
CiscoHDLC Yes Unknown Unknown Unknown
Ethernet Yes Yes Yes Yes
FDDI Yes No Yes Unknown
FrameRelay Yes No No No
IrDA Yes No No No
PPP2 Yes Yes No Yes
TokenRing Yes No Yes Yes
USB Yes3 No No No
WLAN4 Yes Yes Unknown Yes
Loopback Yes Yes No N/A5
VLAN Tags Yes Yes Yes Yes
- ????http//wiki.wireshark.org/CaptureSetup/Networ
kMedia
9
????
- ????
- http//www.wireshark.org/download.html
- Sourceforge
- http//sourceforge.net/project/showfiles.php?group
_id255package_id193847release_id612679 - For Windows wireshark-setup-1.0.2.exe
- For Linux wireshark-1.0.2.tar.gz
10
?windows???
- ??? next ????
- ????? WinPcap
11
?linux???
- ???wireshark-1.0.2.tar.gz,?????
- ?? tar zxvf wireshark-1.0.2.tar.gz
- ??wireshark????,?????????INSTALL??????
- ???
- ./configure
- make (??????)
- make install
- ./wireshark (????)
12
????(v1.0.2)
13
Capture
14
Capture Interface
15
Capture Option
16
??????
17
??????????
- 802.11??????????mode
- Master (acting as an access point)
- Managed (client, also known as station)
- Ad-hoc
- Mesh
- Repeater
- Monitor mode
18
monitor mode
- ??RFMON mode (Radio Frequency Monitoring),????Sni
ff mode? - ???????????????????????????????
- ???????????ap?adhoc??,???????????channel?traffi
c?
19
monitor mode
- ?????????????monitor mode,????????????????????????
- ?windows??????monitor mode,???linux?????????????
mode? - ???????
- ?????????????????,????????,????????????
- ???? monitor mode,????????????
20
????
- ?linux???????
- ????
- ?? IBM x612
- ???? (atheros AR5212 chipset) driver
- ????fedora core 3
- ??wireshark
21
????
- ??? (Fedora core 3)??????? monitor
mode??wireshark,??????????????? - P.S. ????????
- ??? (win xp)??????,????FTP?SSH????
- ???????
22
Experiment
- ???windows?linux??????wireshark????,?????????????
- ?????????(ex???),?????????711??????????(???????
???) - ????
- ??ftp????,???????,?????????Ex
9613557/9613557.zip - FTP 140.113.144.196 adhoc1 /exp1
23
????
- ????
- http//www.wireshark.org/
- ??wiki
- http//wiki.wireshark.org/
- Wikipedia
- http//zh.wikipedia.org/
- http//en.wikipedia.org/
- Madwifi (Multiband Atheros Driver for WiFi )
- http//madwifi.org/
- Monitor mode
- http//www.wlanbook.com/rfmon-monitor-mode/
- http//en.wikipedia.org/wiki/RFMON
Recommended
CrystalGraphics Presentations
