Ñíèôôåð íà WL500gp (netflow & tcpdump)

**snark** · 13-01-2010, 13:09

ê ñîæàëåíèþ ó ìåíÿ ñåé÷àñ íåò ïîä ðóêîé àñóñà, íî îáùèé ïîðÿäîê äåéñòâèÿ ïðèìåðíî òàêîé:
1. ñòàâèòå îïåíâðò, äàáû ïàêåòû ñîáðàííûå ïîä íåãî 100% ðàáîòàëè
2. ïîäêëþ÷àåòå ÷åðåç usb âíåøíèé âèíò, èìåííî âèíò à íå ôëåøêó, ò.ê. âëåøêà íå ðàñ÷èòàíà íà òàêîå áîëüøîå êîë-âî öèêëîâ çàïèñè/÷òåíèÿ
3. ñòàâèòå pmacctd, íàñòðàèâàåòå è íà÷èíàåòå ñîáèðàòü èíôó
4. ...
5. profit!

**MultiMan** · 04-03-2010, 20:35

Hi!

íèêàê íå ìîãó ïîíÿòü â ÷åì ïðîáëåìà, ñóòü òàêàÿ:

íà ïðîøèâêå 1.9.2.7-7g âñå ðàáîòàåò íîðìàëüíî, ëþáàÿ äðóãàÿ ñòàðøàÿ ïðîøèâêà "îò Îëåãà" íå âûïóñêàåò â èíòåðíåò FTP, ïðîñòî ïåðåñòàþò àïëîàäèòñÿ ôàéëû. Òóäà óõîäèò ïåðâûå 512 áàéò è ïîñëå ÷åãî ïðèëîæåíèå çàëèïàåò, îáðàòíîãî îòâåòà íåò (ñìîòðåë ïî tpcdump).

Ïðîâàéäåð - Ñòðèì, pppoe.

Íà ïðîøèâêå "îò ýíòóçèàñòîâ" (1.9.2.7-d-r1222) FTP àïëîàäèò íîðìàëüíî íî åñòü è äðóãàÿ ïðîáëåìà, ÷åðåç NAT íå ïðîëåçàþò áîëüøèå âõîäÿùèå ïàêåòû, òî÷íåå ãäå òî ïî ïóòè òåðÿþòñÿ. tcpdump ïîêàçûâàåò òèøèíó íà ppp0.
Íàïðèìåð ïûòàþñü äåëàòü àïëîàä èç âíå, ÷åðåç ïîðò-ôîðâàðä, íà Òðàíñìèøåí âî âíóòðåííåé ñåòè. Áðàóçåð ïðè ýòîì ïðîñòî çàëèïàåò, åñëè ñìîòðåòü íà tcpdump - ïàêåòû íå äîëåòàþò (èëè tcpdump èõ íå ïîêàçûâàåò, èëè îíè äðîïàþòñÿ ãäå â íåäðàõ äî tcpdump-à). Íî çàìåíà ïðîøèâêè íà ñòàðóþ - ýòó ïðîáëåìó ðåøàåò!.. òî åñòü ïîñðåäèíå íèêòî íè÷åãî íå ôèëüòðóåò. Ïðîáëåìà èìåííî íà ñòîðîíå ðîóòåðà.

Ïî÷åìó íåìîãó èñïîëüçîâàòü ñòàðóþ ïðîøèâêó?... - äà ïîòîìó ÷òî åå íåò äëÿ wl500gpV2... à V1 óæå íå êóïèòü.
Ñòàðûé ðîóòåð wl500g êàê òî íåñòàáèëüíî ñòàë ðàáîòàòü è âîîáùå íîâûõ ïðîøèâîê ïîä íåãî óæå íå áóäåò.
Âçÿë ó ñîñåäà íà âðåìÿ wl500g V1 ... è âåäåò ñåáÿ òî÷íî (ïðîïàäàíèå ïàêåòîâ) òàê æå êàê è wl500gpV2... òî åñòü îò îáîðóäîâàíèÿ íå çàâèñèò.

Âðîäå áû òàì ìåíÿëñÿ àëãîðèòì ðàáîòû NAT è FW... ìîæåò â íèõ ÷òî íàäî ïîäêðóòèòü?

Íó ïðîñòî áåçâûõîäíàÿ ñèòóàöèÿ... è ñòàðîå ãëþ÷èò è íîâîå íåëüçÿ èñïîëüçîâàòü.

**theMIROn** · 04-03-2010, 21:59

icmp çàïðåùåíû? (ping request from wan)

**Unlimited** · 04-03-2010, 22:04

Ïðîáëåìà ñ áîëüøèìè êàäðàìè 95% áûâàåò èççà MTU/MRU, ïîïðîáóéòå èçìåíèòü èõ â íàñòðîéêàõ...

**MultiMan** · 05-03-2010, 08:36

Originally Posted by theMIROn

icmp çàïðåùåíû? (ping request from wan)

ðàçðåøåíû.

Code:

# Generated by iptables-save v1.3.8 on Fri Mar  5 10:12:59 2010
*nat                                                           
:PREROUTING ACCEPT [27871:3678076]                             
:POSTROUTING ACCEPT [61743:7930043]                            
:OUTPUT ACCEPT [1346:83369]                                    
:VSERVER - [0:0]                                               
-A PREROUTING -d 91.77.222.173 -j VSERVER                      
-A PREROUTING -d 10.0.0.3 -j VSERVER                           
-A POSTROUTING -s ! 91.77.222.173 -o ppp0 -j MASQUERADE        
-A POSTROUTING -s ! 10.0.0.3 -o vlan1 -j MASQUERADE            
-A POSTROUTING -s 192.168.100.0/255.255.255.0 -d 192.168.100.0/255.255.255.0 -o br0 -j SNAT --to-source 192.168.100.1 
-A VSERVER -p tcp -m tcp --dport 9091 -j DNAT --to-destination 192.168.100.45:9091                                    
-A VSERVER -p tcp -m tcp --dport 51413 -j DNAT --to-destination 192.168.100.45:51413                                  
-A VSERVER -p udp -m udp --dport 51413 -j DNAT --to-destination 192.168.100.45:51413                                  
-A VSERVER -p tcp -m tcp --dport 8823 -j DNAT --to-destination 192.168.100.159:23                                     
COMMIT                                                                                                                
# Completed on Fri Mar  5 10:12:59 2010                                                                               
# Generated by iptables-save v1.3.8 on Fri Mar  5 10:12:59 2010                                                       
*mangle                                                                                                               
:PREROUTING ACCEPT [869622:546030075]                                                                                 
:INPUT ACCEPT [57090:4924396]                                                                                         
:FORWARD ACCEPT [803424:538632402]                                                                                    
:OUTPUT ACCEPT [59696:7866436]                                                                                        
:POSTROUTING ACCEPT [863120:546498846]
COMMIT
# Completed on Fri Mar  5 10:12:59 2010
# Generated by iptables-save v1.3.8 on Fri Mar  5 10:12:59 2010
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [18751:1464551]
:OUTPUT ACCEPT [59683:7863208]
:BRUTE - [0:0]
:MACS - [0:0]
:SECURITY - [0:0]
:logaccept - [0:0]
:logdrop - [0:0]
-A INPUT -m state --state INVALID -j logdrop
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -j logdrop
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j logdrop
-A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ! br0 -o ppp0 -j logdrop
-A FORWARD -i ! br0 -o vlan1 -j logdrop
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m limit --limit 1/sec -j RETURN
-A SECURITY -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j RETURN
-A SECURITY -p udp -m limit --limit 5/sec -j RETURN
-A SECURITY -p icmp -m limit --limit 5/sec -j RETURN
-A SECURITY -j logdrop
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop -j DROP
COMMIT
# Completed on Fri Mar  5 10:12:59 2010

â îáùåì òî ñòàíäàðòíûé òàêîé, áåç êàñòîì-èçìåíåíèé.

**MultiMan** · 05-03-2010, 08:37

Originally Posted by Unlimited

Ïðîáëåìà ñ áîëüøèìè êàäðàìè 95% áûâàåò èççà MTU/MRU, ïîïðîáóéòå èçìåíèòü èõ â íàñòðîéêàõ...

à íà ÷òî èõ ìåíÿòü?... äëÿ pppoe ñòîèò 1492.

**MultiMan** · 05-03-2010, 08:59

âîò ýòî ïðèõîäèò íà ðîóòåð...

tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 1500 bytes
10:20:28.739890 IP (tos 0x20, ttl 55, id 35905, offset 0, flags [DF], proto TCP (6), length 52) XXXXX.36068 > YYYYYY.9091: S, cksum 0xbd13 (correct), 2597998518:2597998518(0) win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 6>
10:20:28.741426 IP (tos 0x0, ttl 63, id 0, offset 0, flags [DF], proto TCP (6), length 52) YYYYYY.9091 > XXXXX.36068: S, cksum 0x5d5f (correct), 2099045000:2099045000(0) ack 2597998519 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 4>
10:20:28.757862 IP (tos 0x20, ttl 55, id 35906, offset 0, flags [DF], proto TCP (6), length 40) XXXXX.36068 > YYYYYY.9091: ., cksum 0xb4a2 (correct), ack 1 win 92
10:20:28.759176 IP (tos 0x20, ttl 55, id 35907, offset 0, flags [DF], proto TCP (6), length 289) XXXXX.36068 > YYYYYY.9091: P, cksum 0xd7a7 (correct), 1:250(249) ack 1 win 92
10:20:28.760539 IP (tos 0x0, ttl 63, id 43487, offset 0, flags [DF], proto TCP (6), length 40) YYYYYY.9091 > XXXXX.36068: ., cksum 0xb255 (correct), ack 250 win 432
10:21:18.770703 IP (tos 0x0, ttl 63, id 43488, offset 0, flags [DF], proto TCP (6), length 40) YYYYYY.9091 > XXXXX.36068: F, cksum 0xb254 (correct), 1:1(0) ack 250 win 432
10:21:18.787128 IP (tos 0x20, ttl 55, id 35918, offset 0, flags [DF], proto TCP (6), length 40) XXXXX.36068 > YYYYYY.9091: ., cksum 0xa28c (correct), ack 2 win 92

à âîò òî ÷òî óïîëçàåò îò ìåíÿ

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 60000 bytes
10:20:29.029425 IP (tos 0x0, ttl 64, id 35905, offset 0, flags [DF], proto TCP (6), length 52)
XXXXX.36068 > YYYYYY.9091: Flags [S], cksum 0xbd13 (correct), seq 2597998518, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 6], length 0
10:20:29.051762 IP (tos 0x0, ttl 55, id 0, offset 0, flags [DF], proto TCP (6), length 52)
YYYYYY.9091 > XXXXX.36068: Flags [S.], cksum 0x5d5f (correct), seq 2099045000, ack 2597998519, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 4], length 0
10:20:29.051816 IP (tos 0x0, ttl 64, id 35906, offset 0, flags [DF], proto TCP (6), length 40)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0xb4a2 (correct), ack 1, win 92, length 0
10:20:29.052299 IP (tos 0x0, ttl 64, id 35907, offset 0, flags [DF], proto TCP (6), length 289)
XXXXX.36068 > YYYYYY.9091: Flags [P.], cksum 0x014a (incorrect -> 0xd7a7), ack 1, win 92, length 249
10:20:29.071256 IP (tos 0x0, ttl 55, id 43487, offset 0, flags [DF], proto TCP (6), length 40)
YYYYYY.9091 > XXXXX.36068: Flags [.], cksum 0xb255 (correct), ack 250, win 432, length 0
10:20:30.053593 IP (tos 0x0, ttl 64, id 35908, offset 0, flags [DF], proto TCP (6), length 2960)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0bb9 (incorrect -> 0x396e), ack 1, win 92, length 2920
10:20:30.053613 IP (tos 0x0, ttl 64, id 35910, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x4b48), ack 1, win 92, length 1460
10:20:30.272526 IP (tos 0x0, ttl 64, id 35911, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:20:30.710527 IP (tos 0x0, ttl 64, id 35912, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:20:31.586499 IP (tos 0x0, ttl 64, id 35913, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:20:33.338448 IP (tos 0x0, ttl 64, id 35914, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:20:36.842354 IP (tos 0x0, ttl 64, id 35915, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:20:43.850157 IP (tos 0x0, ttl 64, id 35916, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:20:57.865762 IP (tos 0x0, ttl 64, id 35917, offset 0, flags [DF], proto TCP (6), length 1500)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0x0605 (incorrect -> 0x8705), ack 1, win 92, length 1460
10:21:19.087937 IP (tos 0x0, ttl 55, id 43488, offset 0, flags [DF], proto TCP (6), length 40)
YYYYYY.9091 > XXXXX.36068: Flags [F.], cksum 0xb254 (correct), seq 1, ack 250, win 432, length 0
10:21:19.088161 IP (tos 0x0, ttl 64, id 35918, offset 0, flags [DF], proto TCP (6), length 40)
XXXXX.36068 > YYYYYY.9091: Flags [.], cksum 0xa28c (correct), ack 2, win 92, length 0

òî åñòü âñå ÷òî ïîñëå ïàêåòà 10:20:30.053593 - ïðîïàëî.

ñîáñòâåííî ýòî ïàêåò ñ POST òîððåíò ôàéëîì â òðàíñìèøåí.

êàêîé òî íàâåðíîå ãëþê â pppd, íî êàê ýòî âûëå÷èòü ÿ íå çíàþ

**Power** · 05-03-2010, 12:00

Åñëè ÿ ïðàâèëüíî ïîíèìàþ, òî flags [DF] - ýòî ôëàã "don't fragment" - çàïðåùåíèå ôðàãìåíòàöèè. À ïàêåòû áîëüøèå, âîò è íå ïðîëåçàþò áåç ôðàãìåíòàöèè.
À 2960 - ýòî âîîáùå êàêàÿ-òî çàïðåäåëüíàÿ äëèíà... Ýòî òî÷íî ethernet?

**MultiMan** · 05-03-2010, 13:59

êîíå÷íî æå ýòî ýçåðíåò.

íî ÷òî ñàìîå ïîäîçðèòåëüíîå ñòàðûå òî ïðîøèâêè ëèøåíû ýòîãî áàãà.
èëè èìåþò íåêîòîðûé õàê, êîòîðûé ïîòîì çà÷åì òî îòìåíèëè.

...ïî÷åìó â ñòàðîé ïðîøèâêå ìàò÷àò ïàêåòû ñ ìññ 1453 è óìåíüøàþò åãî íà 1 áàéò?

ïîõîäó ýòîò êóñîê ïðîñòî íå ðàáîòàåò

-A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j TCPMSS --clamp-mss-to-pmtu

**MultiMan** · 05-03-2010, 14:26

êàæåòñÿ ÿ íàùóïàë êîðåíü çëà.
âçÿòûé èç ìàíà ïðèìåð áåç ëèøíèõ ôëàãîâ - ïîìîãàåò.

Code:

iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN
                           -j TCPMSS --clamp-mss-to-pmtu

òåïåðü âîïðîñ, ê ñåòåâûõ äåë ìàñòåðàì, êàêîãî ôèãà îíî òàê äåëàåò? è íàêîé ëèøíèå ôëàãè â ýòîì ïðàâèëå?

èç ðàçãîâîðà ïî àñüêå ñ îäíèì ñïåöîì:

ïî ñóùåñòâó ó òåáÿ ðàññìàòðèâàþòñÿ ïàêåòû â êîòîðûõ èç âñåõ ÷åòûðåõ ôëàãîâ òîêà ñèí ñòîèò
÷òî íå ñîâñåì âåðíî
åñëè ñìîòðåòü òîêà ïàêåòû ñ ñèíîì òî áóäåò ðàáîòàòü òîêà î÷åâèäíî â îäíó ñòîðîíó
ê òîìó êòî èíèöèèðóåò êîííåêò
â îáðàòêó ôèêñèòñÿ íå áóäåò
èáî â îáðàòêó èäåò ñèí àê
à îí ïîä òâîå ïðàâèëî íå ïîïàäåò
ïîòîìó òâîé ðóòåð çíàåò ïðàâèëüíûé ìññ äëÿ ñîåäèíåíèÿ, à òâîÿ ìàøèíà íåò, èáî ñèí àê îò ðóòåðà íå ïîôèêñèëñÿ
íó â ñìûñëå íå îò ðóòåðà à îò òîãî ÷òî çà íèì ó òåáÿ)

**MrGalaxy** · 09-05-2010, 10:25

Êòî ìîæåò ïîäñêàçàòü ñíèôôåð äëÿ ïðîøèâêè Îëåãà (îò ýíòóçèàñòîâ)? Íàäî ëîãèðîâàòü âñå ïàêåòû íà èíòåðôåéñå wan, ÷òîáû âû÷èñëèòü, ÷òî èìåíî ïðèâîäèò ê ñïóôôèíãó.

**Goletsa** · 09-05-2010, 10:30

tshark? Åñëè ñìîæåòå åãî ñîáðàòü.

Âîîáùå ìîæíî ïðîñòî ïîñòàâèòü ñâè÷ íà âõîä è çàïóñòèòü íà êîìïå.
Èáî ïðè ñïóôèíã îáû÷íî äîëáÿò áðîäêàñò ïàêåòàìè à îíè íà âñå ïîðòû ñâè÷åé ðàçáåãàþòñÿ.

**Basile** · 09-05-2010, 11:34

Ìîæåò òàêîé âàðèàíò ïîäîéäåò?

Ñíèôôåð âèòîé ïàðû èç Wi-Fi ðîóòåðà / DIY èëè Ñäåëàé Ñàì / Õàáðàõàáð

**MrGalaxy** · 09-05-2010, 16:24

Originally Posted by Goletsa

tshark? Åñëè ñìîæåòå åãî ñîáðàòü.

Âîîáùå ìîæíî ïðîñòî ïîñòàâèòü ñâè÷ íà âõîä è çàïóñòèòü íà êîìïå.
Èáî ïðè ñïóôèíã îáû÷íî äîëáÿò áðîäêàñò ïàêåòàìè à îíè íà âñå ïîðòû ñâè÷åé ðàçáåãàþòñÿ.

Óâû, ñîáèðàòü ïàêåòû ÿ íå óìåþ. Â ýòîì ñìûñëå ìîÿ ïîäïèñü íå äàëåêà îò èñòèíû.

Çà ñïóôèíã ìåíÿ áëîêèðîâàëè è òîãäà, êîãäà êîìïüþòåð áûë âûêëþ÷åí, ïîýòîìó ñòàâèòü ñíèôôåð öåëåñîîáðàçíî íà ñàì ðîóòåð. Äà è ñâèò÷à ïîä ðóêîé íåò. Íî çà èäåþ ñïàñèáî!

Originally Posted by Basile

Ìîæåò òàêîé âàðèàíò ïîäîéäåò?

Ñíèôôåð âèòîé ïàðû èç Wi-Fi ðîóòåðà / DIY èëè Ñäåëàé Ñàì / Õàáðàõàáð

Êàê ÿ ïîíèìàþ, ýòî ÷òî-òî âðîäå ïåðâîãî ñîâåòà, òîëüêî âìåñòî ñâèò÷à èñïîëüçóþòñÿ 2 ïðîâîäà ñ êðîêîäèëàìè. ß äóìàþ, ìîæíî îáëàãîðîäèòü ýòó êîíñòðóêöèþ, ïðèìåíèâ ðàçâåòâèòåëü íà ðàçú¸ìàõ. Âàì òîæå ñïàñèáî, íî ïîïðîáóþ ïîèñêàòü ñîôòîâûé ñíèôôåð.

Â ïàðàëëåëüíîé âåòêå ïîñîâåòîâàëè tcpdump ïîñòàâèòü. Êàê ñ÷èòàåòå, èäåÿ ñòîÿùàÿ?

**TReX** · 09-05-2010, 16:56

Originally Posted by MrGalaxy

Óâû, ñîáèðàòü ïàêåòû ÿ íå óìåþ. Â ýòîì ñìûñëå ìîÿ ïîäïèñü íå äàëåêà îò èñòèíû.

Çà ñïóôèíã ìåíÿ áëîêèðîâàëè è òîãäà, êîãäà êîìïüþòåð áûë âûêëþ÷åí, ïîýòîìó ñòàâèòü ñíèôôåð öåëåñîîáðàçíî íà ñàì ðîóòåð. Äà è ñâèò÷à ïîä ðóêîé íåò. Íî çà èäåþ ñïàñèáî!

Êàê ÿ ïîíèìàþ, ýòî ÷òî-òî âðîäå ïåðâîãî ñîâåòà, òîëüêî âìåñòî ñâèò÷à èñïîëüçóþòñÿ 2 ïðîâîäà ñ êðîêîäèëàìè. ß äóìàþ, ìîæíî îáëàãîðîäèòü ýòó êîíñòðóêöèþ, ïðèìåíèâ ðàçâåòâèòåëü íà ðàçú¸ìàõ. Âàì òîæå ñïàñèáî, íî ïîïðîáóþ ïîèñêàòü ñîôòîâûé ñíèôôåð.

Â ïàðàëëåëüíîé âåòêå ïîñîâåòîâàëè tcpdump ïîñòàâèòü. Êàê ñ÷èòàåòå, èäåÿ ñòîÿùàÿ?

Ìîæíî è âàèì ñïîñîáîì, õîòÿ ñàìîå ïðîñòîå ÕÀÁ íà âõîä, â íåãî ïåðñîíàëêó ñ ëàéâ CD BackTrack Linux http://www.backtrack-linux.org/downloads/ èëè ëþáûì âèíäîâûì àíàëèçàòîðîì ÷òî ñåðäöó ìèëåå è ðîóòåð, ïîñêîëüêó ó õàáà â îòëè÷èå îò ñâèò÷à âñå ïàêåòû èäóò íà âñå ïîðòû, òî âñå è óâèäèòå ÷òî òâîðèòüñÿ

Thread: Ñíèôôåð íà WL500gp (netflow & tcpdump)

Thread Tools

Rate This Thread

Display

Ïðîáëåìà ñ ïðîøèâêàìè ñòàðøå 1.9.2.7-7g

Tags for this Thread

Posting Permissions