网络抓包的部署和工具Wireshark【图书节选】

PRACTICAL PACKET ANALYSIS Using Wireshark to Solve Real-World Network Problems

by Chris Sanders

ISBN-10: 1-59327-149-2

ISBN-13: 978-1-59327-149-7

Publisher: William Pollock

Production Editor: Christina Samuell

不同的网络设备的包流动情况

clip_image002

clip_image004

clip_image006

抓包的配置

clip_image008

There are three primary ways to capture traffic from a target device on a switched network: port mirroring, ARP cache poisoning, and hubbing out.

clip_image010

clip_image012

clip_image014

clip_image016

 

Wireshark历史

Wireshark has a very rich history. Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out ofnecessity. The very first version of Combs’ application, called Ethereal, was released in 1998 under the GNU Public License (GPL).

Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities. Unfortunately, his employer at that time had full right to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.” Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.

Wireshark has grown dramatically in popularity, and its collaborative development team now boasts over 500 contributors. The program as it exist

under the Ethereal name is no longer being developed

posted @ 2012-02-18 22:11  2012  阅读(1367)  评论(0编辑  收藏  举报