I-Wireshark iyisicelo samahhala esikuvumela ukuba uthathe futhi ubuke idatha ehamba phambili enkundleni yakho, inikeza ikhono lokushaya phansi futhi ufunde okuqukethwe kwepakethe ngayinye - ehlungiwe ukuhlangabezana nezidingo zakho ezithile. Ngokujwayelekile isebenzisa izinkinga zenethiwekhi zokuxazulula izinkinga kanye nokuthuthukisa isofthiwe. Lo mhlaziyi we-protocol-protocol ovulekile uyamukelwa kabanzi njengezinga elijwayelekile lemikhiqizo, ngokuwina isabelo sakhe esihle semiklomelo eminyakeni eminingi.
Eyaziwa ngokuthi i-Ethereal, i-Wireshark ine-interface yomsebenzisi onobungane engabonisa idatha kusuka kuma- protocol amaningi ahlukene kuzo zonke izinhlobo zenethiwekhi ezinkulu. Lawa maphakethe wedatha angabonwa ngesikhathi sangempela noma ahlolwe ungaxhunyiwe ku-intanethi, namafomethi amafomethi amaningi we-capture / trace asekelwayo afaka phakathi i- CAP ne- ERF . Amathuluzi wokuhlanganiswa okuhlanganisiwe akuvumela ukuthi ubuke amaphakethe amakhethiwe amathrekhi amaningi athandwayo afana ne- WEP ne- WPA / WPA2 .
01 ngo-07
Ukulanda nokufaka iWireshark
I-Wireshark ingalandwa ngaphandle kwezindleko kwiwebhusayithi yeWireshark Foundation kokubili izinhlelo ze-MacOS ne-Windows zokusebenza. Ngaphandle kokuthi ungumsebenzisi othuthukile, kunconywa ukuba ulande ukukhululwa okwakamuva. Ngesikhathi senqubo yokusetha (i-Windows kuphela) kufanele ukhethe ukufaka i-WinPcap uma ikhuthazwa, njengoba ihlanganisa umtapo odinga ukuthuthwa kwedatha bukhoma.
Uhlelo lokusebenza luyatholakala ku-Linux nakwamanye amapulatifomu afana ne-UNIX afaka i- Red Hat , i-Solaris, ne-FreeBSD. Ama-binaries adingekayo kulezi zinhlelo zokusebenza zingatholakala ekugcineni kwekhasi lokulanda kusigaba se-Third-Party Packages.
Ungalanda futhi ikhodi yomthombo weWireshark kuleli khasi.
02 ngo-07
Ungathatha kanjani amaPhakethe wedatha
Uma uqala ukuqaliswa kweWireshark isikrini esamukelekile esifana nesibonisiwe ngenhla kufanele sibonakale, equkethe uhlu lwezinethiwekhi zenethiwekhi etholakalayo kudivayisi yakho yamanje. Kulesi sibonelo, uzobona ukuthi izinhlobo ezilandelayo zokuxhuma ziboniswa: Inethiwekhi ye-Bluetooth Network Connection , Ethernet , i- VirtualBox Yona Yodwa , i- Wi-Fi . Ikhonjiswe ngakwesokudla ngayinye yi-EKG-isitayela somugqa wesitayela omele ithrafikhi ephilayo kulowo nethiwekhi.
Ukuze uqale ukufaka amaphakethe, okokuqala khetha eyodwa noma ngaphezulu kulawa amanethiwekhi ngokuchofoza okukhethile (s) bese usebenzisa ukhiye we- Shift noma we- Ctrl uma ungathanda ukurekhoda idatha kusuka kumanethiwekhi amaningi ngesikhathi esisodwa. Uma ngabe uhlobo lokuxhumeka lukhethiwe ngezinjongo zokuthola, isizinda saso sizovuleka ku-blue noma grey. Chofoza ku- Capture kusuka kwimenyu esemqoka, etholakala phezulu kwikhompyutha ye-Wireshark. Uma imenyu yokudonsa ibonakala, khetha inketho yokuqala .
Ungase futhi uqale iphakethe ekutheni ngezinye zezinqamuleli ezilandelayo.
- Ikhibhodi: Cindezela i- Ctrl + E
- Imouse: Ukuqala ukufaka amaphakethe kusuka kunethiwekhi ethile, mane uchofoze kabili egameni layo
- Ibha yamathuluzi: Chofoza inkinobho ye-shark fin, ebheke ngakwesokunxele ngakwesokunxele kwethuluzi lesitoreji seWireshark
Inqubo yokubamba bukhoma izoqala manje, ngemininingwane yepakethe iboniswe efasiteleni leWireshark njengoba lirekhodiwe. Yenza enye yezenzo ezingezansi ukuyeka ukuthwebula.
- Ikhibhodi: Cindezela i- Ctrl + E
- Ibha yamathuluzi: Chofoza inkinobho ebomvu, elitholakala eduze kwe-shark fin kuthebhu yamathuluzi eWireshark
03 ka-07
Ukubuka nokuhlaziya Okuqukethwe kwePakethe
Manje ukuthi ubhale idatha ethile yenethiwekhi sekuyisikhathi sokubheka amaphakethe athunyelwe. Njengoba kuboniswe ku-skrini ngenhla, isikhombikubona sedatha esibanjwe siqukethe izingxenye ezintathu eziyinhloko: Ikhefu lamakhethi wepakethe, iwindi lokufaka imininingwane yepakethe, kanye nekhabethe le-byte lepakethi.
Uhlu lwamaphakethe
Iphakheji lamakhethi wepakethe, elisephezulu phezulu kwewindi, libonisa wonke amaphakethe atholakala efayeleni lokubamba elisebenzayo. Ipakethe ngayinye inomugqa wayo kanye nenombolo ehambelanayo eyabelwe kuyo, kanye nalezi zinombolo zamadatha.
- Isikhathi: Isikhathi sesikhathi sokukhishwa kwepakethe kuboniswa kule kholomu, ngokufometha okuzenzakalelayo kube inombolo yamasekhondi (noma imizuzwana embalwa) kusukela leli fayela elithintekayo laqala ukudala. Ukuze ushintshe le fomethi into engase ibe yinto ewusizo kakhulu, njengesikhathi sangempela sosuku, khetha inketho ye- Display Display Format kusuka kwimenyu ye-Wireshark's View - ekhonjelwe esibonakalayo esikhulu.
- Umthombo: Le kholomu iqukethe ikheli (i-IP noma enye) lapho iphakethe livela khona.
- Indawo: Le kholomu iqukethe ikheli lapho iphakethe ithunyelwa kulo.
- I-Protocol: Igama lenqubo yepakethe (okungukuthi, i-TCP) ingatholakala kule kholomu.
- Ubude: Ubude bepakethe, ngama-bytes, buboniswa kule kholomu.
- Ulwazi: Imininingwane eyengeziwe mayelana nepakethe ihanjiswa lapha. Okuqukethwe kule kholomu kungahluka kakhulu kuye kokuqukethwe kwepakethe.
Uma iphakethe likhethiwe kukhompuyutha ephezulu, ungabona uphawu olulodwa noma ngaphezulu oluvela kukholomu yokuqala. Amakaki avuliwe futhi / avaliwe, kanye nomugqa oqondile oqondile, angabonisa ukuthi noma iphakethe noma iqembu lamapakethe liyingxenye yezingxoxo ezifanayo emuva nangaphezulu enethiwekhi. Umugqa ophukile ohlotshisiwe ubonisa ukuthi iphakethe aliyona ingxenye yale ngxoxo.
Imininingwane yePakethe
Iphoyinti lemininingwane, elitholakala phakathi, linikeza ama-protocols nezinkambiso zomthetho wephakheji ekhethiwe ngendlela ehlelekile. Ukwengeza ukwandisa ukhetho ngalunye, ungasebenzisa futhi izihlungi zeWireshark ngabanye ngokusekelwe emininingwaneni ethize kanye nokulandela imifudlana yedatha ngokusekelwe kohlobo lweprotocol ngemenyu yenkambinkimbi yedatha - kufinyeleleke ngokuchofoza ngakwesokudla imouse yakho entweni oyifunayo ngaphakathi kwaleli phepha.
Iphakethe le-Bytes
Ngezansi iphakethe le-bytes, elibonisa idatha eluhlaza yepakethe ekhethiwe kumbukiso we-hexadecimal. Lokhu kudoba kwe-hex kuqukethe ama-byte ayi-hexadecimal angu-16 namabhulozi angu-16 e-ASCII eceleni kwe-offset yedatha.
Ukukhetha ingxenye ethize yale datha ngokuzenzakalelayo kugcizelela isigaba sayo esilandelayo kwiphakethe lemininingwane yepakethe futhi ngokuphambene nalokho. Noma yiziphi izaziso ezingakwazi ukunyatheliswa kunalokho zimelelwe yisikhathi.
Ungakhetha ukubonisa le datha ngefomethi encane ngokumelene ne-hexadecimal ngokuchofoza ngakwesokudla noma kuphi ngaphakathi kwilawindi bese ukhetha okukhethwa kukho okufanele kwimenyu yokuqukethwe.
04 ka 07
Ukusebenzisa i-Wireshark Filters
Esinye sesici esibaluleke kunazo zonke esibeka ku-Wireshark yizikhwama zalo zokuhlunga, ikakhulukazi uma usebenza namafayela avela usayizi. Ukuthwebula izihlungi kungasethiwe ngaphambi kweqiniso, ufundise iWireshark ukuthi ibhale kuphela lawo maphakethe ahlangabezana nezimiso zakho ezicacisiwe.
Izihlungi nazo zingasetshenziswa efayeleni lokubamba elasevele lidalwe ngakho kuphela amaphakethe athile aboniswayo. Lezi zibizwa ngokuthi izihlungi zokubonisa.
I-Wireshark inikeza inombolo enkulu yezihlungi ezichazwe ngokuzenzakalelayo, ikuvumela ukuba unciphise inani lamaphakethe abonakalayo ngokuchofoza okuncane nje noma ukuchofoza kwegundane. Ukusebenzisa enye yalezi zihlungi ezikhona, faka igama layo ku- Faka isicelo se-display field entry field (esitholakala ngqo ngaphansi kwethuluzi lesitoreji seWireshark) noma Faka inkinobho yokufaka isihlungi se-capture (esivela esikrinini sokwamukela).
Kunezindlela eziningi zokufeza lokhu. Uma usuvele wazi igama lesihlungi sakho, vele uthayiphe esimweni esifanele. Isibonelo, uma ngabe ufuna kuphela ukubonisa amaphakethe we- TCP ungathetha tcp . Isici sokuzenzakalela se-Wireshark sizobonisa amagama aphakanyisiwe njengoba uqala ukuthayipha, okwenza kube lula ukuthola i-moniker elungile yesihlungi osifunayo.
Enye indlela yokukhetha isihlungi ukuchofoza kusithonjana sokufana nesibhukimakhi esibekwe ngakwesokunxele senkambu yokungena. Lokhu kuzoletha imenyu equkethe ezinye izihlungi ezisetshenziswa kakhulu kanye nokhetho lokuphatha ama-Capture Filters noma Ukuphatha Izihlungi Zokubonisa . Uma ukhetha ukuphatha noma thayipha isikhombimsebenzisi sizovela ukuvumela ukuthi ungeze, ususe noma uhlele izihlungi.
Ungaphinde ufinyelele izihlungi zangasese ezisetshenziswe ngaphambilini ngokukhetha umcibisholo ophansi, osesandleni sokunene kwenkambu yokungena, ekhombisa uhlu lokuhlaselwa komlando.
Uma usethe, faka izihlungi izosetshenziswa ngokushesha nje uma uqala ukurekhoda ithrekhi yenethiwekhi. Ukusebenzisa isihlungi sokubonisa, noma kunjalo, kuzodingeka uchofoze inkinobho yomcibisholo ongakwesokudla etholakala ngakwesokunxele ngakwesokunene sensimu yokungena.
05 ka-07
Imibala Yemibala
Ngenkathi ukuthunjwa kukaWireshark nokubonisa izihlungi kukuvumela ukuba ulinganise ukuthi yimaphi amaphakethe alotshiwe noma aboniswe esikrinini, ukusebenza kwawo kwe-colorization kuthatha izinto isinyathelo esengeziwe ngokukwenza kube lula ukuhlukanisa phakathi kwamanye amaphakethe ehlukene ngokususelwa kumuntu ngamunye. Lesi sici esiwusizo sikuvumela ukuthi uthole ngokushesha amaphakethe ngaphakathi kwesethi egciniwe nguhlelo lombala wabo womugqa kwilawulwa uhlu lwamaphakethe.
I-Wireshark iza nemithetho engaba ngu-20 yokuzenzakalela imibala eyakhiwe ngaphakathi; ngayinye engalungiswa, ekhutshaziwe noma isusiwe uma ufisa. Ungakwazi futhi ukwengeza izihlungi ezisekelwe emthunzini omusha ngokusebenzisa isikhombimsebenzisi semilayezo yebalabala, engakwazi ukwenza imenyu yokubuka. Ngaphandle kokuchaza igama negama lemifanekiso yokulawula komthetho ngamunye, ubuzwa futhi ukuthi uhlobanise kokubili umbala wangemuva nombala wombhalo.
I-packet colorization ingaxhunywanga futhi ivuliwe ngekhetho le- Colorize Packet , futhi litholakala ngaphakathi kwimenyu yokubuka.
06 ka-07
Izibalo
Ngaphezu kokwaziswa okuningiliziwe mayelana nedatha yenethiwekhi yakho eboniswe ewindini eliyinhloko leWireshark, amanye amamethrikhi amaningi ewusizo atholakalayo ngemenyu yokwehliswa kwezibalo ezitholakala phezulu kweskrini. Lokhu kufaka phakathi usayizi nokwaziswa kwesikhashana mayelana nefayela lokubamba ngokwayo, kanye namashadi amaningi namagrafu ehambisana nesihloko kusuka ekuphazameni kwengxoxo yepakethe ukulayisha ukusatshalaliswa kwezicelo ze-HTTP.
Bonisa izihlungi zingasetshenziswa eziningi zalezi zibalo nge-interfaces yazo ngayinye, futhi imiphumela ingathunyelwa kumafomethi wefayela ajwayelekile ahlanganisa i- CSV , i- XML , ne-TXT.
07 ka-07
Izici eziphambili
Nakuba siphethe ukusebenza okuyinhloko kwe-Wireshark kulesi sihloko, kukhona nokuqoqwa kwezici ezengeziwe ezitholakala kule thuluzi elinamandla ngokuvamile eligcinwe kubasebenzisi abaphambili. Lokhu kufaka phakathi ikhono lokubhala i-protocol yakho ye-protocol esekweni lolimi lwe-Lua.
Ukuze uthole olunye ulwazi mayelana nalezi zici eziphambili, bhekisa ku-guide yomsebenzisi e-Wireshark esemthethweni.