52ky 发表于 2022-9-10 18:00:13

sniffer使用教程

随着互联网多层次性、多样性的发展,网吧已由曩昔即时通信、阅读页面、电子邮件等简单的使用,扩展变成运行很多在线游戏、在线视频音频、互动教育、P/2P等技术使用。使用属性也呈现出多样性和复杂性,因而,这些使用对我们的网络服务质量请求更为严厉和严苛。现在,大多数网吧的网络设备不具备高端网络设备的智能性、交互性等扩展功能,当网吧呈现掉线、网络卡、遭受内部病毒攻击、流量超限等状况时,很多网络管理员显的心有于而力缺乏。究竟,靠网络管理员的经验和一些简单传统的排查方法:无论从时刻上面仍是准确性上面都存在很大的差错,同时也影响了工作效率和正常业务的运行。SnifferPro闻名网络协议分析软件。本文使用其强悍的流量图文系统H/OSTTable来实时监控网络流量。在监控软件上,我们选择了较为常用的NAI企业的snifferpro,事实上,很多网吧管理员都有过相关监控网络经验:在网络呈现问题、或许探查网络状况时,使用P/2P终结者、网络执法G等网络监控软件。这样的软件有一个很大优点:不要配置端口镜像就能够进行流量查询(本来snifferpro也能够变通的工作在这样的环境下)。这种看起来很方便的方法,仍然存在很多坏处:因为其工作原理使用ARP地址表,对地址表进行欺骗,因而可能会衍生出很多节外生枝的问题,如掉线、网络变慢、ARP播送巨增等。这关于请求正常的网络来说,是不可思议的。

(With the multi-level and diverse development of the Internet, Internet cafes have expanded from the simple use of instant messaging, reading pages, and e-mails to running many online games, online video and audio, interactive education, P/2P and other technologies. use. Usage properties also exhibit variety and complexity, and as a result, these usages are more stringent and demanding on our web service quality requirements. At present, the network equipment of most Internet cafes does not have the extended functions such as intelligence and interactivity of high-end network equipment. The heart is there but the power is lacking. After all, relying on the experience of network administrators and some simple and traditional troubleshooting methods: there are big errors in both time and accuracy, which also affect work efficiency and normal business operations. SnifferPro is a well-known network protocol analysis software. This article uses its powerful traffic graphic system H/OSTTable to monitor network traffic in real time. In terms of monitoring software, we chose the more commonly used snifferpro of NAI companies. In fact, many Internet cafe administrators have relevant experience in monitoring the network: when there is a problem with the network, or when detecting network conditions, use P/2P terminators, network Law enforcement and other network monitoring software. Such software has a great advantage: it can perform traffic query without configuring port mirroring (original snifferpro can also work in such an environment). This seemingly convenient method still has many disadvantages: because its working principle uses the ARP address table to deceive the address table, it may lead to a lot of extraneous problems, such as dropped calls, slow network, huge ARP broadcast. increase. This is incredible for requesting a normal network.)




页: [1]
查看完整版本: sniffer使用教程