IWireshark sisicazululi somgaqo inethiwekhi mahala ebaluleke kakhulu kwaye isetyenziswa kakhulu ehlabathini, yayisaziwa njenge-Ethereal, iWireshark yiyo isetyenziselwa uhlalutyo lwenethiwekhi kunye nesisombululo, le nkqubo isivumela ukuba sifake kwaye sijonge idatha yenethiwekhi kunye nokuba nakho ukufunda imixholo yeepakethi ezifakiweyo.
IWireshark Ikuvumela ukuba ubone okwenzekayo kwinethiwekhi yakho kwinqanaba le microscopic kwaye ngumgangatho oqhelekileyo (kwaye ihlala ijure) kwiinkampani ezininzi zorhwebo kunye ezingenzi nzuzo, iiarhente zikarhulumente, kunye namaziko emfundo.
Ukuphuhliswa kweWireshark kuyabulela kwiminikelo yokuzithandela yeengcali zenethiwekhi kwihlabathi liphela kwaye kukuqhubeka kweprojekthi eqalwe nguGerald Combs kwi1998.
Malunga neWireshark
IWireshark isebenza kuninzi lweenkqubo zokusebenza ze Unix, kubandakanya iLinux, Microsoft Windows, Solaris, FreeBSD, NetBSD, OpenBSD, Android, kunye neMac OS X.
Le nkqubo Inonxibelelwano olusebenziseka lula olunokusinceda ukuba sitolike idatha kumakhulu eeprotocol kuzo zonke iintlobo ezahlukeneyo zenethiwekhi ezinkulu.
Ezi pakethi zedatha zinokujongwa ngexesha lokwenyani okanye zinokuhlahlelwa ngaphandle kweintanethi, kunye neefomathi zefayile zokubamba / zokulandela umkhondo kubandakanya i-CAP kunye ne-ERF.
Izixhobo ezakhelwe ngaphakathi zokuvumela ukujonga iipakethi ezifihliweyo kwiiprotocol ezahlukeneyo ezithandwayo, ezinje nge-WEP kunye neWPA / WPA2. IWireshark ineseti etyebileyo ebandakanya oku kulandelayo:
- Ukuhlolwa okunzulu kwamakhulu eprotocol, nangakumbi kongezwa ngalo lonke ixesha
- Ukubanjwa bukhoma kunye nohlalutyo lwangaphandle
- Umgangatho wephaneli ezintathu zephaneli yokuhamba
- Iqonga lomnqamlezo-libaleka kwiWindows, iLinux, iMacOS, iSolaris, iFreeBSD, iNetBSD, kunye nezinye ezininzi
- Idatha yenethiwekhi efakiweyo inokukhangelwa kwi-GUI okanye ukusebenzisa i-TShark eluncedo kwimowudi ye-TTY
- Iifilitha ezinamandla zokubonisa kolu shishino.
- Uhlalutyo lweVoIP
- Funda / bhala iifomathi ezininzi zeefayile zokubamba: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (icinezelwe kwaye ingacinezelwa), iSniffer® Pro, kunye neNetXray®, isiXhobo sezixhobo zeNethiwekhi , NetScreen snoop, Novell LANalyzer, RADCOM WAN / LAN Analyzer, Surveyor kaShomiti / Finisar, Tektronix K12xx, iiNethwekhi eziBonakalayo zeXesha lokuBonwa, iiWildPackets EtherPeek / TokenPeek / AiroPeek, nezinye ezininzi
- Iifayile zokubamba ezixineneyo zeGzip zingenziwa zip kwi-fly
- Idatha ebukhoma inokufundwa kwi-Ethernet, IEEE 802.11, PPP / HDLC, i-ATM, iBluetooth, i-USB, iToken Ring, i-Frame Relay, i-FDDI, kunye nezinye (kuxhomekeke kwiqonga lakho)
- Ukuxhaswa kwe-Decryption kwiinkqubo ezininzi, kubandakanya i-IPsec, ISAKMP, Kerberos, SNMPv3, SSL / TLS, WEP, kunye neWPA / WPA2
- Imigaqo yokufaka imibala inokusetyenziswa kuluhlu lweephakeji zohlalutyo olukhawulezayo nolunomdla
- Iziphumo zinokuthunyelwa ngaphandle kwiXML, PostScript®, CSV, okanye isicatshulwa esicacileyo
Uyifaka njani iWireshark kwi-Ubuntu nakwiziphumo?
Ukuba unomdla wokukwazi ukufaka esi sicelo kwinkqubo yakho Kuya kufuneka bavule i-terminalOku kunokwenziwa ngokudibanisa iqhosha elilandelayo "Ctrl + Alt + T" kwaye kuyo baya kwenza le miyalelo ilandelayo.
Into yokuqala esiza kuyenza kukuba yongeza indawo yokugcina elandelayo:
sudo add-apt-repository ppa:dreibh/ppa sudo apt-get update
Nje ukuba kwenziwe, ngoku singasifaka isicelo kunye:
sudo apt-get install wireshark
Emva kokuba ugqibile ukufakela Kukho amanyathelo aliqela ekufuneka elandelwe ekuphumezeni ukwahlula amalungelo, Ukuvumela iWireshark GUI ukuba isebenze njengomsebenzisi oqhelekileyo ngelixa indawo yokulahla (eqokelela iipakethi kwiindawo zayo) isebenza ngamalungelo aphakamileyo afunekayo okulandela umkhondo.
Ukufezekisa oku, kwisiphelo sendlela siza kuchwetheza lo myalelo ulandelayo:
sudo dpkg-reconfigure wireshark-common
Apha kufuneka sikhethe ewe xa sibuzwa ukuba abo bangabalulekanga kufuneka babambe iipakethi.
Kwimeko apho oku kungasebenzi, singalungisa le ngxaki ngokwenza oku kulandelayo:
sudo chgrp YOUR_USER_NAME /usr/bin/dumpcap sudo chmod +x /usr/bin/dumpcap sudo setcap cap_net_raw,cap_net_admin+eip /usr/bin/dumpcap
Okokugqibela, kufuneka sijonge usetyenziso kwimenyu yezicelo zethu kwicandelo lezixhobo okanye kwi-Intanethi kwaye siza kubona i icon apho ukuze sikwazi ukuyiqhuba.