Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > network management > Content
Hot Articles
The share network manage
NUUO Surveillance Softwa
Can Inforenz crack the c
NUUO helps prevent accid
North Somerset Council p
Aladdin's HASP Secures C
BT4 Internet Settings sk
The discovery discovers
The share network manage
Pubwin2007 explains all
The computer password ex
Batch open 3389 port pro
VoIP security crack anal
OpenSSH Buffer Managemen
SQL pours into the new t
Recommend Articles
The expert analyzes ten
Safeguard system clean n
Graphic solution IE8 man
SQL pours into the new t
Why can't hundreds of th
Prevents the hacker to i
Teaches you to close the
The share network manage
Chats in local area netw
About the network connec
Let the network transmis
Explains in detail virtu
To hoodlum software and
Careful system initiatio
The common wooden horse
New Articles
The GHOST of Win7 before
Windows 7 of VMware wire
Examples of skills again
360 security experts war
Give oneself of the Inte
Ensure the Web applicati
Banned WVS scanner scann
By 2010, the introductio
Website backlinks going
Win7 desktop screen
Protection were cloud se
Ensure the effective DNS
Talk about ADSL safety p
Expose a seo's attack mo
Linux (RHEL5) regular se
Network monitor method
  Add date: 08/26/2008   Publishing date: 08/26/2008   Hits: 1
In the network, the data packet which any main engine transmits, can transmit on the goal main engine which through the network line assigns, possesses may intercept on this network line's main engine to this transmission data packet. In the normal condition, the network card to the data packet which passes through only makes simple judgment processing, if in data packet goal address and network card's same, then receives this data packet, otherwise does not make any processing. If supposes the network card is the omnium-gatherum pattern, then this network card may receive any flows through its data packet, no matter data packet's goal address is anything. The aggressor uses this kind of principle, establishes the omnium-gatherum pattern the network card, then the interception flows through its each kind of data packet to carry on the analysis, has the sensitive data packet to some to make the further analysis, if contains useful name of head of household (username) and the password (password) inscription data packet.

¡¡¡¡This kind of attack needs to enter in generally the local area network which is at to the goal main engine, chooses a main engine implementation network monitor, if in a router or has on the routing function main engine to carry on the monitor, then can catch to the more data messages.

¡¡¡¡Usually, the operating system itself also provides some to use in the network monitor the tool software. For example, in Linux rcpdump, NT Network Monitor, as well as in Solaris Snoop and so on. Uses these tools to be possible to carry on the effective monitoring and the management conveniently for the network. But, they will also turn the aggressor to carry on the monitor to the network the tool, then posed the huge threat to the network security. Because monitors the tool not on own initiative to the network transmission data packet, they are only steal silently flow through its data, this kind of attack has the confidentiality.

¡¡¡¡Prevents the network the general method which monitors to include:

¡¡¡¡¢Ù The inspection is moving presently frequently procedure tabulation, if discovered that has the unclear status procedure in the movement, should enhance vigilance;

¡¡¡¡¢Ú Inspects the suspicious journal file, if has the size to increase the journal file existence which unceasingly renews unceasingly with the time, should inspect its content immediately;

¡¡¡¡¢Û Examines network card's working pattern, if is in the omnium-gatherum pattern, should strengthen the guard, verifies the reason;

¡¡¡¡¢Ü Uses the secure communication agreement, strengthens the correspondence data the secrecy;

¡¡¡¡¢Ý The use security's network topology, reduces the scope which the data packet flows through.

¡¡¡¡Because the network monitor can only realize in an ether webpage, therefore divides the network Cheng Duoge the webpage, may strengthen the network the safety performance and reduces the loss which brings because of the network monitor.


Prev:Copes with the ARP attack using the VLAN optimization network (chart) Next:4 moves relieve the viral threat

Comment:

Category: Home > network management
Home