EliteHackers
SALUT 2022!!
NE-AM MUTAT PE DISCORD !
Vrei să inviți un prieten?
[T]eoria [H]aosului [C]ontrolat - https://discord.com/invite/U4HBCHzm7r
Acesta aste link-ul oficial al acestui server.
|
Lista Forumurilor Pe Tematici
|
EliteHackers | Reguli | Inregistrare | Login
POZE ELITEHACKERS
Nu sunteti logat.
|
Nou pe simpatie:
Profil love_oana
 | Femeie
19 ani
Bucuresti
cauta Barbat
31 - 45 ani |
|
Exploit
Administrator
 Din: I'm from everywhere..
Inregistrat: acum 18 ani
Postari: 600
|
|
Ma toate ca toate dar un singur lucru mi-a scapat mie din meseria asta un Sniffer.
Nu prea m-am lamurit care-i treaba cu snifferul asta si cam la ce serveste stiu ceva ceva dar nu stiu bine. Daca are cineva un Sniffer si cateva indicatzii in vederea utilizarii lui, i-as fi recunoscator.. 
_______________________________________
...:::Only God Can Judge Me:::...
|
|
| pus acum 17 ani |
|
ady1266
EliteHackers Helper
 Inregistrat: acum 17 ani
Postari: 308
|
|
Overview of Features
Base Features
Reliable network monitoring used by more than 100.000 users every day
Supports data acquisition via SNMP, packet sniffing (for LANs and WLANs) or Netflow protocol
Classifies network traffic by IP address, protocol and other parameters
Works with most switches, routers, firewalls, and other network devices
Easy installation with a few clicks on Windows 2000/XP/2003/Vista
Monitoring engine is capable of monitoring up to several thousand sensors
A Freeware Edition is available for smaller networks and SOHOs
Supported Data Acquisition Methods
Depending on your infrastructure you can choose between four different network monitoring methods supported by our bandwidth meter software:
SNMP: Simple Network Management Protocol is the basic method of gathering bandwidth and network usage data. It can be used to monitor bandwidth usage of routers and switches port-by-port as well as device readings like memory, CPU load etc. Supports SNMP Version 1, 2c and 3. More details...
LAN Packet Sniffing: The Packet Sniffer inspects all network data packets passing the system\'s network card and is able to classify network traffic by IP address, protocol and other parameters
WLAN Packet Sniffing: Using a specialized WLAN USB dongle hardware (available from the Paessler Online Shop PRTG is able to inspect all network data packets travelling in your WLAN network in order to classify network traffic by IP address, protocol and other parameters
Netflow: The Netflow protocol is supported by most Cisco routers to measure bandwidth usage. Although being the most complex type to set up it is also the most powerful method suitable for high traffic networks and can also classify network traffic by IP address, protocol and other parameters.
Latency: Monitoring performance of a data line or a device by measuring PING times
Note: Only with packet sniffer and netflow based monitoring it is possible to measure the traffic by IP address, and/or protocol. SNMP based traffic measurement is port-based only.
Windows and Web Based User Interface
Network and bandwidth monitoring data can be accessed via a Windows GUI and a web based front end
Intuitive Windows user interface for data retrieval and configuration
Integrated web server for remote access (no external web server necessary)
Results are shown in various graphs and tables
live data for last 5-60 minutes
1-60 minute averages for up to 48h
hourly averages for up to 60 days
daily averages for up to 365 days
Top Talkers, Top Protocols, Top Connections
Graphs are always generated on-the-fly for live reporting
Monitoring Database
Internal database for fast and efficient storage of historic data
Optional export of monitoring results into CSV files for custom reporting
Database offers optional zipped backup and purging of old data
Internal Web Server
Easy to use navigation allows to drill into the live monitoring results
Fully \"skinable\" web interface using HTML templates (several default skins included)
Web server supports public (anyone can view the data) as well as authenticated access (username/password necessary) for multiple users
Reports
Configurable reports (graphs and data tables) in HTML, Excel, TIF, RTF, or PDF format
Daily, monthly, and yearly reports can be exported via email or saved to file
x% percentile calculation for any percentile value, any interval, and any time frame
Includes a billing system for bandwidth based billing
Notifications
For each sensor individual email notifications can be configured that notify about
Errors (e.g. device is not reachable)
Reaching traffic limits (e.g. more than x MB transferred per day or month)
Reaching traffic or usage thresholds (e.g. more than 700kbit bandwidth for more than one hour)
SNMP Related Features
PRTG collects the required data and information from the SNMP capable devices (i.e. any given OID Object ID). SNMP Versions 1 (base standard), 2C (64 bit counters) and 3 (authentication and encryption) are supported as well as 32-bit and 64-bit counters.
The SNMP sensors can be set up while applying four different procedures.
Monitoring of Standard Traffic Data
PRTG automatically searches for all interfaces of a device that shed light on inbound and outbound bandwidths, Unicast/Non-Unicast packages, or failures. The system subsequently provides a list with the identified ports by means of which the desired sensors can be easily set up via mouse-click.
SNMP Helper for Monitoring Windows Data
Windows via SNMP delivers a multitude of monitoring data. By means of Paessler SNMP Helper corresponding lists for easy access to several thousand performance counters on Windows based machines can be generated and based on them the sensors for monitoring the specific systems parameters can be set up with only one single click.
Convenient Monitoring of Proprietary Data
Manufacturers of SNMP capable devices usually deliver access information (OIDs) to the data required for monitoring in the form of so-called MIB files. For this purpose, Paessler has developed the MIB Importer that comfortably and easily converts these files into so-called \"OID-libraries“ for PRTG. Since MIB files are very often faultily implemented the MIB Importer has been designed to be even more fault tolerant in the current version in order to process even more MIB files. Sensors interesting to the administrator can be selected by mouse click from the created OID Libraries. The MIB Importer can be downloaded free of charge.
Additionally, a multitude of preconfigured OID libraries are already included in the delivery of PRTG (for example for Cisco routers, Dell servers, CPU loads, disk usages, printer page counts, environmental monitoring, and many more).
Direct Creation of a Sensor in Case of Known OID
If a particular address (OID) of SNMP data is known, this can be manually entered in PRTG thus creating a sensor.
Other System Features
Runs as an \"nt service\" on Windows 2000/XP/2003 to ensure that monitoring runs all the time (you do not have to be logged into your machine to keep monitoring running)
Extensive filtering can be applied for Netflow and Packet Sniffing based monitoring
Sensors can be \"tagged\" for easy navigation in long sensor lists
Easy setup of the same set of sensors for several devices usind Device Templates
Monitoring and notifications can be paused using user defined schedules
Sa numi spuneti ca nu stici engleza 
|
|
| pus acum 17 ani |
|
|
Weaver
EliteHackers Diamond
Inregistrat: acum 17 ani
Postari: 116
|
|
Sa incepem cu inceputul - Ce sunt snifferele ?
Pai snifferele sunt niste aplicatii (sau uneori dispozitive hardware) ce nu fac nimic altceva decat sa inregistreze pachetele de date ce se vehiculeaza prin retzea. Odata instalat pe un PC, un sniffer poate lucra in 2 moduri: In cel normal, in care captureaza doar pachetele de date vehiculate pe sistemul pe care este instalat, si in mod PROMISCOUS, in care va captura TOATE pachetele de date vehiculate prin retzea, chiar daca nu au fost trimise pt PC-u pe care se afla instalat. Motivul pt care poate functiona si in mod promiscous este legat de modul in care functzioneaza retzelele Ethernet. De fiecare data cand un Pc transmite un pachet de date, acestea sunt transmise in mod broadcast. Chestia asta inseamna ca orice pc din retea poate vedea aceste pachete (in mod normal toate pc-urile cu exceptzia celui caruia ii sunt destinate ar trb sa le ignore - dar spre norocu nostru nu o fac).
Snifferele pot fi folosite atat de utilizatorii bine intetntionati cat si de cei "rau intentionati"... adica stiti voi ... - chestia asta inseamna ca puteti sa vedeti ce vorbeste un tip din retea cu voi pe messenger, sa vedeti pe unde mai umbla cu browser-ul etc ... fara ca el sa stie ... si nu trebuie nici keylogger nici nik.
Conversatiile realizate intre computere snt reprezentate de siruri de date binare. Pentru a putea fi interpretate cu succes, de obicei programele sniffer au incluse si functii de analiza a acelor date, denumite "protocol analysys" si care decodeaza pachetele capturate pt a le da un sens (n-ar fi deloc fain sa vedeti pe ecranul vostru o succesiune doar de 1 si 0). In functie de protocolu folosit si de porturile de la care au venit informatiile binare sunt interpretate si afisate conform criteriilor celui care le analizeaza. Exista progame separate (si filtre pt snifferle existente) ce interpreteaza datele si le prezinta in formatul lor original. Spre exemplu Ysniff este un snifer ce captureaza doar pachetele trimise de clientii de Mess... si le prezinta ca si cum ai participa tu la discutie
Detectia:
De cele mai multe ori detectia unui sniffer este o treaba destul de delicata si care necesita cunostintze avansate in retzelistica. Exista 2 modalitatzi de detectie de genu ping si ambele pleaca de la permisia ca un sistem ce asculta traficul din retea va raspunde fff greu la o cerere de tip ping. Exista si o metoda de tip ARP, f asemanatoare de cea de tip ping. Se transmit niste pachete (pachetele sa nu fie transmise prin broadcast) catre o anumita adresa. Daca o alta masina va raspunde la aceste pachete atunci ea are un sniffer instalat in modul promiscious.
Metoda DNS pleaca de la permisia ca majoritatea programelor de tip sniffer realizeaza automat de tip DNS lookup pt adresele IP pe care nu le vad in retzea. Deci un sistem ce functzioneaza in modul promiscious poate fi detectat atunci cand dinspre el se inregistreaza f multe cereri de tip DNS lookup
Protocoale vulnerabile:
Telnet & Rlogin - Un sniffer poate captura apasarile de taste pe masure ce utilizatoru le opereaza, incluzand nume de conturi si parole
HTTP - Versiune standard de HTTP are destul de multe gauri de securitate. Foarte multe site-uri folosesc setarile de securitate minimale de tipul "Basic auth" ceeace face ca parolele sa fie transmise in mod PLAIN TEXT (!!!). Alte site-uri folosesc tehnici de autentificare prin care sunt cerute numele de utilizatori si parola dar si acestea fiind transmise in mod plain text
SNMP - Majoritatea traficului de SNMP este SNMP v1 care nu beneficiaza de un nivel de securitate crescut. Parolele SNMP pot fi usor citite.
NNTP- Parolele si datele sunt transmise in mod clear text si nu prezinta dificultati la citire.
POP - Datele si parolele pot fi citite usor, fiind transmise prin clear text
FTP - Datele si parolele pot fi citite usor, is transmise prin modu clear text
IMAP - Datele si parolele pot fi citite usor, is transmise la fel prin clear text mode
Sper ca nu am avut un vocabular criptat si ca ati inteles cat de cat ce vreau sa spun eu mai sus: Deci pe scurt: Cu un sniffer poti sa vezi ce face vecinu pe net. Daca vrei sa faci asta, tre sa instalezi sniferu in modu promiscious si sa apelezi la urmatoarele protocoale: Telnet, HTTP, SNMP, NNTP, POP, FTP si IMAP - k is cele mai vulnerabile.
Pentru cel mai bun sniffer existent, intrati pe
Salieri 2006
_______________________________________
Vizitatzi forum-ul Alpha-thema si invatzati sa va facetzi propiile jocuri.
2.Viatza-i un joc de kkt...dar macar are grafica buna 
|
|
| pus acum 17 ani |
|