Sniffer使用教程,pdf版
Sniffer使用教程,pdf版 感谢分享~~~ 看样子似乎是瓶老酒~~ 感谢分享~~~ 相当不错的资料,谢谢! ghpsodjfposdfpsdfs 谢谢,很有用 怎么不可以下载呢:loveliness: 也不能下载........... 楼主辛苦!谢谢!
回复 #10 hyh1220 的帖子
奇怪啊,不能够下载 谢谢,分享,下载了,辛苦,顶你 不错,很需要实战案例啊! 谢谢分享!!谢谢
谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢谢 坛子有很多了,俺帮你列出目录:)
目 录
第1章 Sniffer软件简介
1.1 概述
1.2 功能简介
第2章 报文捕获解析
2.1 捕获面板
2.2 捕获过程报文统计
2.3 捕获报文查看
2.4 设置捕获条件
第3章 报文放送
3.1 编辑报文发送
3.2 捕获编辑报文发送
第4章 网络监视功能
4.1 Dashbord
4.2 Application Response Time (ART)
第5章 数据报文解码详解
5.1 数据报文分层
5.2 以太报文结构
5.3 IP协议
5.4 ARP协议
5.5 PPPOE协议
5.6 Radius协议
关键词:Sniffer 协议分析
摘 要:本文对Sniffer软件的功能和使用作了简要的介绍,讲述了利用工具软件解决问题的思路和一些分
析方法。
缩略语清单:
参考资料清单: 顶!!! :handshake 多谢 感谢分享~~~ 看看辛苦了 谢谢分享 谢了。 收藏,多谢分享。。 谢谢分享!!!!!! 谢谢楼主分享!!!! 谢谢楼主。偶下了 感谢 谢谢,辛苦了 支持楼主发贴!!!! 以前下过DOC的,Sniffer还是用的汉化。 Release Notes
=======================================================================
Sniffer® Portable 4.8 Updated: March 27, 2005
Part number: 100222
=======================================================================
This file provides additional information for the Sniffer® Portable release.
=======================================================================
Table of Contents
New Features
System Requirements
Known Issues
Additional Information
Available Documentation
Contacting Network General™ Corporation
Copyright and Trademark Attributions
=======================================================================
New Features
802.11g Support. Sniffer Portable 4.8 provides support for 802.11g wireless networks. Existing support for 802.11a/b cards remains. See the online help for detailed information on 802.11g implementation.
Additional Gigabit Card Support. Sniffer Portable 4.8 is compatible with generic 10/100/1000 Gigabit cards, however some Sniffer Portable functionality is not available without enhanced Sniffer driver implementation. Monitoring, capture, decode, and Expert is supported for all Gigabit cards. You must use supported Xyratex cards with enhanced Sniffer drivers for advanced Sniffer statistics such as Dual Channels, Baby Giants (VLAN/ISL), Jumbo frames, CRCs, CVs, Jabbers, and Runts.
Real-time Decodes. Sniffer Portable 4.8 provides real-time decodes as packets arrive. See the online help for detailed information.
Monitor, Capture, and Display Filter Enhancements. Individual capture filters and display filters are stored in separate directories on the Sniffer Portable machine. You can also now create filters using IP address wild cards and variable offset Data Pattern matching, and filter by TCP/UDP port number. See the online help for detailed information.
Multiple Sniffer Instances for Different Cards. Support for multiple Sniffer Portable instances for different network cards installed on a single machine has been restored. Only one instance of Sniffer Portable is allowed per card. To launch a second instance of Sniffer Portable on one system, you must create and select different card settings in the Local Agent Setup dialog box.
PACE Product Licensing. Sniffer Portable 4.8 provides an automated licensing mechanism. See the Sniffer Portable Installation Guide for detailed information.
Installation Enhancement. It is no longer necessary to uninstall previous versions of Sniffer Portable during the Sniffer Portable upgrade process. The appropriate protocol drivers are automatically updated or installed as necessary during the Sniffer Portable 4.8 installation.
Sniffer Reporter Support. Sniffer Portable 4.8 provides support for Sniffer Reporter 4.5.
Expert Decodes Update Pack 2 Support. Sniffer Portable 4.8 includes the Decodes and Experts available in Decode and Expert Pack 2 and will allow future versions of the Decode and Expert Pack to be added to Portable 4.8 as they become available from Network General.
Sniffer Voice 2.5 Support. Sniffer Portable 4.8 provides support for Sniffer Voice 2.5
Sniffer Mobile 1.0 Support. Sniffer Portable 4.8 provides support for Sniffer Mobile 1.0.
=======================================================================
System Requirements
Sniffer Portable 4.8 has the following hardware and software requirements.
Operating System
Microsoft Windows XP Professional Edition with SP 2
Microsoft Windows 2000 Professional with SP 4
Microsoft Windows NT 4.0 (Server & Workstation) with SP 6a and Security Rollup Package (SRP)
Hardware
Pentium IV running at 733 MHz or better (All Supported Operating Systems)
Pentium III running at 600 MHz or better (All Supported Operating Systems)
256 MB RAM Minimum System Memory (All Supported Operating Systems)
150 MB or more of free hard drive space (All Supported Operating Systems)
VGA color monitor with 800x600 resolution (with 256 color support or updated VGA driver)
CD-ROM Drive
Network adapter card configured with an IP address and connected to the network
Software
Microsoft Internet Explorer:
Version 5.5 with SP 1 or SP 2 on Windows NT and 2000
Version 6.0 with SP 1 on Windows NT, 2000 and XP
Media Player
Version 6.4.07.1112 on Windows NT
Version 7.00.00.1954 on Windows 2000
Version 8.00.00.4487 on Windows XP
=======================================================================
Known Issues
General:
Application of Visual filter from Expert at the wireless/DLC layer for wireless symptoms/diagnoses does not point to exact frame in decode. (CQ # 44732)
Setting or modifying the Network card items when Portable is Open causes Sniffer Portable & Sniffer Reporter to stop responding. (CQ # 45547)
Added Multiple History Sample reports do not get migrated after the upgrade from 4.7.5 to 4.8. (CQ # 44133)
Sniffer Wireless:
The vendor specific client utility for Atheros a/b/g adapters, is not supported. An alternative for Windows XP users is to turn on the "Wireless Zero Configuration" in Control Panel > Administrative Tools > Services before using "Wireless Network Configuration". (CQ # 44054)
Opening Sniffer Portable using a new profile, opens it on the same channel as the existing profile, whereas Tools > Options > 802.11 shows channel 6. (CQ # 46106)
Finding channel by using Tools > Options > ESSID causes Sniffer to start scanning from the first channel, and stops on the channel on which the first beacon with the given ESSID or BSSID is seen. This may not nessarily be the channel on which the Access Point with the inputted ESSID or BSSID is operating. (CQ # 46087).
In 802.11 b/g mode, on Channel 1, user may see management data from Channel 6. Channel 1 and Channel 6 are non-overlapping channels. Hence AP's may be tagged in Monitor > Host Table. This is because 'valid channel' implementation is not done in Sniffer Portable 4.8. (CQ # 45433)
The Proxim Harmony 802.11a adapter does not monitor channels # 64,161. (CQ # 46901).
Decodes for Management frames will be incomplete or end up frame too short in many cases. (CQ # 40235)
Experts for 802.11g objects are not updated in terms of speed (shows only up to 11Mbps). (CQ # 46716)
Proxim Harmony 802.11a card may show lower signal strength when compared to other cards. (CQ # 46999)
The "Wireless Zero Configuration" service must be disabled when Proxim Harmony 802.11a wireless card is used. (CQ # 46998)
Packet type capture filters on Wireless do not hold the criteria defined after closing and opening the application. (CQ # 47339)
=======================================================================
Additional Information
Sniffer Portable 4.7.5 may be upgraded directly to Sniffer Portable 4.8. There is no need to uninstall Sniffer Portable 4.7.5 prior to upgrade.
If you have upgraded from Sniffer Portable 4.7.5, all local agents and their Local_X folders will be available in the Sniffer Portable 4.8 install.
If Sniffer Portable terminates quietly, we recommend disabling the affected adapter before killing the CPU process. If you attempt to terminate Sniffer Portable through the Task Manager without first disabling the affected adapter, access to Task Manager may be denied. Disable the affected adapter through Start > Settings > Control Panel > Network and then double-click the affected adapter and select Disable. After disabling the adapter, terminate Sniffer Portable through the Task Manager, re-enable the adapter, and re-start Sniffer Portable. (CQ # 39423)
· Wan Expert Analysis is not supported for X25 and SDLC encapsulations.
· LM2000 card, SMDS/DXI Encapsulation and WAN Book are not supported in this release..
· The LED indications for all WAN topologies are not supported in this release.
· Quick capture and filter is not implemented for the Host Table for any WAN topology except Frame Relay, nor for the Matrix Traffic Map for any WAN topology.
· HSSI driver is not available for Win2K.
=======================================================================
Available Documentation
Network General provides each of its customers with an extensive set of documentation, usually consisting of one or more product guides saved in Adobe Acrobat Portable Document Format (.PDF), and an online help system, whose form can vary, depending on the platform on which the product runs.
Acrobat Reader is needed to open documents in .PDF. A free copy of Acrobat Reader is available from the Adobe website at:
[url]http://www.adobe.com/prodindex/acrobat/readstep.html[/url]
The documentation set contains the following:
Sniffer Portable Installation Guide
Sniffer Portable User's Guide
Sniffer Portable Release Notes (this file)
Sniffer Mobile Operations Guide
Sniffer Mobile Release Notes
Sniffer Reporter User's Guide
Sniffer Reporter Release Notes
Sniffer Expert Alarms
Sniffer Switch Expert Guide
Sniffer Voice Operations Guide
Sniffer Voice Release Notes
Sniffer Tool Collection Focused Analysis Guide
Sniffer Tool Collection Capture Format Converter Guide
ATM Adapter Reference Guide
ATMBook Reference Guide
FDX 10/100 Ethernet PCI Adapter Upgrade Reference
Full Duplex 10/100 Reference Guide
Gigabit Ethernet Reference Guide
Sniffer Wireless Guide
Snifferbook Reference Guide
Snifferbook Ultra Reference Guide
WAN Adapter Reference Guide
=======================================================================
Contacting Network General Corporation
Get help with license entitlement, registrations, grant number inquiries, tech support validation and more by contacting the Network General Customer Service department at:
North America phone: (800) 764-3337 (800-SNIFFER)
Email: [email]support@networkgeneral.com[/email]
Web: [url]http://www.networkgeneral.com/ContactUs.aspx[/url]
Licensing: [url]https://licensing.networkgeneral.com[/url]
The department's hours of operation are 7:00 AM to 7:00 PM Central time, Monday through Friday.
International phone numbers:
A complete list is available at [url]http://www.networkgeneral.com/ContactUs.aspx.[/url]
Mail:
Network General Corporation (North America)
Customer Service Department
6504 International Pkwy Suite 2000
Plano TX 75093-8240
USA
Network General Corporation International BV (EMEA)
Customer Service Department
PO box 58326
1040 HH Amsterdam
The Netherlands
=======================================================================
Copyright and Trademark Attributions
Copyright © 2005 Network General Corporation. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Network General Corporation or its suppliers or affiliate companies.
Trademarks
Appera, InfiniStream, Know The Network, Netasyst, Network General, Network Performance Orchestrator, nPO, PrimeSupport, and Sniffer are registered trademarks or trademarks of Network General Corporation and/or its affiliates in the US and/or other countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners. © 2005 Network General Corporation. All Rights Reserved.
License Agreement
NOTICE TO ALL USERS: FOR THE SPECIFIC TERMS OF YOUR LICENSE TO USE THE SOFTWARE THAT THIS DOCUMENTATION DESCRIBES, CONSULT THE LICENSE.TXT, README.1ST, OR OTHER LICENSE DOCUMENT THAT ACCOMPANIES YOUR SOFTWARE, EITHER AS A TEXT FILE OR AS PART OF THE SOFTWARE PACKAGING. IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH THEREIN, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO THE PLACE OF PURCHASE FOR A FULL REFUND. 正想找个sniffer教程学习下。。。 学习 中 感谢[img]http://www.netexpert.cn/images/smilies/default/smile.gif[/img] 感谢分享 谢谢 感谢楼主!!!学习ing…… 感谢分享~~~ 看看 谢谢分享
页:
[1]
2