inkampaniTe knoloji

Sniffers: Yazi yonke into malunga nesi sixhobo Hacking

UDavid RodriguezIgqityelwe ukuvuselelwa nge-3 ka-Agasti 2023
0 1.164 Imizuzu emi-4 ifundiwe

Ngaba ukhe weva ngee-"Sniffers"? Ukuba unomdla kwihlabathi le-Hacking kunye ne-cybersecurity, kusenokwenzeka ukuba eli xesha libambe ingqalelo yakho. Kweli nqaku, siza kuphonononga yonke into malunga ne-Sniffers, into abayiyo, iintlobo zabo, indlela abasebenza ngayo kunye nefuthe labo kwinethiwekhi kunye nokhuseleko lwedatha.

Zilungiselele ukungena kweli lizwe libangela umdla lokuqhekezwa kwaye ufunde indlela yokukhusela iinkqubo zakho kubuthathaka obunokwenzeka.

Yintoni iSniffer?

I-Sniffer, eyaziwa ngokuba yi "protocol analyzer" okanye "packet sniffer", sisixhobo esisetyenziswa kwinkalo yokhuseleko lwekhompyutheni ukubamba kunye nokuhlalutya i-traffic data ejikeleza kwinethiwekhi. Injongo yayo ephambili kukuthintela kunye nokuvavanya iipakethi zedatha ngexesha langempela, ukuvumela abahlaseli okanye abaqeqeshi bezokhuseleko ukuba baqonde umxholo wolwazi oludluliselwe phakathi kwezixhobo ezixhunyiwe kwinethiwekhi.

Indlela I-Sniffers esebenza ngayo

I-Sniffers isebenza kwiileya ezahlukeneyo ze I-OSI (i-Open Systems Interconnection) imodeli ukuhlalutya itrafikhi yenethiwekhi. Ezi zixhobo zinokuba yeentlobo ezahlukeneyo, zombini ihardware kunye nesoftware kwaye zidla ngokusetyenziswa ngabasebenzi bezokhuseleko ukufumanisa ubuthathaka obunokwenzeka kuthungelwano okanye ngeenjongo zokubeka iliso.

Yintoni Keylogger, Isixhobo okanye isoftware enobungozi

Yintoni Keylogger, Isixhobo okanye isoftware enobungozi

Iindidi zabaphunga

I-sniffer, njengoko sele kukhankanyiwe, inokuba yi-software okanye i-hardware. Zombini ezi ntlobo zenzelwe ukubamba kunye nokuhlalutya i-traffic data ehamba ngenethiwekhi, kodwa iyahluka kwindlela yokuphunyezwa kunye nokusetyenziswa kwayo.

Makhe sijonge umahluko phakathi kweSoftware Sniffer kunye neHardware Sniffer:

Software Sniffer

I-software sniffer sisicelo sekhompyutha esifakwe kwisixhobo, esifana nekhompyutha okanye iseva, ukuze ibambe kwaye ihlalutye itrafikhi yenethiwekhi. Olu hlobo lwe-sniffer lusebenza kwinqanaba le-software kwaye lusebenza kwinkqubo yokusebenza yesixhobo.

Ngaphakathi Izinto ezilungileyo zeSoftware Sniffer Baya kukufumanisa kulula ukuyifaka kunye nokuqwalasela kwizixhobo ezikhoyo. Inokubonelela ngokuguquguquka ngakumbi ngokwemigaqo yokwenziwa ngokwezifiso kunye nezicwangciso zokuhlalutya kwaye zihlala zihlaziywa kwaye ziphuculwe ngokusebenza okutsha.

Hardware Sniffer

Sisixhobo somzimba esenzelwe ngokukodwa ukubamba kunye nokuhlalutya i-traffic yenethiwekhi. Ezi zixhobo zinxibelelana ngokwasemzimbeni kwinethiwekhi kwaye zinokubeka iliso kwitrafikhi ngexesha lokwenyani. I-Hardware sniffers ingaba yizixhobo ezizimeleyo okanye zibe yinxalenye yezixhobo ezinzima ngakumbi, ezifana nee-router okanye ii-switching, ukwenzela ukuba inethiwekhi ibeka iliso kunye nohlalutyo.

Las ezona nzuzo zibalulekileyo kwesi sixhobo kukuba ibonelela ngohlalutyo olupheleleyo noluneenkcukacha lwetrafikhi yenethiwekhi ngaphandle kokuchaphazela ukusebenza kwesixhobo esiqhagamshelwe kuso. Inokuthi ibambe idatha ngexesha lokwenyani ngaphandle kokuxhomekeka kwinkqubo yokusebenza okanye izixhobo zesixhobo kwaye lukhetho olusebenzayo kuthungelwano olukhulu, oluntsonkothileyo apho ukubekwa esweni okuqhubekayo kuyadingeka.

xploitz kunye nendlela yokuzihlalutya

Indlela yokuchonga intsholongwane ye-phishing, qaphela ukukhwabanisa

Zeziphi ezona zinto zaziwayo nezisetyenziswa kakhulu?

I-ARP (i-Address Resolution Protocol) I-Sniffer

Olu hlobo lwe-sniffer lugxile ekubanjeni nasekuhlalutyeni iipakethi zedatha ezinxulumene ne-address resolution protocol (ARP). I-ARP inoxanduva lokwenza iidilesi ze-IP kwiidilesi ze-MAC kwinethiwekhi yendawo.

Ngokusebenzisa i-ARP sniffer, abahlalutyi banokubeka iliso kwitafile ye-ARP kwaye bafumane ulwazi malunga needilesi ze-IP kunye ne-MAC ezinxulumene nezixhobo ezixhunyiwe kwinethiwekhi. Oku kunokuba luncedo ekuchongeni imiba enokubakho yoqhagamshelo okanye ukufumanisa iinzame zokutyhefwa kwe-ARP, uhlaselo olunolunya olunokukhokelela kulwalathiso lwetrafikhi olungagunyaziswanga.

IP (iProtokholi ye-Intanethi) I-Sniffer

I-IP sniffers igxile ekubanjeni nasekuhlalutyeni iipakethi zedatha ezinxulumene neprotocol ye-IP. Ezi zihluzi zinokubonelela ngolwazi oluxabisekileyo malunga ne-traffic phakathi kwezixhobo ezahlukeneyo kunye neenethiwekhi, kubandakanywa iinkcukacha malunga nomthombo kunye needilesi ze-IP, uhlobo lweprotocol esetyenzisiweyo, kunye nolwazi oluqulethwe kwiipakethi.

Ngokusebenzisa i-IP sniffer, iingcali zokhuseleko zinokubona iipateni zendlela ezirhanelwayo okanye zichonge iingozi ezinokubakho kunye nobuthathaka kwinethiwekhi.

I-MAC Sniffer (Ulawulo loFikelelo kwiMedia)

Olu hlobo lwe-sniffer lugxile ekubanjeni nasekuhlalutyweni kweepakethi zedatha ezinxulumene needilesi ze-MAC zezixhobo kwinethiwekhi yendawo.

Iidilesi ze-MAC zizichazi ezizodwa ezinikezelwe kwisixhobo ngasinye somsebenzi wothungelwano, kwaye i-MAC sniffers inokunceda ukuchonga ukuba zeziphi izixhobo ezisebenzayo kuthungelwano, indlela ezinxibelelana ngayo kunye, kunye nokuba zikhona izixhobo ezingagunyaziswanga.

Oku kunokuba luncedo ngakumbi esweni kunye nokhuseleko kwiinethiwekhi ze-Wi-Fi, apho izixhobo zinxibelelana ngokuthe ngqo omnye komnye.

INDLELA YOKUSebenzisa

Yintoni i-xploitz kwaye isetyenziswa njani?, enye yezona ndlela zisetyenziswa kakhulu zokuqhekeza

Bahlelwa njani abaSniffers

Njengoko besesitshilo, kukho iintlobo ezahlukeneyo ze-Sniffers ezihlelwe ngokokusebenza kwazo kunye neengqimba zemodeli ye-OSI abasebenza kuyo:

  1. Uluhlu lwesi-2 lweziphunga: Aba bahlalutyi bagxininise kuluhlu lwekhonkco lwedatha. Bathatha izakhelo kunye needilesi ze-MAC. Ngokuqhelekileyo zisetyenziselwa ukuhlalutya iinethiwekhi zendawo (LAN).
  2. Uluhlu lwesi-3 lweziphunga: Ezi zisebenza kumaleko wothungelwano. Ukubamba iipakethi ze-IP kunye nokuphonononga umthombo kunye needilesi ze-IP. Zingasetyenziselwa ukuhlalutya itrafikhi kuthungelwano olukhulu olufana ne-Intanethi.
  3. Uluhlu lwesi-4 lweziphunga: Bagxininisa kuluhlu lwezothutho. Bahlalutya kwaye baqhawule iipakethi ze-TCP kunye ne-UDP. Ziluncedo ekuqondeni indlela uqhagamshelo olusekwe ngayo kunye nendlela ehamba ngayo i-traffic phakathi kwezicelo.

Uthintelo kunye nokhuseleko ngokuchasene nabaSniffers

Ukukhuselwa kubathumeli kubalulekile ekukhuseleni ubumfihlo kunye nokhuseleko lwedatha kwinethiwekhi. Amanye amanyathelo asebenzayo aquka:

  • Uguqulelo oluntsonkothileyo lwedatha: Isebenzisa i-encryption protocols njenge-SSL/TLS ukuqinisekisa ukuba idatha ethunyelweyo ikhuselwe kwaye ayinakubanjwa lula.
  • Iifirewall kunye nokubonwa kokungena: Sebenzisa i-firewall kunye neenkqubo zokufumanisa ukungena (IDS) ukubeka iliso kwi-traffic yenethiwekhi kunye nokubona umsebenzi okrokrelayo.
  • Uhlaziyo kunye neepetshi: Gcina izixhobo zakho kunye nesoftware ihlaziywa kunye neenguqulelo zamva nje kunye neepatshi zokhuseleko ukunqanda ubuthathaka obunokwenzeka.

I-Sniffers kunye ne-cybersecurity

Nangona i-Sniffers zizixhobo ezisemthethweni kwaye eziluncedo zokuhlalutya i-traffic yenethiwekhi, zinokuthi zisetyenziselwe iinjongo ezinobungozi, ezifana nokubiwa kwedatha yomntu okanye amagama ayimfihlo. Abahlaseli abanganyanisekanga banokusebenzisa ubuthathaka kwinethiwekhi ukuze basebenzise i-Sniffers ukufumana ulwazi oluyimfihlo kubasebenzisi abangalindelanga.

Iilebula
UDavid RodriguezIgqityelwe ukuvuselelwa nge-3 ka-Agasti 2023
0 1.164 Imizuzu emi-4 ifundiwe
Gqabaza

Shiya impendulo

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

Le sayithi isebenzisa i-Akismet ukunciphisa ugaxekile. Funda indlela idatha yakho yokubhaliweyo isetyenziswe ngayo.