UkuqhafazaUbuchwepheshe

Sniffers: Yazi konke mayelana naleli thuluzi nokugenca

UDavid RodriguezUkubuyekezwa kokugcina Agasti 3, 2023
0 1.148 Imizuzu engu-4 ifundiwe

Uke wezwa ngama-"Sniffers"? Uma unentshisekelo emhlabeni wokugebenga nokuvikeleka ku-inthanethi, kungenzeka ukuthi leli gama libambe ukunaka kwakho. Kulesi sihloko, sizohlola yonke into mayelana nama-Sniffers, ukuthi ayini, izinhlobo zawo, ukuthi asebenza kanjani nokuthi imiphi imiphumela anayo kunethiwekhi nokuphepha kwedatha.

Lungela ukungena kulo mhlaba othakazelisayo wokugebenga futhi ufunde ukuthi ungawavikela kanjani amasistimu akho ekubeni sengozini.

Yini I-Sniffer?

I-Sniffer, eyaziwa nangokuthi "i-protocol analyzer" noma "i-packet sniffer", iyithuluzi elisetshenziswa emkhakheni wezokuphepha kwekhompuyutha ukuze kuthwebule futhi kuhlaziye ithrafikhi yedatha ezungeza kunethiwekhi. Umgomo wayo oyinhloko ukuvimbela nokuhlola amaphakethe edatha ngesikhathi sangempela, okuvumela abaduni noma ochwepheshe bezokuphepha ukuthi baqonde okuqukethwe kolwazi oludluliswa phakathi kwamadivayisi axhunywe kunethiwekhi.

Indlela Ama-Sniffer Asebenza Ngayo

Ama-sniffers asebenza ngezigaba ezahlukene ze- Imodeli ye-OSI (Open Systems Interconnection). ukuhlaziya ithrafikhi yenethiwekhi. Lawa mathuluzi angaba yezinhlobo ezahlukene, kokubili i-hardware ne-software futhi ngokuvamile zisetshenziswa ochwepheshe bezokuphepha ukuze bathole ubungozi obungaba khona kunethiwekhi noma ngezinjongo zokuqapha.

I-Keylogger Kuyini?, Ikhava ye-Tool noma ye-Malicious Software

I-Keylogger Yini?, Ithuluzi noma iSoftware Engalungile

Izinhlobo Zabahogelayo

I-sniffer, njengoba sekushiwo kakade, ingaba isofthiwe noma ihadiwe. Zombili lezi zinhlobo zenzelwe ukuthwebula nokuhlaziya ithrafikhi yedatha egeleza kunethiwekhi, kodwa ziyahluka endleleni ezisetshenziswa ngayo nezisetshenziswa ngayo.

Ake sibheke umehluko phakathi kwe-Software Sniffer kanye ne-Hardware Sniffer:

I-Software Sniffer

I-software sniffer uhlelo lokusebenza lwekhompuyutha olufakwe kudivayisi, njengekhompyutha noma iseva, ukuze ithwebule futhi ihlaziye ithrafikhi yenethiwekhi. Lolu hlobo lokuhogela lusebenza ezingeni lesofthiwe futhi lusebenza kusistimu yokusebenza yedivayisi.

Ngaphakathi Izinzuzo Zesoftware Sniffer Bazokuthola kulula ukukufaka nokulungisa kumadivayisi akhona. Inganikeza ukuguquguquka okwengeziwe ngokwemibandela yokwenza ngendlela oyifisayo nezilungiselelo zokuhlaziya futhi ngokuvamile ibuyekezwa futhi ithuthukiswe ngokusebenza okusha.

I-Hardware Sniffer

Kuyidivayisi ephathekayo eklanyelwe ngokuqondile ukuthwebula nokuhlaziya ithrafikhi yenethiwekhi. Lawa madivayisi axhumeka ngokoqobo kunethiwekhi futhi angaqapha ithrafikhi ngesikhathi sangempela. Iziduphunga zezingxenyekazi zekhompuyutha zingase zibe amadivaysi azimele wodwa noma zibe yingxenye yemishini eyinkimbinkimbi, njengamarutha noma amaswishi, ukuze kunikwe amandla ukuqapha nokuhlaziya kwenethiwekhi okuqhubekayo.

I-Las izinzuzo ezibaluleke kakhulu zale divayisi ukuthi ihlinzeka ngokuhlaziywa okuphelele nokunemininingwane kwethrafikhi yenethiwekhi ngaphandle kokuphazamisa ukusebenza kwedivayisi exhunywe kuyo. Ingathatha idatha ngesikhathi sangempela ngaphandle kokuncika ohlelweni lokusebenza noma izinsiza zedivayisi futhi iyindlela ephumelelayo yamanethiwekhi amakhulu, ayinkimbinkimbi lapho ukuqapha okuqhubekayo kuyadingeka.

xploitz nokuthi uwahlaziya kanjani

Ungalihlonza kanjani igciwane lobugebengu bokweba imininingwane ebucayi, qaphela ukugebenga

Yiziphi izihogela ezaziwa kakhulu nezisetshenziswa kakhulu?

I-ARP (Address Resolution Protocol) Sniffer

Lolu hlobo lokuhogela lugxile ekuthwebuleni nasekuhlaziyeni amaphakethe edatha ahlobene nephrothokholi yokuxazulula ikheli (ARP). I-ARP inesibopho sokwenza imephu amakheli e-IP aye kumakheli e-MAC kunethiwekhi yendawo.

Ngokusebenzisa i-ARP sniffer, abahlaziyi bangaqapha ithebula le-ARP futhi bathole ulwazi mayelana ne-IP nekheli le-MAC elihlotshaniswa namadivayisi axhunywe kunethiwekhi. Lokhu kungaba usizo ekuhlonzeni izinkinga zokuxhuma ezingaba khona noma imizamo yokuthola ubuthi be-ARP, ukuhlasela okunonya okungaholela ekuqondisweni kabusha kwethrafikhi okungagunyaziwe.

IP (Internet Protocol) Sniffer

Ama-IP sniffer agxile ekuthwebuleni nasekuhlaziyeni amaphakethe edatha ahlobene nephrothokholi ye-IP. Laba bantu abahogelayo banganikeza ulwazi olubalulekile mayelana nethrafikhi phakathi kwamadivayisi ahlukene namanethiwekhi, okuhlanganisa imininingwane emayelana nomthombo namakheli e-IP okuyiwa kuwo, uhlobo lwephrothokholi esetshenzisiwe, kanye nolwazi oluqukethwe emaphaketheni.

Ngokusebenzisa i-IP sniffer, ochwepheshe bezokuvikela bangathola amaphethini ethrafikhi asolisayo noma bakhombe izinsongo ezingaba khona kanye nokuba sengozini kunethiwekhi.

I-MAC Sniffer (Media Access Control)

Lolu hlobo lokuhogela lugxile ekuthwebuleni nasekuhlaziyeni amaphakethe edatha ahlobene namakheli e-MAC wamadivayisi kunethiwekhi yendawo.

Amakheli e-MAC ayizihlonzi ezihlukile ezinikezwe idivayisi ngayinye yenethiwekhi, futhi izidunusi ze-MAC zingasiza ekuboneni ukuthi imaphi amadivayisi asebenzayo kunethiwekhi, axhumana kanjani namanye, nokuthi akhona yini amadivayisi angagunyaziwe.

Lokhu kungaba usizo ikakhulukazi ekuqapheni nasekuvikelekeni kumanethiwekhi e-Wi-Fi, lapho amadivayisi axhumana khona ngqo.

Ungasisebenzisa kanjani isembozo sendatshana ye-XPLOITZ

Iyini i-xploitz futhi isetshenziswa kanjani?, enye yezindlela zokugebenga ezisetshenziswa kakhulu

Ahlukaniswa kanjani ama-Sniffers

Njengoba sesishilo, kunezinhlobo ezahlukahlukene zama-Sniffers ahlukaniswe ngokuya ngokusebenza kwawo kanye nezigaba zemodeli ye-OSI asebenza kuyo:

  1. I-Layer 2 Sniffers: Laba bahlaziyi bagxile kusendlalelo sesixhumanisi sedatha. Bathwebula ozimele namakheli e-MAC. Avame ukusetshenziselwa ukuhlaziya amanethiwekhi endawo (LAN).
  2. I-Layer 3 Sniffers: Lezi zisebenza kusendlalelo senethiwekhi. Ithwebula amaphakethe e-IP nokuhlola umthombo namakheli e-IP okuyiwa kuwo. Angasetshenziselwa ukuhlaziya ithrafikhi kumanethiwekhi amakhulu njenge-inthanethi.
  3. I-Layer 4 Sniffers: Bagxila kungqimba lwezokuthutha. Bahlaziya futhi bahlukanise amaphakethe e-TCP ne-UDP. Ziwusizo ekuqondeni ukuthi ukuxhumana kusungulwa kanjani nokuthi ithrafikhi igeleza kanjani phakathi kwezinhlelo zokusebenza.

Ukuvikela nokuvikela ngokumelene nama-Sniffers

Ukuvikelwa kwabahogelayo kubalulekile ekuvikeleni ubumfihlo nokuvikeleka kwedatha kunethiwekhi. Ezinye izinyathelo ezisebenzayo zihlanganisa:

  • Ukubethelwa kwedatha: Isebenzisa izivumelwano zokubethela ezifana ne-SSL/TLS ukuze kuqinisekiswe ukuthi idatha edlulisiwe ivikelekile futhi ayikwazi ukutholwa kalula.
  • Ama-firewall nokutholwa kokungena: Sebenzisa ama-firewall namasistimu okuthola ukungena kokungena (IDS) ukuze ugade ithrafikhi yenethiwekhi futhi uthole umsebenzi osolisayo.
  • Izibuyekezo namapeshi: Gcina amadivayisi akho nesofthiwe kubuyekeziwe ngezinguqulo zakamuva namapeshi okuvikela ukuze ugweme ukuba sengozini okungaba khona.

Ama-sniffer kanye ne-cybersecurity

Nakuba ama-Sniffers engamathuluzi asemthethweni futhi awusizo okuhlaziya ithrafikhi yenethiwekhi, angasetshenziselwa izinjongo ezinonya, njengokuntshontshwa kwedatha yomuntu siqu noma amaphasiwedi. Abaduni abangathembekile bangasebenzisa ubungozi kunethiwekhi ukuze basebenzise i-Sniffers ukuze bathole ulwazi oluyimfihlo kubasebenzisi abangaqaphile.

Tags
UDavid RodriguezUkubuyekezwa kokugcina Agasti 3, 2023
0 1.148 Imizuzu engu-4 ifundiwe
Beka amazwana ku

Shiya impendulo

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

Le sayithi isebenzisa i-Akismet ukunciphisa ugaxekile. Funda ukuthi idatha yakho yokuphawula isetshenziswa kanjani.