Yuav Paub
- Wireshark yog qhov qhib-qhov kev thov uas ntes thiab qhia cov ntaub ntawv rov qab mus rau hauv lub network.
- Vim tias nws tuaj yeem laum thiab nyeem cov ntsiab lus ntawm txhua pob ntawv, nws tau siv los daws teeb meem hauv network thiab sim software.
Cov lus qhia hauv kab lus no siv rau Wireshark 3.0.3 rau Windows thiab Mac.
kab hauv qab
Keeb kwm hu ua Ethereal, Wireshark qhia cov ntaub ntawv los ntawm ntau pua tus txheej txheem sib txawv ntawm txhua hom network loj. Cov pob ntawv cov ntaub ntawv tuaj yeem pom hauv lub sijhawm tiag tiag lossis txheeb xyuas offline. Wireshark txhawb nqa ntau ntau ntawm kev ntes / taug qab cov ntaub ntawv tawm tswv yim, suav nrog CAP thiab ERF. Integrated decryption cov cuab yeej tso saib cov pob ntawv encrypted rau ntau yam kev cai, suav nrog WEP thiab WPA/WPA2.
Yuav ua li cas rub tawm thiab nruab Wireshark
Wireshark tuaj yeem rub tawm yam tsis muaj nqi los ntawm Wireshark Foundation lub vev xaib rau macOS thiab Windows. Koj yuav pom qhov kev tso tawm ruaj khov tshiab thiab qhov kev txhim kho tam sim no tso tawm. Tshwj tsis yog tias koj yog tus neeg siv siab heev, rub tawm qhov ruaj khov version.
Thaum lub sijhawm teeb tsa Windows, xaiv rau nruab WinPcap lossis Npcap yog tias tau tshwm sim raws li cov no suav nrog cov tsev qiv ntawv xav tau rau kev ntes cov ntaub ntawv nyob.
Koj yuav tsum nkag mus rau hauv lub cuab yeej ua tus thawj coj siv Wireshark. Hauv Windows 10, nrhiav Wireshark thiab xaiv Run as administrator Hauv macOS, right-click lub app icon thiab xaiv Tau Cov Ntaub NtawvHauv qhov Siv & Kev Tso Cai, muab rau tus admin Read & Sau txoj cai.
Daim ntawv thov no kuj muaj rau Linux thiab lwm lub platform zoo li UNIX suav nrog Red Hat, Solaris, thiab FreeBSD. Cov binaries uas xav tau rau cov kev khiav hauj lwm no tuaj yeem pom mus rau hauv qab ntawm Wireshark download nplooj ntawv hauv qab Third-Party Packagesntu. Koj tuaj yeem rub tawm Wireshark qhov chaws los ntawm nplooj ntawv no.
Yuav ua li cas ntes cov ntaub ntawv pob nrog Wireshark
Thaum koj tso Wireshark, lub vijtsam txais tos teev cov kev sib txuas hauv network muaj nyob ntawm koj lub cuab yeej tam sim no. Tso tawm rau sab xis ntawm txhua tus yog EKG-style kab teeb uas sawv cev rau kev tsheb khiav hauv lub network.
Txhawm rau pib ntes pob ntawv nrog Wireshark:
-
Xaiv ib lossis ntau dua ntawm tes hauj lwm, mus rau ntawm cov ntawv qhia zaub mov, tom qab ntawd xaiv Capture.
Txhawm rau xaiv ntau lub tes hauj lwm, tuav tus yuam sij Shift thaum koj xaiv.
Image -
In the Wireshark Capture Interfaces qhov rais, xaiv Start.
Muaj lwm txoj hauv kev los pib kev ntim khoom. Xaiv lub shark fin ntawm sab laug ntawm Wireshark toolbar, nias Ctrl+E, lossis nyem ob npaug rau lub network.
Image -
Xaiv File > Save As los yog xaiv qhov Export kev xaiv los kaw qhov kev ntes.
Image -
Yuav tsum tsis txhob ntes, nias Ctrl+E. Los yog, mus rau Wireshark toolbar thiab xaiv lub liab Stop khawm uas nyob ib sab ntawm tus shark fin.
Image
Yuav ua li cas saib thiab txheeb xyuas pob ntawv cov ntsiab lus
Cov ntaub ntawv ntes tau muaj peb ntu tseem ceeb:
- Daim ntawv teev npe pane (saum sab saum toj)
- Cov pob ntawv qhia pane (qhov nruab nrab)
- pob ntawv bytes pane (theem hauv qab)
Packet List
Daim ntawv teev npe pane, nyob rau sab saum toj ntawm lub qhov rais, qhia tag nrho cov pob ntawv pom nyob rau hauv cov ntaub ntawv nquag ntes. Txhua pob ntawv muaj nws tus kheej kab thiab tus lej sib raug rau nws, nrog rau txhua qhov ntawm cov ntaub ntawv no:
- No: Daim teb no qhia tias pob ntawv twg yog ib feem ntawm tib qhov kev sib tham. Nws nyob twj ywm kom txog thaum koj xaiv ib pob ntawv.
- Sijhawm: Daim ntawv teev sijhawm ntawm thaum lub pob khoom raug ntes tau tshwm sim hauv kab ntawv no. Lub neej ntawd hom yog tus naj npawb ntawm vib nas this lossis ib nrab vib nas this txij li cov ntaub ntawv tshwj xeeb no tau tsim thawj zaug.
- Source: Kab lus no muaj qhov chaw nyob (IP lossis lwm yam) qhov chaw pob khoom tuaj.
- Destination: Kab lus no muaj qhov chaw nyob uas pob ntawv raug xa mus rau.
- Protocol: Cov pob ntawv lub npe raws tu qauv, xws li TCP, tuaj yeem pom hauv kab ntawv no.
- Length: Cov pob ntawv ntev, hauv bytes, tau tshwm sim hauv kab no.
- Info: Cov ntsiab lus ntxiv txog pob ntawv tau nthuav tawm ntawm no. Cov ntsiab lus ntawm kab ntawv no tuaj yeem sib txawv heev nyob ntawm cov ntawv ntim khoom.
Txhawm rau hloov lub sijhawm hom rau ib yam dab tsi muaj txiaj ntsig (xws li lub sijhawm tiag tiag ntawm hnub), xaiv View > Time Display Format.
Thaum ib pob ntawv raug xaiv nyob rau sab saum toj pane, koj tuaj yeem pom ib lossis ntau lub cim tshwm hauv kab No.. Qhib lossis kaw cov hlua khi thiab kab kab ncaj nraim qhia seb puas yog pob ntawv lossis pab pawg ntawm cov pob ntawv yog ib feem ntawm tib qhov kev sib tham rov qab ntawm lub network. Ib kab kab rov tav tawg qhia tias ib pob ntawv tsis yog ib feem ntawm kev sib tham.
Packet Details
Cov ntsiab lus pane, pom nyob rau hauv nruab nrab, nthuav qhia cov txheej txheem thiab cov txheej txheem ntawm cov pob ntawv xaiv hauv hom ntawv sib dhos. Ntxiv nrog rau kev nthuav dav txhua qhov kev xaiv, koj tuaj yeem siv tus kheej Wireshark cov ntxaij lim dej raws li cov ntsiab lus tshwj xeeb thiab ua raws cov kwj ntawm cov ntaub ntawv raws li hom kev cai los ntawm txoj cai-nias rau yam khoom xav tau.
Packet Bytes
Ntawm hauv qab yog pob ntawv bytes pane, uas qhia cov ntaub ntawv nyoos ntawm pob ntawv xaiv hauv qhov pom hexadecimal. Qhov no hex pov tseg muaj 16 hexadecimal bytes thiab 16 ASCII bytes nrog rau cov ntaub ntawv offset.
Xaiv ib feem ntawm cov ntaub ntawv no cia li qhia txog nws cov lus sib raug zoo hauv cov ntaub ntawv cov ntaub ntawv pane thiab rov ua dua. Txhua bytes uas tsis tuaj yeem luam tawm yog sawv cev los ntawm lub sijhawm.
Txhawm rau tso tawm cov ntaub ntawv no hauv hom me me uas tsis yog hexadecimal, txoj cai-nias nyob qhov twg hauv lub pane thiab xaiv as me ntsis.
Yuav siv Wireshark Lim
Capture filters qhia Wireshark kom tsuas yog sau cov pob ntawv uas ua tau raws li cov qauv teev tseg. Cov lim kuj tuaj yeem siv rau cov ntaub ntawv ntes uas tau tsim kom pom tsuas yog qee pob ntawv xwb. Cov no yog hu ua cov ntxaij lim dej.
Wireshark muab ntau lub lim dej ua ntej los ntawm lub neej ntawd. Txhawm rau siv ib qho ntawm cov ntxaij lim dej uas twb muaj lawm no, sau nws lub npe hauv Thov cov ntxaij lim dej nkag teb nyob hauv qab ntawm Wireshark toolbar lossis hauv Sau cov lim ntes teb nyob rau hauv nruab nrab ntawm lub vijtsam txais tos.
Piv txwv li, yog tias koj xav tso cov pob ntawv TCP, ntaus tcp. Lub Wireshark autocomplete feature qhia pom cov npe thaum koj pib ntaus ntawv, ua kom yooj yim dua los nrhiav qhov tseeb moniker rau cov lim koj tab tom nrhiav.
Lwm txoj hauv kev xaiv lub lim yog xaiv qhov bookmark nyob rau sab laug ntawm daim teb nkag. Xaiv Manage Filter Expressions los yog Manage Display Filters txhawm rau ntxiv, tshem tawm, lossis kho cov ntxaij lim dej.
Koj tuaj yeem nkag mus rau cov lim dej yav dhau los los ntawm kev xaiv tus xub nqes ntawm sab xis ntawm qhov chaw nkag los tso saib cov npe keeb kwm poob qis.
Capture filters raug siv sai li sai tau thaum koj pib sau cov tsheb khiav hauv network. Txhawm rau siv cov ntxaij lim dej, xaiv tus xub sab xis ntawm sab xis ntawm qhov chaw nkag.
Wireshark Xim Txoj Cai
Thaum Wireshark qhov kev ntes thiab tso cov ntxaij lim dej txwv cov pob ntawv twg raug kaw lossis pom ntawm lub vijtsam, nws cov xim xim yuav siv sij hawm ntau dua: Nws tuaj yeem paub qhov txawv ntawm cov pob ntawv sib txawv raws li lawv tus kheej xim. Qhov no sai sai nrhiav qee cov pob ntawv nyob rau hauv ib qho kev khaws cia los ntawm lawv cov xim kab nyob rau hauv daim ntawv teev npe pane.
Wireshark los nrog txog 20 txoj cai xim xim, txhua tus tuaj yeem hloov kho, xiam oob qhab, lossis tshem tawm. Xaiv View > Coloring Rules rau kev saib tag nrho cov xim txhais li cas. Koj tuaj yeem ntxiv koj tus kheej cov xim raws li cov ntxaij lim dej.
Xaiv View > Colorize pob ntawv npe toggle pob ntawv xim rau thiab tawm.
Statistics hauv Wireshark
Lwm cov kev ntsuas muaj txiaj ntsig muaj nyob hauv Txoj Caicov ntawv qhia poob qis. Cov no suav nrog qhov loj thiab sijhawm cov ntaub ntawv hais txog cov ntaub ntawv ntes, nrog rau ntau ntau cov kab kos thiab cov duab sib txawv nyob rau hauv cov ncauj lus los ntawm pob ntawv sib tham tawg mus rau kev xa tawm ntawm HTTP thov.
Display cov ntxaij lim dej tuaj yeem siv rau ntau qhov kev txheeb cais ntawm lawv cov kev sib tshuam, thiab cov txiaj ntsig tuaj yeem raug xa tawm mus rau ntau hom ntaub ntawv, suav nrog CSV, XML, thiab TXT.
Wireshark Advanced Features
Wireshark kuj txhawb cov yam ntxwv siab, suav nrog kev muaj peev xwm sau cov txheej txheem dissectors hauv Lua programming lus.
