LinuxÏÂsniffer×¥°ü³ÌÐò³ÌÐòµÄʵÏÖ

 LinuxÏÂSniffer³ÌÐòµÄʵÏÖ

×÷ÕߣºGianluca Insolvibile
ÕûÀí£ºSeal(ÓÀÔ¶µÄFLASH)
ÈÕÆÚ£º2004-11-05

Ðá̽——Sniffer¼¼ÊõÊÇÍøÂ簲ȫÁìÓòÀïÒ»Ïî·Ç³£ÖØÒªµÄ¼¼Êõ£¡¶ÔÓÚ¡°Hacker¡±À´Ëµ£¬ËûÃÇ¿ÉÒÔÒԷdz£Òþ±ÎµÄ·½Ê½µÃµ½ÍøÂçÖд«ÊäµÄ´óÁ¿µÄÃô¸ÐÐÅÏ¢£¬ÈçTelnet,ftpÕʺźÍÃÜÂëµÈµÈÃ÷ÎÄ´«Ë͵ÄÐÅÏ¢£¡ÓëÖ÷¶¯É¨ÃèÏà±È£¬Ðá̽µÄÐÐΪ¸ü¼ÓÄÑÒÔ±»²ì¾õ£¬²Ù×÷ÆðÀ´Ò²²»ÊǺܸ´ÔÓ£¡¶ÔÓÚÍøÂç¹ÜÀíÈËÔ±À´Ëµ£¬¿ÉÒÔÀûÓÃÐá̽¼¼Êõ¶ÔÍøÂç»î¶¯½øÐмà¿Ø£¬²¢¼°Ê±·¢ÏÖ¸÷ÖÖ¹¥»÷ÐÐΪ£¡
ÔÚÕâƪÎÄÕÂÀÎÒÃÇÖ÷Ҫ̽ÌÖÔÚLinuxÏÂÈçºÎÀûÓÃCÓïÑÔÀ´ÊµÏÖÒ»¸öSniffer£¡ÎÒÃǽ«¼ÙÉèËùÓеÄÖ÷»úÔÚÒ»¸ö¾ÖÓòÍøÄÚ¡£
    
Ê×ÏÈ£¬ÎÒÃǽ«¼ò¶ÌµÄ»Ø¹ËÒ»ÏÂÒ»¸öÆÕͨµÄÒÔÌ«Íø¿¨ÊÇÔõô¹¤×÷µÄ£¡£¨Èç¹ûÄã¶ÔÕâ·½ÃæµÄ֪ʶÔçÒÑÊìϤ£¬ÄÇôÄã¿ÉÒÔÖ±½ÓÌøµ½ÏÂÒ»¶Î£©À´Ô´ÓÚÓ¦ÓóÌÐòµÄIP±¨Îı»·â×°³ÉÒÔÌ«ÍøÖ¡£¨Õâ
ÊÇÔÚÒÔÌ«ÍøÉÏ´«²¥µÄÊý¾Ý±¨ÎĵÄÃû³Æ£©£¬ËüÊǵײãÁ´Â·²ã±¨ÎÄÉÏÃæµÄÒ»²ã±¨ÎÄ£¬°üº¬ÓÐÔ´µØÖ·
±¨ÎĺÍһЩÐèÒªÓÃÀ´´«ËÍÖÁÄ¿±êÖ÷»úµÄÐÅÏ¢¡£Í¨³£Çé¿öÏ£¬Ä¿µÄIPµØÖ·¶ÔÓ¦×ÅÒ»¸ö6×Ö½ÚµÄÄ¿µÄÒÔÌ«ÍøÖ·£¨¾­³£½Ð×öMACµØÖ·),ËüÃÇÖ®¼äͨ¹ýARPЭÒé½øÐÐÓ³É䣡¾ÍÕâÑù£¬°üº¬×ÅÒÔÌ«ÍøÖ¡µÄ±¨ÎÄ´ÓÔ´Ö÷»ú´«Ê䵽ĿµÄÖ÷»ú£¬Öм侭¹ýһЩÍøÂçÉ豸£¬Èç½»»»»ú£¬Â·ÓÉÆ÷µÈµÈ£¬µ±È»£¬ÒòΪÎÒÃǵÄÇ°ÌáÊÇÖ÷»úÔÚͬһÍøÄÚ£¬ËùÒÔÎÒÃǵÄÌÖÂÛ²»Éæ¼°ÒÔÉÏÕâЩÍøÂçÉ豸£¡

     ÔÚÁ´Â·²ãÖв¢²»´æÔÚ·ÏߵĸÅÄ»»¾ä»°Ëµ£¬Ô´Ö÷»ú·¢³öµÄÖ¡²»»áÖ±½ÓÖ¸ÏòÄ¿µÄÖ÷»ú£¬
¶øÊÇ»ùÓڹ㲥·½Ê½´«²¥£¬ÍøÂçÖеÄËùÓÐÍø¿¨¶¼ÄÜ¿´µ½ËüµÄ´«Ê䡣ÿ¸öÍø¿¨»á¼ì²éÖ¡¿ªÊ¼µÄ6¸ö×Ö½Ú£¨Ä¿µÄÖ÷»úµÄMACµØÖ·£©£¬µ«ÊÇÖ»ÓÐÒ»¸öÍø¿¨»á·¢ÏÖ×Ô¼ºµÄµØÖ·ºÍÆäÏà·ûºÏ£¬È»ºóËü½ÓÊÕÕâ¸öÖ¡£¬Õâ¸öÖ¡»á±»ÍøÂçÇý¶¯³ÌÐò·Ö½â£¬Ô­À´µÄIP±¨ÎĽ«Í¨¹ýÍøÂçЭÒéÕ»´«ËÍÖÁ½ÓÊÕµÄÓ¦ÓóÌÐò£¡

¸ü׼ȷµÄ˵£¬ÍøÂçÇý¶¯³ÌÐò»á¼ì²éÖ¡Öб¨ÎÄÍ·²¿µÄЭÒé±êʶ£¬ÒÔÈ·¶¨½ÓÊÕÊý¾ÝµÄÉϲãЭ
Ò飡´ó¶àÊýÇé¿öÏ£¬ÉϲãÊÇIPЭÒ飬ËùÒÔ½ÓÊÕ»úÖƽ«È¥µôIP±¨ÎÄÍ·²¿£¬È»ºó°ÑʣϵĴ«ËÍ
ÖÁUDP»òÕßTCP½ÓÊÕ»úÖÆ£¡ÕâЩЭÒ飬½«°Ñ±¨ÎÄË͵½socket-handling»úÖÆ£¬Ëü½«×îºó°Ñ±¨
ÎÄÊý¾Ý±ä³ÉÓ¦ÓóÌÐò¿É½ÓÊյķ½Ê½·¢ËͳöÈ¥¡£ÔÚÕâ¸ö¹ý³ÌÖУ¬±¨ÎĽ«Ê§È¥ËùÓеĺÍÆäÓйصÄ
ÍøÂçÐÅÏ¢£¬±ÈÈçÔ´µØÖ·£¨IPºÍMAC),¶Ë¿ÚºÅ£¬IPÑ¡Ôñ£¬TCP²ÎÊýµÈµÈ£¡ËùÒÔÈç¹ûÄ¿µÄÖ÷»úû
ÓÐÒ»¸ö°üº¬ÕýÈ·²ÎÊýµÄ´ò¿ª¶Ë¿Ú£¬ÄÇôÕâ¸ö±¨ÎĽ«±»¶ªÆú¶øÇÒÓÀÔ¶²»»á±»Ë͵½Ó¦ÓòãÈ¥