ISOL         
ISOL                 	   •   •  Wireshark  • 
ISOL               
ISOL            	   •   •   • 
ISOL       OSI  Layer7	   •                         Web                        html                        h2p ntp        ...
ISOL                                  	                  BDU)       Tcp,udp          	                             	      ...
ISOL                	   •         1       o   •         2       o MAC  •         3       o IP
ISOL                        	                   	              	       TCP/IP          TCP/IP       Wi-­‐‑Fi        Ethernet
ISOL       OSI
ISOL                           tcp/ip         	   •  tcp/ip       o        o                   tcp ip       o  tcp/ip     ...
ISOL                  tcp udp   	   •  TCP       o        o        o        o        o  3-Way  •  UDP       o        o    ...
ISOL
ISOL                 HUB           	    C        	       	        A                       B   C         D
ISOL                          HUB	        MAC   C         	       	        A                  B   C            D
ISOL                             	        IP   C            	        	            A                     B   C         D
ISOL       	   •   •   • 
ISOL
ISOL            	   •   •        o        o        o        o        o 
ISOL                                  	   •  Wireshark       o  GUI       o        o      OS  •  tcpdump       o  CUI     ...
ISOL                             	   •        o   •        o          L1   HUB       o  L2-SW
ISOL                                 	              SW       SW   SW    SW   SW   SW     SW
ISOL       	   •   •   •   •   • 
ISOL                 	   •  Wireshark  •   • 
ISOL       Wireshark  
ISOL       wireshark.org	                           •                                                                     ...
ISOL       Wireshark
ISOL         Wireshark                  	   •  OSS GPL  •  0  •  Windows     Mac    Linux,BSD  •  GUI  •  Windows         ...
ISOL                            	             SW       SW        SW   SW   SW
ISOL                 	   •  Wireshark  • 
ISOL                 	   •   •         PC         HDD       ID
ISOL                               	   •        o  Capture       stop  •        o  File   save
ISOL                	   •  Filter  •        o        o  IP       o  MAC       o        o        o 
ISOL
ISOL       IP                       	   •  Filter        ip.addr==x.x.x.x                Apply                  Enter  •  ...
ISOL       MAC                              	   •  Filter        eth.addr==xx:xx:xx:xx:xx:xx                Apply  •      ...
ISOL                              	   •  Filter        tcp.port==xxx                Apply  •                     tcp      ...
ISOL                                                   	   •  Filter Expression       o  Expression…       o        Field ...
ISOL                           	   •  and(&&)   or(||)  •                Range  • 
ISOL
ISOL         
ISOL                                    	   •                     172.16.200.200/24  •          PC         172.16.200.xxx/...
ISOL                          h2p	   •  Web  •  Wireshark                   LAN  •    http://testsv.sitw.com/  • 
ISOL       Tcp  3way-­‐‑handshack
ISOL                 h2p   h2ps                  	   •               https://testsv.sitw.com/  •        o        o  http
ISOL               GET POST	   •    http://testsv.sitw.com/gettest.html                        web  •        http://testsv...
ISOL               BASIC           	   •                             BASIC  •   •  URL       http://testsv.sitw.com/basic/...
ISOL               Digest          	   •      Digest  •  URL       http://testsv.sitw.com/digest/     User: sitw     Pass:...
ISOL       	   •   • 
ISOL
ISOL                                 	   •  telnet ssh  •  DNS  •  PING  •      smtp smtp-auth pop3 imap4                 ...
ISOL
ISOL       	   •   • 
ISOL                                       	   •   •         Flow Graph       o     Statistics   Flow Graph       o       ...
ISOL                                           	   •   •         Follow TCP Stream       o     Analyze   Follow TCP Stream...
ISOL                                                  	   •   •      Expert infos       o  Analyze   Expert info Composite...
ISOL                                  	   •   •      IO Graph       o  Statistics   IO Graph       o  Filter
ISOL                                              	   •   •  Protocol Hierarchy       o    Statistics   Protocol Hierarchy...
ISOL       	   •   •   • 
ISOL                                                  	   •        o    Capture         Options     Capture File       o  ...
ISOL
ISOL Q                                      !!w   	   •        o              www.yahoo.co.jp       o         IP       o  ...
ISOL            Q:   	   •        o        o        o  DNS  •        o        o        o        o        o 
ISOL                           	        Packet Black Hole
ISOL
Upcoming SlideShare
Loading in …5
×

ネットワークに流れるパケットをのぞいてみよう

830 views

Published on

第12回山陰ITPro勉強会で行ったWiresharkのハンズオンに使用したスライドです。

Published in: Technology, Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
830
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

ネットワークに流れるパケットをのぞいてみよう

  1. 1. ISOL  
  2. 2. ISOL •  •  Wireshark • 
  3. 3. ISOL  
  4. 4. ISOL •  •  • 
  5. 5. ISOL OSI  Layer7 •  Web html h2p ntp End-­‐‑End TCP UDP IP IPX ieee802.3X ieee801.11X UTP
  6. 6. ISOL BDU) Tcp,udp IP Mac HUB
  7. 7. ISOL •  1 o  •  2 o MAC •  3 o IP
  8. 8. ISOL TCP/IP TCP/IP Wi-­‐‑Fi Ethernet
  9. 9. ISOL OSI
  10. 10. ISOL tcp/ip •  tcp/ip o  o  tcp ip o  tcp/ip udp o  ip o  tcp udp ip tcp(udp)/ip
  11. 11. ISOL tcp udp •  TCP o  o  o  o  o  3-Way •  UDP o  o  o  o 
  12. 12. ISOL
  13. 13. ISOL HUB C A B C D
  14. 14. ISOL HUB MAC C A B C D
  15. 15. ISOL IP C A B C D
  16. 16. ISOL •  •  • 
  17. 17. ISOL
  18. 18. ISOL •  •  o  o  o  o  o 
  19. 19. ISOL •  Wireshark o  GUI o  o  OS •  tcpdump o  CUI o  BSD Linux o  CUI •  Sniffer/Netasyst o  o  Windows Windows
  20. 20. ISOL •  o  •  o  L1 HUB o  L2-SW
  21. 21. ISOL SW SW SW SW SW SW SW
  22. 22. ISOL •  •  •  •  • 
  23. 23. ISOL •  Wireshark •  • 
  24. 24. ISOL Wireshark  
  25. 25. ISOL wireshark.org •    •  GPL-­‐‑OSS •  Ethereal   •      h4p://www.wireshark.org/
  26. 26. ISOL Wireshark
  27. 27. ISOL Wireshark •  OSS GPL •  0 •  Windows Mac Linux,BSD •  GUI •  Windows USB-Portable
  28. 28. ISOL SW SW SW SW SW
  29. 29. ISOL •  Wireshark • 
  30. 30. ISOL •  •  PC HDD ID
  31. 31. ISOL •  o  Capture stop •  o  File save
  32. 32. ISOL •  Filter •  o  o  IP o  MAC o  o  o 
  33. 33. ISOL
  34. 34. ISOL IP •  Filter ip.addr==x.x.x.x Apply Enter •  IP
  35. 35. ISOL MAC •  Filter eth.addr==xx:xx:xx:xx:xx:xx Apply •  MAC
  36. 36. ISOL •  Filter tcp.port==xxx Apply •  tcp xxx
  37. 37. ISOL •  Filter Expression o  Expression… o  Field name Relation Value OK o  Apply •  IP 192.168.2.1 Field name: ip.src IPv4 Relation: == Value: 192.168.2.1
  38. 38. ISOL •  and(&&) or(||) •  Range • 
  39. 39. ISOL
  40. 40. ISOL  
  41. 41. ISOL •  172.16.200.200/24 •  PC 172.16.200.xxx/24(DHCP) •  DNS 172.16.200.200(DHCP) •  httpd(https ),dns,sshd,telnetd,smtpd,pop3d •  user1,user2,user3,user4, • 
  42. 42. ISOL h2p •  Web •  Wireshark LAN •  http://testsv.sitw.com/ • 
  43. 43. ISOL Tcp  3way-­‐‑handshack
  44. 44. ISOL h2p h2ps •  https://testsv.sitw.com/ •  o  o  http
  45. 45. ISOL GET POST •  http://testsv.sitw.com/gettest.html web •  http://testsv.sitw.com/posttest.html web
  46. 46. ISOL BASIC •  BASIC •  •  URL http://testsv.sitw.com/basic/ User: sitw Pass: sitw
  47. 47. ISOL Digest •  Digest •  URL http://testsv.sitw.com/digest/ User: sitw Pass: sitw
  48. 48. ISOL •  • 
  49. 49. ISOL
  50. 50. ISOL •  telnet ssh •  DNS •  PING •  smtp smtp-auth pop3 imap4
  51. 51. ISOL
  52. 52. ISOL •  • 
  53. 53. ISOL •  •  Flow Graph o  Statistics Flow Graph o  o  IP o 
  54. 54. ISOL •  •  Follow TCP Stream o  Analyze Follow TCP Stream o  o  udp Follow UDP Stream
  55. 55. ISOL •  •  Expert infos o  Analyze Expert info Composite o  Error Warning Notes o  Chat tcp
  56. 56. ISOL •  •  IO Graph o  Statistics IO Graph o  Filter
  57. 57. ISOL •  •  Protocol Hierarchy o  Statistics Protocol Hierarchy o 
  58. 58. ISOL •  •  • 
  59. 59. ISOL •  o  Capture Options Capture File o  Use multiple files •  Proxy http Decode As o  Analyze Decode As o 
  60. 60. ISOL
  61. 61. ISOL Q !!w •  o  www.yahoo.co.jp o  IP o  o  DNS •  o  DHCP o  o  DNS
  62. 62. ISOL Q: •  o  o  o  DNS •  o  o  o  o  o 
  63. 63. ISOL Packet Black Hole
  64. 64. ISOL

×