El documento describe la anatomía y fisiología del sistema nervioso autónomo simpático. Explica que el sistema simpático prepara al organismo para las respuestas de estrés mediante la liberación de noradrenalina y adrenalina. Describe la estructura del sistema, incluyendo las neuronas pre y postganglionares, y explica cómo la acetilcolina y noradrenalina actúan como neurotransmisores principales. También cubre los receptores adrenérgicos y efectos de la noradrenalina.
El documento describe la anatomía y fisiología del sistema nervioso autónomo simpático. Explica que el sistema simpático prepara al organismo para las respuestas de estrés mediante la liberación de noradrenalina y adrenalina. Describe la estructura del sistema, incluyendo las neuronas pre y postganglionares, y explica cómo la acetilcolina y noradrenalina actúan como neurotransmisores principales. También cubre los receptores adrenérgicos y efectos de la noradrenalina.
The document summarizes an inception meeting held by the Ateneo School of Government and Rockefeller Foundation to launch a project on catalyzing new mobility in Metro Manila. Key points from presentations include: (1) Metro Manila has experienced rapid urbanization that has led to problems like traffic and informal settlements; (2) Cities are economic engines and attract people seeking opportunities, yet Metro Manila's pedestrians are not prioritized; (3) The meeting brought together stakeholders to discuss research on Metro Manila's transport system and impacts on the poor.
PhD Thesis of Syed Rizwan Zamir on Syedul Ulama Syed Ali Naqi Naqvi t.s.Jamal Mirza
PhD Thesis of Syed Rizwan Zamir on Syedul Ulama Syed Ali Naqi Naqvi t.s.
SYED RIZWAN ZAMIR
EDUCATION
Ph.D. University of Virginia
B.A. James Madison University
B.A. University of Punjab
I teach introductory and advanced courses in the area of Islamic studies, specializing in Islamic thought and spirituality.
BACKGROUND
My scholarly interests in Islamic studies include Shi'ite thought and spirituality, Sufi metaphysics, cosmology and psychology, transcendent theosophy of Mulla Sadra, virtue and narrative ethics within the Islamic intellectual context, varieties of Islamic mystical expressions, contemporary debates and trends in Muslim thought, and mystical and intellectual traditions of South Asian Islam.
Beyond Islamic studies, my intellectual interests encompass comparative scriptural hermeneutics, comparative theology and mysticism, and inter-faith dialogue, for example, Scriptural Reasoning.
My dissertation focused on South Asian Shi'ism and the religious thought of a major contemporary Indian Shi'ite religious scholar and leader, Ayatullah 'Ali Naqi Naqvi (d. 1988). Aside from numerous encyclopedia entries and book reviews, I have written "Descartes and al-Ghazali: Doubt, Certitude and Light" (Islamic Studies, 2010) and "Tafsir al-Qur'an bi 'l Qur'an: The Hermeneutics of Imitation and Adab in Ibn 'Arabi's Interpretation of the Qur'an" (Islamic Studies, 2011), and a book chapter for The Bloomsbury Companion to Islamic Studies (ed. Clinton Bennett, 2013) that surveys the western academic study of Shi'ite Islam. I am currently working on a book-length comparative study of Sunni and Shi'ite Islam and a book chapter "Sufi Mediation of the Sunni-Shi'ite Divide: Premodern Precedents, Contemporary Articulations" for an upcoming volume on Sufism and Religious Pluralism.
Since March 2012 I co-chair the Study of Islam section of the American Academy of Religion, Southeast Region (SECSOR). I joined the department of Religion in fall 2010.
TEACHING
Introduction to Islam
Sunni and Shi'ite Islam
Islamic Mysticism
Islamic Eschatology
Islamic Ethics
Islam in the Modern Age
Classics of Islamic Literature
CONTACT INFO
Rizwan Zamir
Assistant Professor
Religion Department
Box 7026
Davidson, NC 28035
704-894-2950
Fax: 704-894-2005
rizamir@davidson.edu
Office: Preyer 201A
Office Hours: by appointment
This document discusses the Feed-In Tariff (FIT) system in the Philippines, which aims to promote renewable energy development through fiscal incentives for developers and investors. It provides context on the country's renewable energy sources and potential. It then explains how the FIT system works, including the collection of fees from electricity consumers. While the FIT aims to support renewable energy, there are concerns about the costs imposed on consumers and businesses. Alternatives to the cost pass-through are proposed, such as using existing energy funds instead of new consumer fees.
The Foundation for the Philippine Environment (FPE) is the first non-government grant-making institution for the environment, established in 1992 through a debt-for-nature swap. It focuses on biodiversity conservation and sustainable development projects. The FPE Grants Program aims to maximize the potential of CSOs, NGOs, and POs for conservation action and build their capacities to implement biodiversity and sustainable development projects. Eligible organizations can apply for competitive, site-focused, or pro-active grants ranging from 200,000 to 2,000,000 PHP to fund strategies like constituency building, advocacy, research, and environmental defense.
This document lists environmental events and activities that the Foundation for the Philippine Environment (FPE) will engage in throughout the year. It includes international commemorative days related to topics like wetlands, water, earth hour, biodiversity, as well as regional and national activities such as environmental youth camps, photography contests, and stakeholder meetings that will take place across Luzon, Visayas, and Mindanao. The calendar highlights FPE's plans to conduct educational outreach and celebrate important environmental dates from January through December.
Shaare Zedek Medical Center is a university affiliated medical institution on the cutting edge of scientific and technological development. This latest edition of our research report testifies to the growing range of studies carried out by the Medical Center's staff.
Our physicians embrace research as part of their practice of modern medicine clearly demonstrating that research is an integral part of being a quality caregiver in the 21st century. To ensure that our patients receive top quality care, our practice of clinical medicine must be driven by the advances in science and medicine.
We invite you to take a look at the countless research areas being explored by the staff of Shaare Zedek Medical Center.
המרכז הרפואי שערי צדק הוא מוסד רפואי הנמצא בחזית המחקר והעשייה המדעית והפיתוח הטכנולוגי. המרכז הרופאי שערי צדק מסונף לפקולטה לרפואה של האוניברסיטה העברית וקשור במקביל לפקולטה למדעי הבריאות של אוניברסיטת בן-גוריון. המהדורה האחרונה של דוח המחקר שלנו מבטא ומעיד על טווח והיקף המחקר הנעשה על ידי הצוות של המרכז הרפואי.
הרופאים שלנו רואים את המחקר כחלק מתחום הפעולה שלהם כעוסקים ברפואה מודרנית ומדגימים בכך את החשיבות של מחקר רפואי וקליני כחלק ממתן שירותי רפואה איכותיים ומקצועיים. על מנת לוודא שהמטופלים שלנו מקבלים טיפול ברמה גבוהה ביותר, השירותים שלנו צריכים להיות מונעים מההתקדמות המתמדת בתחומי המדע והרפואה.
אנו מזמינים אתכם לעיין בתחומים הנרחבים והמגוונים שנחקרים על ידי הצוות במרכז הרפואי שערי צדק
DLP stands for data loss prevention. It is a solution that helps organizations understand how and what data is leaving their networks in order to protect sensitive information. DLP works by deploying various modules to discover data at rest, prevent data loss in motion via email and web, and monitor data in use on endpoints and networks. It analyzes network traffic and endpoints to detect policy violations and capture data according to defined policies. DLP provides comprehensive protection by integrating with other security tools like email and web gateways, encryption, and mobile device management.
This document contains a list of email addresses. There are over 200 email addresses listed, with names like anders.kortsen@get2net.dk and arthurbraillard75@msn.com. The email addresses appear to be for individuals from different countries including Sweden, Norway, France, Portugal, the Dominican Republic, Indonesia, and others.
A mail server is a computer that handles email delivery. It implements the client and server portions of SMTP to reliably transfer messages between servers using TCP port 25. A mail server stores users' incoming emails in their mailboxes and queues outgoing messages to be sent. The major components of electronic mail systems are user agents for composing/reading mail, mail servers for message storage and transfer using SMTP, and protocols like POP3 and IMAP for users to access their mailboxes.
This document provides an overview of The Boeing Company. Some key points:
- Boeing is the world's largest aerospace company and manufacturer of commercial jetliners and military aircraft. It employs over 170,000 people globally.
- According to Porter's five forces analysis, the aerospace industry faces intense competition due to a small number of large players controlling prices. Barriers to entry are low to high.
- Boeing's value chain reveals strengths in R&D, marketing, customer service, and information systems. Production and materials management are weaknesses.
- Financially, Boeing has worked to reduce debt while increasing assets in recent years. It remains heavily leveraged due to investments in new aircraft.
This document provides an overview of various financing mechanisms that can be used to fund marine conservation efforts. It begins with an introduction describing the need to protect marine resources and finance marine conservation. It then presents over 30 specific financing mechanisms categorized by their source of revenue. These include mechanisms that generate revenue from governments, grants/donations, tourism, natural resource use, real estate/development, and for-profit investments. For each, the document provides a brief description and examples of how it has been applied to marine conservation. It emphasizes that mechanisms should be evaluated as part of a business plan that identifies costs and potential revenue sources to develop a sustainable financing strategy for protecting marine and coastal areas.
This document summarizes key components of an email server including the mail server port (Port 25), common mail clients (Thunderbird, Outlook, Evolution, Kmail, IBM Lotus Notes), webmail clients (Horde, Open webmail, SquirelMail, Roundcube), and how mail servers work. It describes outgoing servers using SMTP and MSA protocols looking up MX records from DNS servers. It also discusses incoming servers using POP3 and IMAP4 protocols, with POP3 requiring downloading all emails to PCs while IMAP4 keeps emails on the server. Finally, it lists the main protocols and ports used including POP3 (Port 110), IMAP4 (Port 143), SMTP (Port 25
The document provides an overview of Sakamoto Orient Chemicals Corporation (SOCC) including:
1) SOCC manufactures and exports refined glycerin, polyglycerin, and TBA polymer products. Exports are primarily to Japan and other Asian countries through its parent company.
2) SOCC enjoys benefits of being a PEZA registered corporation including preferential tax rates and import duty exemptions. Production processes are ISO certified and products are Halal and Kosher certified.
3) Research methods were used to understand SOCC's internal situation and external factors, including interviews and reviewing financial statements. The goal is to discern SOCC's present condition and formulate strategies.
The document discusses setting up a database-driven web site using two tools: PHP and MySQL. It will cover installing and configuring these tools as well as designing a content management system that allows non-technical users to easily add and modify content without modifying HTML or database files. The overall goal is to build a large, content-driven site that is easy to maintain.
The document provides an overview of the basic features of Oracle, including:
- Oracle consists of an Oracle database and Oracle server instance, with SQL as the programming language.
- The database has both a physical structure of datafiles, redo logs, and control files, and a logical structure of tablespaces and schema objects.
- An Oracle instance includes background processes and a shared memory area (SGA) containing buffers, redo logs, and the shared pool.
- SQL and PL/SQL allow querying and manipulating the database, with PL/SQL adding programming functionality. Background processes manage I/O, recovery, and other maintenance tasks.
The document summarizes an inception meeting held by the Ateneo School of Government and Rockefeller Foundation to launch a project on catalyzing new mobility in Metro Manila. Key points from presentations include: (1) Metro Manila has experienced rapid urbanization that has led to problems like traffic and informal settlements; (2) Cities are economic engines and attract people seeking opportunities, yet Metro Manila's pedestrians are not prioritized; (3) The meeting brought together stakeholders to discuss research on Metro Manila's transport system and impacts on the poor.
PhD Thesis of Syed Rizwan Zamir on Syedul Ulama Syed Ali Naqi Naqvi t.s.Jamal Mirza
PhD Thesis of Syed Rizwan Zamir on Syedul Ulama Syed Ali Naqi Naqvi t.s.
SYED RIZWAN ZAMIR
EDUCATION
Ph.D. University of Virginia
B.A. James Madison University
B.A. University of Punjab
I teach introductory and advanced courses in the area of Islamic studies, specializing in Islamic thought and spirituality.
BACKGROUND
My scholarly interests in Islamic studies include Shi'ite thought and spirituality, Sufi metaphysics, cosmology and psychology, transcendent theosophy of Mulla Sadra, virtue and narrative ethics within the Islamic intellectual context, varieties of Islamic mystical expressions, contemporary debates and trends in Muslim thought, and mystical and intellectual traditions of South Asian Islam.
Beyond Islamic studies, my intellectual interests encompass comparative scriptural hermeneutics, comparative theology and mysticism, and inter-faith dialogue, for example, Scriptural Reasoning.
My dissertation focused on South Asian Shi'ism and the religious thought of a major contemporary Indian Shi'ite religious scholar and leader, Ayatullah 'Ali Naqi Naqvi (d. 1988). Aside from numerous encyclopedia entries and book reviews, I have written "Descartes and al-Ghazali: Doubt, Certitude and Light" (Islamic Studies, 2010) and "Tafsir al-Qur'an bi 'l Qur'an: The Hermeneutics of Imitation and Adab in Ibn 'Arabi's Interpretation of the Qur'an" (Islamic Studies, 2011), and a book chapter for The Bloomsbury Companion to Islamic Studies (ed. Clinton Bennett, 2013) that surveys the western academic study of Shi'ite Islam. I am currently working on a book-length comparative study of Sunni and Shi'ite Islam and a book chapter "Sufi Mediation of the Sunni-Shi'ite Divide: Premodern Precedents, Contemporary Articulations" for an upcoming volume on Sufism and Religious Pluralism.
Since March 2012 I co-chair the Study of Islam section of the American Academy of Religion, Southeast Region (SECSOR). I joined the department of Religion in fall 2010.
TEACHING
Introduction to Islam
Sunni and Shi'ite Islam
Islamic Mysticism
Islamic Eschatology
Islamic Ethics
Islam in the Modern Age
Classics of Islamic Literature
CONTACT INFO
Rizwan Zamir
Assistant Professor
Religion Department
Box 7026
Davidson, NC 28035
704-894-2950
Fax: 704-894-2005
rizamir@davidson.edu
Office: Preyer 201A
Office Hours: by appointment
This document discusses the Feed-In Tariff (FIT) system in the Philippines, which aims to promote renewable energy development through fiscal incentives for developers and investors. It provides context on the country's renewable energy sources and potential. It then explains how the FIT system works, including the collection of fees from electricity consumers. While the FIT aims to support renewable energy, there are concerns about the costs imposed on consumers and businesses. Alternatives to the cost pass-through are proposed, such as using existing energy funds instead of new consumer fees.
The Foundation for the Philippine Environment (FPE) is the first non-government grant-making institution for the environment, established in 1992 through a debt-for-nature swap. It focuses on biodiversity conservation and sustainable development projects. The FPE Grants Program aims to maximize the potential of CSOs, NGOs, and POs for conservation action and build their capacities to implement biodiversity and sustainable development projects. Eligible organizations can apply for competitive, site-focused, or pro-active grants ranging from 200,000 to 2,000,000 PHP to fund strategies like constituency building, advocacy, research, and environmental defense.
This document lists environmental events and activities that the Foundation for the Philippine Environment (FPE) will engage in throughout the year. It includes international commemorative days related to topics like wetlands, water, earth hour, biodiversity, as well as regional and national activities such as environmental youth camps, photography contests, and stakeholder meetings that will take place across Luzon, Visayas, and Mindanao. The calendar highlights FPE's plans to conduct educational outreach and celebrate important environmental dates from January through December.
Shaare Zedek Medical Center is a university affiliated medical institution on the cutting edge of scientific and technological development. This latest edition of our research report testifies to the growing range of studies carried out by the Medical Center's staff.
Our physicians embrace research as part of their practice of modern medicine clearly demonstrating that research is an integral part of being a quality caregiver in the 21st century. To ensure that our patients receive top quality care, our practice of clinical medicine must be driven by the advances in science and medicine.
We invite you to take a look at the countless research areas being explored by the staff of Shaare Zedek Medical Center.
המרכז הרפואי שערי צדק הוא מוסד רפואי הנמצא בחזית המחקר והעשייה המדעית והפיתוח הטכנולוגי. המרכז הרופאי שערי צדק מסונף לפקולטה לרפואה של האוניברסיטה העברית וקשור במקביל לפקולטה למדעי הבריאות של אוניברסיטת בן-גוריון. המהדורה האחרונה של דוח המחקר שלנו מבטא ומעיד על טווח והיקף המחקר הנעשה על ידי הצוות של המרכז הרפואי.
הרופאים שלנו רואים את המחקר כחלק מתחום הפעולה שלהם כעוסקים ברפואה מודרנית ומדגימים בכך את החשיבות של מחקר רפואי וקליני כחלק ממתן שירותי רפואה איכותיים ומקצועיים. על מנת לוודא שהמטופלים שלנו מקבלים טיפול ברמה גבוהה ביותר, השירותים שלנו צריכים להיות מונעים מההתקדמות המתמדת בתחומי המדע והרפואה.
אנו מזמינים אתכם לעיין בתחומים הנרחבים והמגוונים שנחקרים על ידי הצוות במרכז הרפואי שערי צדק
DLP stands for data loss prevention. It is a solution that helps organizations understand how and what data is leaving their networks in order to protect sensitive information. DLP works by deploying various modules to discover data at rest, prevent data loss in motion via email and web, and monitor data in use on endpoints and networks. It analyzes network traffic and endpoints to detect policy violations and capture data according to defined policies. DLP provides comprehensive protection by integrating with other security tools like email and web gateways, encryption, and mobile device management.
This document contains a list of email addresses. There are over 200 email addresses listed, with names like anders.kortsen@get2net.dk and arthurbraillard75@msn.com. The email addresses appear to be for individuals from different countries including Sweden, Norway, France, Portugal, the Dominican Republic, Indonesia, and others.
A mail server is a computer that handles email delivery. It implements the client and server portions of SMTP to reliably transfer messages between servers using TCP port 25. A mail server stores users' incoming emails in their mailboxes and queues outgoing messages to be sent. The major components of electronic mail systems are user agents for composing/reading mail, mail servers for message storage and transfer using SMTP, and protocols like POP3 and IMAP for users to access their mailboxes.
This document provides an overview of The Boeing Company. Some key points:
- Boeing is the world's largest aerospace company and manufacturer of commercial jetliners and military aircraft. It employs over 170,000 people globally.
- According to Porter's five forces analysis, the aerospace industry faces intense competition due to a small number of large players controlling prices. Barriers to entry are low to high.
- Boeing's value chain reveals strengths in R&D, marketing, customer service, and information systems. Production and materials management are weaknesses.
- Financially, Boeing has worked to reduce debt while increasing assets in recent years. It remains heavily leveraged due to investments in new aircraft.
This document provides an overview of various financing mechanisms that can be used to fund marine conservation efforts. It begins with an introduction describing the need to protect marine resources and finance marine conservation. It then presents over 30 specific financing mechanisms categorized by their source of revenue. These include mechanisms that generate revenue from governments, grants/donations, tourism, natural resource use, real estate/development, and for-profit investments. For each, the document provides a brief description and examples of how it has been applied to marine conservation. It emphasizes that mechanisms should be evaluated as part of a business plan that identifies costs and potential revenue sources to develop a sustainable financing strategy for protecting marine and coastal areas.
This document summarizes key components of an email server including the mail server port (Port 25), common mail clients (Thunderbird, Outlook, Evolution, Kmail, IBM Lotus Notes), webmail clients (Horde, Open webmail, SquirelMail, Roundcube), and how mail servers work. It describes outgoing servers using SMTP and MSA protocols looking up MX records from DNS servers. It also discusses incoming servers using POP3 and IMAP4 protocols, with POP3 requiring downloading all emails to PCs while IMAP4 keeps emails on the server. Finally, it lists the main protocols and ports used including POP3 (Port 110), IMAP4 (Port 143), SMTP (Port 25
The document provides an overview of Sakamoto Orient Chemicals Corporation (SOCC) including:
1) SOCC manufactures and exports refined glycerin, polyglycerin, and TBA polymer products. Exports are primarily to Japan and other Asian countries through its parent company.
2) SOCC enjoys benefits of being a PEZA registered corporation including preferential tax rates and import duty exemptions. Production processes are ISO certified and products are Halal and Kosher certified.
3) Research methods were used to understand SOCC's internal situation and external factors, including interviews and reviewing financial statements. The goal is to discern SOCC's present condition and formulate strategies.
The document discusses setting up a database-driven web site using two tools: PHP and MySQL. It will cover installing and configuring these tools as well as designing a content management system that allows non-technical users to easily add and modify content without modifying HTML or database files. The overall goal is to build a large, content-driven site that is easy to maintain.
The document provides an overview of the basic features of Oracle, including:
- Oracle consists of an Oracle database and Oracle server instance, with SQL as the programming language.
- The database has both a physical structure of datafiles, redo logs, and control files, and a logical structure of tablespaces and schema objects.
- An Oracle instance includes background processes and a shared memory area (SGA) containing buffers, redo logs, and the shared pool.
- SQL and PL/SQL allow querying and manipulating the database, with PL/SQL adding programming functionality. Background processes manage I/O, recovery, and other maintenance tasks.
1. This chapter introduces remoting, which allows applications running in separate application domains to communicate. It provides flexibility in how applications communicate across processes.
2. The document discusses creating a simple example client-server application to demonstrate remoting. A remote object is created and hosted by a console application. A client application retrieves data from the remote object.
3. Key aspects of remoting covered include configuration options for channels, hosting, and metadata exposure. The code examples show how to create and configure a remote object and host, and how a client accesses the remote object.
Introduction to EIGRP [IP Routing] - Cisco SystemsHoàng Hải Nguyễn
EIGRP is an enhanced version of IGRP that provides faster convergence times and greater efficiency. It uses the same distance vector routing protocol as IGRP but improves on it with technologies like DUAL and reliable transport. EIGRP supports various network layers, has capabilities for neighbor discovery, route tagging for external routes, and operates in a way that ensures rapid synchronization across all routers during topology changes.
This document provides an overview and introduction to the book "MySQL/PHP Database Applications" by Jay Greenspan and Brad Bulger. It discusses what the book covers, how it is organized, who it is intended for, and what readers can expect to learn. The book focuses on using PHP and MySQL together to develop data-driven web applications. It is intended for developers who want to learn how to efficiently build these types of applications. The book is organized into four parts that cover using MySQL, using PHP, building simple applications, and constructing more complex, real-world types of applications commonly found on the web.
This document provides an introduction to real-time systems, including definitions of key terminology like real-time, deadlines, events, and determinism. It discusses common real-time system design issues and gives examples of real-time systems. The document also aims to dispel common misconceptions and provides a brief history of early real-time systems including the Whirlwind computer and SAGE air defense system.
CCNA Security Lab 9 - Enabling SSH and HTTPS access to Cisco IOS Routers - CLIHoàng Hải Nguyễn
This document provides instructions for a lab exercise to configure Secure Shell (SSH) and Hypertext Transfer Protocol Secure (HTTPS) access on a Cisco IOS router. The lab objectives are to learn how to enable SSH and HTTPS to remotely manage the router securely. The tasks include configuring the router's hostname and IP address, generating an RSA key, enabling HTTPS with access control, configuring authentication using usernames/passwords, and verifying the configurations.
This document describes the Routing Information Protocol (RIP), which is used to exchange routing information between gateways and hosts. It aims to formally document the protocol, which was previously undocumented but widely used. The document specifies improvements to the distance vector routing algorithms to improve stability in large networks, and suggests optional features to increase configurability and control. RIP is intended for use within autonomous systems to exchange routing information.
EIGRP is a proprietary routing protocol developed by Cisco that is based on distance-vector routing. It uses the Diffusing Update Algorithm to quickly converge on routes and prevent routing loops. EIGRP calculates composite metrics for routes using factors like bandwidth and delay to determine the best path. It elects successors and feasible successors for routes to provide primary and backup paths. EIGRP also uses neighbor tables, topology tables, and routing tables to store routing information and make forwarding decisions.
Smartbiz_He thong MES nganh may mac_2024juneSmartBiz
Cách Hệ thống MES giúp tối ưu Quản lý Sản xuất trong ngành May mặc như thế nào?
Ngành may mặc, với đặc thù luôn thay đổi theo xu hướng thị trường và đòi hỏi cao về chất lượng, đang ngày càng cần những giải pháp công nghệ tiên tiến để duy trì sự cạnh tranh. Bạn đã bao giờ tự hỏi làm thế nào mà những thương hiệu hàng đầu có thể sản xuất hàng triệu sản phẩm với độ chính xác gần như tuyệt đối và thời gian giao hàng nhanh chóng? Bí mật nằm ở hệ thống Quản lý Sản xuất (MES - Manufacturing Execution System).
Hãy cùng khám phá cách hệ thống MES đang cách mạng hóa ngành may mặc và mang lại những lợi ích vượt trội như thế nào.
1. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 1 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Phân tích gói tin i WIRESHARK
0 Like 0
Gi i thi u qua m t chút v Wireshark
- WireShark có m t b y l ch s . Gerald Combs là ng i u tiên phát tri n ph n m m này. Phiên b n u tiên c g i là Ethereal c phát
hành n m 1998. Tám n m sau k t khi phiên b n u tiên ra i, Combs t b công vi c hi n t i theo im tc i ngh nghi p khác. Th t
không may, i th i m ó, ông không th t c tho thu n v i công ty ã thuê ông v vi c b n quy n c a th ng hi u Ethereal. Thay vào
ó, Combs và ph n còn l i c a i phát tri n ã xây d ng m t th ng hi u m i cho s n ph m “Ethereal” vào n m 2006, d án tên là WireShark.
- WireShark ã phát tri n m nh m và n nay, nhóm phát tri n cho n nay ã lên t i 500 c ng tác viên. S n ph m ã t n t i d i cái tên
Ethereal không c phát tri n thêm.
- L i ích Wireshark em l i ã giúp cho nó tr nên ph bi n nh hi n nay. Nó có th áp ng nhu c u c a c các nhà phân tích chuyên nghi p và
nghi p d và nó a ra nhi u tính n ng thu hút m i i t ng khác nhau.
Các giao th c c h tr i WireShark:
WireShark v t tr i v kh ng h tr các giao th c (kho ng 850 lo i), t nh ng lo i ph bi n nh TCP, IP n nh ng lo i c bi t nh là
AppleTalk và Bit Torrent. Và c ng b i Wireshark c phát tri n trên mô hình mã ngu n m , nh ng giao th c m i s c thêm vào. Và có th
nói r ng không có giao th c nào mà Wireshark không th h tr .
Thân thi n v i ng i dùng: Giao di n c a Wireshark là m t trong nh ng giao di n ph n m phân tích gói d dùng nh t. Wireshark là
ng d ng ho i h th ng menu rât rõ ràng và c b trí d hi u. Không nh ts n ph m s ng dòng l nh ph c t p nh
TCPdump, giao di n ho a Wireshark th t tuy t v i cho nh ng ai ã t ng nghiên c u th gi i c a phân tích giao th c.
Giá r : Wireshark là m t s n ph m mi n phí GPL. B n có th i v và s ng Wireshark cho b t k c ích nào, k c i m c ích
th ng i.
H tr : ng ng c a Wireshark là m t trong nh ng c ng ng t và n ng ng nh t c a các d án mã ngu n m .
H u hành h tr Wireshark: Wireshark h tr u h t các lo i h u hành hi n nay.
1. M t s tình hu ng c n
Trong ph n này chúng ta s p nv n c th n. S ng Wireshark và phân tích gói tin gi i quy t m t v n c th a m ng.
Chúng tôi xin a ra m t s tình hu ng n hình.
A Lost TCP Connection (m t t n i TCP)
t trong các v n ph bi n nh t là m t k t n i m ng.Chúng ta s b qua nguyên nhân t i sao kêt n i b t, chúng ta s nhìn hi n t ng ó
c gói tin.
Ví d :
t ví truy n file b t k t n i:
t u b ng vi c g i 4 gói TCP ACK t 10.3.71.7 n 10.3.30.1.
Hình 3.1-1: This capture begins simply enough with a few ACK packets.
ib t u t gói th 5, chúng ta nhìn th y xu t hi n vi c g i l i gói c a TCP.
Hình 3.1-2: These TCP retransmissions are a sign of a weak or dropped connection.
Theo thi t k , TCP s i t gói tin n ích, n u không nh n c tr i sau m t kho ng th i gian nó s i l i gói tin ban u. N u v n ti p
c không nh n c ph n h i, máy ngu n s ng g p ôi th i gian i cho l n g i l i ti p theo.
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
2. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 2 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Nh ta th y hình trên, TCP s il i5 n, n u 5 l n liên ti p không nh n c ph n h i thì k t n i c coi là t thúc.
Hi n t ng này ta có th th y trong Wireshark nh sau:
Hình 3.1-4: Windows will retransmit up to five times by default.
Kh ng xác nh gói tin b i ôi khi s giúp chúng ta có th phát hi n ra m u tr t m ng b t là do âu.
Unreachable Destinations and ICMP Codes (không th ch m t i m cu i và các mã ICMP)
t trong các công c khi ki m tra k t n i m ng là công c ICMP ping. N u may m n thì phía m c tiêu tr il i u ó có ngh a là b n ã ping
thành công, còn n u không thì s nh n c thông báo không th t n i t i máy ích. S ng công c t gói tin trong vi c này s cho b n
nhi u thông tin h n thay vì ch dung ICMP ping bình th ng. Chúng ta s nhìn rõ h n các l i c a ICMP.
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
3. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 3 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Hình 3.1-5: A standard ping request from 10.2.10.2 to 10.4.88.88
Hình d i ây cho th y thông báo không th ping t i 10.4.88.88 t máy 10.2.99.99.
Nh y so v i ping thông th ng thì ta có th th y k t n i b tt 10.2.99.99. Ngoài ra còn có các mã l i c a ICMP, ví d : code 1 (Host
unreachable)
Hình 3.1-6: This ICMP type 3 packet is not what we expected.
Unreachable Port (không th t n i t i c ng)
t trong các nhi m v thông th ng khác là ki m tra k t n i t i m t c ng trên t máy ích. Vi c ki m tra này s cho th y c ng c n ki m tra có
m hay không, có s n sang nh n các yêu c u g i n hay không.
Ví d , ki m tra d ch v FTP có ch y trên m t server hay không, m c nh FTP s làm vi c qua c ng 21 ch thông th ng. Ta s i gói
tin ICMP n c ng 21 c a máy ích, n u máy ích tr i l i gói ICMP lo i o và mã l i 2 thì có ngh a là không th t i t i c ng ó.s
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
4. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 4 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
Fragmented Packets
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Hình 3.1-7: This ping request requires three packets rather than one because the data being transmitted is
above average size.
ây có th th y kích th c gói tin ghi nh n c l n h n kích th c gói tin m c nh g i i khi ping là 32 bytes t i t máy tính ch y Windows.
Kích th c gói tin ây là 3,072 bytes.
Determining Whether a Packet Is Fragmented (xác nh v trí gói tin b phân n)
No Connectivity (không t n i)
n : chúng ta có 2 nhân viên m i H i và Thanh và c s p ng i c nh nhau và ng nhiên là c trang b 2 máy tính. Sauk hi c trang
b và làm các thao tác a 2 máy tính vào m ng, có m t n y ra là máy tính c a H i ch y t t, k t n i m ng bình th ng, máy tính c a
Thanh không th truy nh p Internet.
c tiêu : tìm hi u t i sao máy tính c a Thanh không k t n i c Internet và s a l i ó.
Các thông tin chúng ta có
c 2 máy tính um i
c 2 máy u c t IP và có th ping n các máy khác trong m ng
Nói tóm l i là 2 máy này c c u hình không có gì khác nhau.
Ti n hành
Cài t Wireshark tr c ti p lên c 2 máy.
Phân tích
Tr c h t trên máy c a H i ta nhìn th y m t phiên làm vi c bình th ng v i HTTP. u tiên s có m t ARP broadcast tìm a ch a gateway
ng 2, ây là 192.168.0.10. Khi máy tính c a H i nh n c thông tin nó s t tay v i máy gateway và t ó có phiên làm vi c v i HTTP ra
bên ngoài.
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
5. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 5 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Hình 3.1-8: H i’s computer completes a handshake, and then HTTP data transfer begins.
Tr ng h p máy tính a Thanh
Hình 3.1-9: Thanh’s computer appears to be sending an ARP request to a different IP address.
Hình trên cho th y yêu c u ARP không gi ng nh tr ng h p trên. a ch gateway c tr v là 192.168.0.11.
Nh y có th th y NetBIOS có v n .
NetBIOS là giao th c c nó s c thay th TCP/IP khi TCP/IP không ho t ng. Nh y là máy c a Thanh không th t n i Internet v i
TCP/IP.
Chi ti t yêu c u ARP trên 2 máy :
Máy H i
Máy Thanh
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
6. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 6 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
t lu n : máy Thanh t sai a ch gateway nên không th t n i Internet, c n t l i là 192.168.0.10.
The Ghost in Internet Explorer (con ma trong trình duy t IE)
Hi n t ng : máy tính c a A có hi n t ng nh sau, khi s ng trình duy t IE, trình duy t t ng tr n r t nhi u trang qu ng cáo. Khi A thay
i b ng tay thì v n b hi n t ng ó th m chí kh ng i máy c ng v n b nh th .
Thông tin chúng ta có
A không th o v máy tính m
Máy tính c a A dùng Widows XP, IE 6
Ti n hành
Vì hi n t ng này ch y ra trên máy c a A và trang home page c a A b thay i khi b t IE nên chúng ta s ti p hành t gói tin t máy c a A.
Chúng ta không nh t thi t ph i cài Wireshark tr c ti p t máy c a A. Chúng ta có th dùng k thu t
“Hubbing Out” .
Phân tích
Hình 3.1-13: Since there is no user interaction happening on A’s computer at the time of this capture, all of these packets going across the wire
should set off some alarms.
Chi ti t gói tin th 5:
Hình 3.1-14: Looking more closely at packet 5, we see it is trying to download data from the Internet.
T máy tính g i yêu c u GET c a HTTP n a ch nh trên hình.
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
7. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 7 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Hình 3.1-15: A DNS query to the weatherbug.com domain gives a clue to the culprit.
Gói tin tr i t u có v n : th t các ph n b thay i.
t s gói ti p theo có s p ACK.
Hình 3.1-16: A DNS query to the weatherbug.com domain gives a clue to the culprit.
Sau m t lo t các thay i trên thì có truy v n DNS n deskwx.weatherbug.com
ây là a ch A không h bi t và không có ý nh truy c p.
Nh y có th là có t process nào ó ã làm thay i a ch trang ch i khi IE c b t lên. Dùng m t công c ki m tra process n ví d
nh Process Explore và th y r ng có ti n trình weatherbug.exe ang ch y. Sau khi t t ti n trình này i không còn hi n t ng trên n a.
Thông th ng các ti n trình nh weatherbug có th là virus, spyware.
Giao di n Process Explore
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
8. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 8 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
i k t n i FTP
Tình hu ng : có tài kho n FTP trên Windows Server 2003 ã update service packs v a cài t xong, ph n m m FTP Server hoàn toàn bình
th ng, kho n úng nh ng không truy nh p c.
Thông tin chúng ta có
FTP làm vi c trên c ng 21
Ti n hành
Cài t Wireshark trên c 2 máy.
Phân tích
Client:
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
9. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch Q... Page 9 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
Hình 3.1-19: The client tries to establish connection with SYN packets but gets no response; then it sends a
few more.
Client g i các gói tin SYN t tay v i server nh ng không có ph n h i t server.
Server :
Hình 3.1-20: The client and server trace files are almost identical.
Có 3 lý do có th n n hi n t ng trên
FTP server ch a ch y, u này không úng vì FTP server c a chúng ta ã ch y nh ki m tra lúc u
Server quá t i ho c có l u l ng quá l n khi n không th áp ng yêu c u. u này c ng không chính xác vì server v a m i c cài t.
ng 21 b m phía clien ho c phía server ho c c 2 phía. Sau khi ki m tra và th y r ng phía Server c m c ng 21 c chi u Incoming
và Outgoing trong Local Security Policy
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011
10. F -X C h a n ge
Phân tích gói tin v i WIRESHARK | VnExperts Academy - ào t o, h c, thi ch ng ch ... Page 10 of 10 F -X C h a n ge
PD PD
!
!
W
W
O
O
N
N
y
y
bu
bu
to
to
k
k
lic
lic
C
C
w
w
m
m
w w
w
w
o
o
.d o .c .d o .c
c u -tr a c k c u -tr a c k
t lu n
ôi khi b t gói tin không cho ta bi t tr c ti p v n nh ng nó ã h n ch c r t nhi u tr ng h p và giúp ta a ra suy oán chính xác v n
là gì.
vnsecurity.vn
Tin m i h n:
06/06/2009 09:47 - Conficker Worm Computer Now
14/04/2009 02:56 - o t SSH v i ch ng th c khóa công khai / khóa riêng
05/03/2009 09:12 - X lý các tính hu ng th c t i WireShark
Tin c n:
05/03/2009 02:36 - ISO 27001:2005 - H th ng qu n lý an ninh thông tin
27/10/2008 10:51 - Cài t Back Track 3 (công c c CEH và nghiên c u v o m t)
12/08/2008 11:03 - 5 b c nhanh g n ki m tra ch om t
Trang k >>
http://www.vnexperts.net/bai-viet-ky-thuat/security/862-phan-tich-goi-tin-vi-wireshark.html... 3/5/2011