Boots CS-1000 Manual do Utilizador descarregar pdf (Página 379)

100

101

Notes

_____________________________________________________________

PCAP or Packet Capture is used to

analyse the information passing on your

network between different devices.

Basically it sets the Ethernet controller

in to a mode where it collects every

packet it sees on the Network, whether

addressed to the system you are on or

not.

Normally you would need to set up a

Mirror Port on an Ethernet Switch to

collect this data which is complex and

time consuming. However the Linux

Base software has PCAP built-in thus

allowing capture to be done directly on

the server.

Firstly however you need to enable

PCAP by using the command

$harden nettools on

This allows PCAP to be used, it is then

a case of starting PCAP as shown

$pcap start Start Capture

$pcap stop Stop Capture

CS 1000 Rel 7.5 16/04/2013

379

1 2 ... 374 375 376 377 378 379 380 381 382 383 384 ... 399 400

Comentários a estes Manuais

Sem comentários

Boots CS-1000 Manual do Utilizador Página 379

Comentários a estes Manuais