Network Forensics
-
Upload
andrea-lazzarotto -
Category
Technology
-
view
4.174 -
download
0
description
Transcript of Network Forensics
Network ForensicsAndrea Lazzarotto — 833897
http://lazza.me/NetworkForensics
Configurazione di una sonda
ifconfig eth0 -arp upifconfig eth1 -arp up Attivazione interfacce
Attivazione bridgebrctrl stp br0 offifconfig br0 -arp up
brctrl addbr br0brctrl addif br0 eth0brctrl addif br0 eth1
Creazione bridge
Stessa root directory
12:13:53 xxx.xxx.xxx.xxx [996]sent /DirWalkR.asp 55012:13:55 xxx.xxx.xxx.xxx [996]created DirWalkR.asp 22612:14:40 xxx.xxx.xxx.xxx [996]sent /ncx99.exe 55012:14:45 xxx.xxx.xxx.xxx [996]created ncx99.exe 22612:14:45 xxx.xxx.xxx.xxx [996]sent /vala.asp 55012:14:47 xxx.xxx.xxx.xxx [996]created vala.asp 226
Esecuzione della shell
12:13:37 xxx.xxx.xxx.xxx GET /space.asp 20012:13:59 xxx.xxx.xxx.xxx GET /dirwalkR.asp 20012:14:08 xxx.xxx.xxx.xxx GET /dirwalkR.asp 20012:14:20 xxx.xxx.xxx.xxx GET /dirwalkR.asp 20012:14:23 xxx.xxx.xxx.xxx GET /dirwalkR.asp 20012:14:27 xxx.xxx.xxx.xxx GET /dirwalkR.asp 20012:15:02 xxx.xxx.xxx.xxx GET /vala.asp 200