1 research outputs found
ΠΡΠΈΠΌΠ΅Π½Π΅Π½ΠΈΠ΅ Wireshark Π΄Π»Ρ Π΄Π΅ΡΠ΅ΠΊΡΡΠΈΠΎΠ²Π°Π½ΠΈΡ ΠΈΠ½ΡΠΈΠ΄Π΅Π½ΡΠΎΠ² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ
Wireshark ΡΠ²Π»ΡΠ΅ΡΡΡ ΡΠΈΡΠΎΠΊΠΎ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΠΌΡΠΌ Π°Π½Π°Π»ΠΈΠ·Π°ΡΠΎΡΠΎΠΌ ΡΠ΅ΡΠ΅Π²ΡΡ
ΠΏΡΠΎΡΠΎΠΊΠΎΠ»ΠΎΠ² ΠΈ ΠΏΠ°ΠΊΠ΅ΡΠΎΠ². ΠΠ°Π½Π½Π°Ρ ΡΡΠ°ΡΡΡ ΠΏΠΎΡΠ²ΡΡΠ΅Π½Π° ΠΏΡΠ°ΠΊΡΠΈΡΠ΅ΡΠΊΠΈΠΌ ΡΠΏΠΎΡΠΎΠ±Π°ΠΌ Π΄Π΅ΡΠ΅ΠΊΡΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΠΈΠ½ΡΠΈΠ΄Π΅Π½ΡΠΎΠ² ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΎΠ½Π½ΠΎΠΉ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ Π² ΡΠ΅ΡΠΈ ΠΏΡΠ΅Π΄ΠΏΡΠΈΡΡΠΈΡ Π½Π° ΠΎΡΠ½ΠΎΠ²Π΅ Π°Π½Π°Π»ΠΈΠ·Π° ΡΡΠ°ΡΠΈΠΊΠ° Ρ ΠΏΠΎΠΌΠΎΡΡΡ Π°Π½Π°Π»ΠΈΠ·Π°ΡΠΎΡΠ° ΠΏΠ°ΠΊΠ΅ΡΠΎΠ² Wireshark. Π Π°ΡΡΠΌΠΎΡΡΠ΅Π½Ρ ΡΠ°ΠΊΠΈΠ΅ Π°ΡΠ°ΠΊΠΈ ΠΊΠ°ΠΊ ARP-spoofing, DDoS, ΡΠ°ΡΡΠΌΠΎΡΡΠ΅Π½ΠΎ Π΄Π΅ΡΠ΅ΠΊΡΠΈΡΠΎΠ²Π°Π½ΠΈΠ΅ Π½Π°Π»ΠΈΡΠΈΡ Π±ΠΎΡΠΎΠ² Π² ΡΠ΅ΡΠΈ ΠΊΠ°ΠΊ ΠΏΠΎ ΠΏΡΡΠΌΡΠΌ ΠΏΡΠΈΠ·Π½Π°ΠΊΠ°ΠΌ, ΡΠ°ΠΊ ΠΈ ΠΏΠΎ ΠΊΠΎΡΠ²Π΅Π½Π½ΡΠΌ, ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½Ρ ΠΎΡΠ½ΠΎΠ²Π½ΡΠ΅ ΠΏΡΠ½ΠΊΡΡ Π΄Π΅ΡΠ΅ΠΊΡΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΠΏΠΎΠ΄ΠΊΠ»ΡΡΠ΅Π½ΠΈΡ ΠΊ ΡΠ΅ΡΠΈ Tor.Wireshark is a widely used traffic and packet analyzer. This article is devoted to practical methods of detecting information security incidents in an enterprise network based on traffic analysis using the Wireshark packet analyzer. Attacks such as ARP-spoofing, DDoS are considered, detection of the presence of bots in the network is regarded both by direct and indirect characteristics, and the main points of detection of connection to the Tor network are presented