|
|
共享Sniffer University过滤器及常见过滤器,附Sniffer 4.7使用方法
手头有不少Sniffer过滤器 其中不少是曾经一个个手动创建的 比如Sniffer University 303,323的过滤器
这里拿出来共享,希望能对大家有所帮助
根据当前Sniffer Portable用户版本分类,有4.7,4.8 and 4.9
其中使用于4.7的格式为XX.csf
后面我会附上4.7使用者如何快速根据已有的附件快速创建过滤器
下面是所有过滤器列表,不同版本使用者可以选择下载
303 的目录
[.] No_NGC_Protocol.snf
[..] P2P Connection Starts.snf
ICME-No Echos.snf Ping-Hacker.snf
IM.snf Security Protocols.snf
Mail.snf Sliced at 256.snf
ME.snf TCP Window = 0.snf
Names.snf Xpert_57.snf
No WinNT.snf
No-PC-Anywhere.snf
323 的目录
[.] RPC-Bind.snf
[..] RPC-Bind_Request-(No.snf
Auth-All.snf RPC-EPM.snf
Auth-Kerberos Ticket.snf RPC-Exchange-MAPI.snf
Auth-Kerberos-AS.snf RPC-File-Repl-Svc.snf
Auth-LANMAN-Present.snf RPC-Netlogon.snf
Auth-NTLMv1.snf RPC-WINS.snf
Auth-RPC-Bind.snf Sec-ICMP.snf
Browser-Master-Announcement.snf Sec-SMBDie.snf
default.snf SMB-All.snf
DHCP-Rogue.snf SMB-Demo-C#R.snf
DNS-Query.snf SMB-Demo-Create.snf
DNS-Refused+Sec.snf SMB-Demo-Read.snf
DNS-Refused.snf SMB-Demo-Setup-Account.snf
DNS-Register+Kerberos.snf SMB-Demo-Tree-Connect.snf
DNS-Register.snf SMB-Negotiate.snf
Exch-Store.snf SMB-No OBJ-Not-Found.snf
LDAP-DHCP-Auth-Test.snf SMB-No-Transact.snf
LDAP-Searches.snf SMB-Read.snf
RPC-AD-Bind-Only.snf SMB-Setup Acct+SAM.snf
RPC-AD-Kerberos.snf SMB-Setup-Account.snf
RPC-AD-Related.snf SMB-UUID.snf
RPC-AD-Started.snf SMB-Write.snf
RPC-ALL.snf
4.7 的目录
TroubleshootingAndMonitor.csf
303.csf
4.8\Cisco_and_Antivirus 的目录
[.] Cisco IOS Router DOS.txt
[..] Cisco Telnet Buffer Overflow.txt
Cisco IOS Http Auth Level(16-39).txt Cisco Web Admin DOS.txt
Cisco IOS Http Auth Level(40-63).txt RPC Interface Buffer Overflow.txt
Cisco IOS Http Auth Level(64-87).txt SQLslammer.txt
Cisco IOS Http Auth Level(88-99).txt SQLslammer2.txt
Cisco IOS HTTP Request DOS.txt
Cisco IOS IPv4 Vulnerability.txt
4.8\Firewall_Check_Filters 的目录
[.] Simple_Firewall_Check
[..] Specialized_Firewall_Check
ICMP_Errors
4.8\General_Troubleshooting 的目录
[.] Errors-Mail Sliced at 256
[..] http-bits TCP Window = 0
Broadcasts No_NGC_Protocol udp crc=0
Errors-DNS P2P Connection Starts
Errors-FTP Ping-Hacker
Errors-HTTP Security Protocols
4.8\Windows_Troubleshooting 的目录
[.] DNS IXFR & Secure WinNT
[..] DNS_Secure_Algorithm
Browse-My_Domain No_WinNT
DHCP_Authorized SMB_Errors
4.9 的目录
[.]
[..]
BPDU.snf
BroadcastMulticast.snf
CVE-2000-0380_CiscoIOSRouterDOS.snf
CVE-2000-0984_CiscoIOSHTTPRequestDOS.snf
CVE-2001-0058_CiscoWebAdminDOS.snf
CVE-2001-0537_CiscoIOSHttpAuthLevel-(16-39).snf
CVE-2001-0537_CiscoIOSHttpAuthLevel-(40-63).snf
CVE-2001-0537_CiscoIOSHttpAuthLevel-(64-87).snf
CVE-2001-0537_CiscoIOSHttpAuthLevel-(88-99).snf
CVE-2002-0886_CiscoTelnetBufferOverflow.snf
CVE-2003-0528_BufferOverrunInDCOM.snf
CVE-2003-0605_DenialOfService.snf
IP DNS(pattern).snf
IP FTP+HTTP.snf
IP ICMP.snf
IP NFS.snf
IP Telnet.snf
IP WHO.snf
IPX.snf
MS03-043_BufferOverrunInMessenger.snf
MS03-049_BufferOverrunInWorkstation.snf
MS03-051_BufferOverrunInFrontPageServer.snf
MS04-006_Q830352_WINS-RCE.snf
MS04-008_Q832359_DOS-Windows-Media.snf
MS04-011_CVE-2003-0533_LSASS.snf
MS04-011_CVE-2003-0663_LDAP.snf
MS04-011_CVE-2003-0907_HCP.snf
MS04-011_CVE-2004-0117_H323.snf
MS04-023_CVE-2004-0201.snf
MS04-024_CVE-2004-0420.snf
MS05-039_W32-IRCbot-worm.snf
MS06-007_CVE-2006-0021.snf
MS06-008_CVE-2006-0013.snf
W32_Bagle.aa_ab_Z@MM.snf
W32_Bagle.ag@MM.snf
W32_Bagle.az@MM.snf
W32_Bagle.b@MM.snf
W32_Bagle.bb_bd@MM.snf
W32_Bagle.bj@MM.snf
W32_Bagle.dldr.snf
W32_Bagle.h_j@MM.snf
W32_Bagle.u@MM.snf
W32_Bagle@MM.snf
W32_Blaster_Lovsan_Nachi.worm.snf
W32_Bropia.worm.p.snf
W32_IRCbot.worm!MS05-039.snf
W32_Mimail.c@MM.snf
W32_MiMail.i@MM.snf
W32_Mydoom.ah@MM.snf
W32_Mydoom.bb@MM.snf
W32_Mydoom.bc_bd_be@MM.snf
W32_Mydoom.o@MM.snf
W32_Mydoom@MM.snf
W32_Netsky.ag@MM.snf
W32_Netsky.b@MM.snf
W32_Netsky.c_d_j@MM.snf
W32_Sasser.worm.a_b_d_CVE-2003-0533.snf
W32_Sober.j@MM.snf
W32_Sober.k@MM.snf
W32_Sober@MM!M681.snf
W32_SQLSlammer.worm.snf
W32_SQLSlammer.worm2.snf
W32_Zafi.d@MM.snf
TroubleshootingAndMonitor 的目录
[.] ICMP_Errors.snf
[..] LocalMAC-ICMP.snf
Broadcasts.snf LocalMAC.snf
Browse-My_Domain.snf No_NGC_Protocol.snf
Cisco Web Admin DOS.snf No_WinNT.snf
default.snf P2P Connection Starts.snf
DHCP_Authorized.snf Ping-Hacker.snf
DNS IXFR & Secure.snf Security Protocols.snf
DNS_Secure_Algorithm.snf Simple_Firewall_Check.snf
Errors-DNS.snf SMB_Errors.snf
Errors-FTP.snf Specialized_Firewall_Check.snf
Errors-HTTP.snf TCP Window = 0.snf
Errors-Mail.snf udp crc=0.snf
http-bits.snf WinNT.snf
Http-Error.snf
附Sniffer 4.7过滤器使用方法:
先备份目录*:\Program Files\NAI\SnifferNT\Program下的Nxsample.csf,然后将其删除
再将附件中xxx.csf格式文件复制到上述目录并改名Nxsample.csf
打开Sniffer Pro,具体的建立方法我想下图足够说明
![MakeFilterUnderSniffer4[1].7.gif](data/attachment/forum/20081208_02eeb58e8252858bf06696h6el356U00.gif "MakeFilterUnderSniffer4[1].7.gif")
|
-
-
4[1].7.rar
8.8 KB, 下载次数: 84, 下载积分: 魔法币 -3
-
-
4[1].8-Cisco_and_Antivirus.zip
22.64 KB, 下载次数: 56, 下载积分: 魔法币 -3
-
-
4[1].8-Firewall_Check_Filters.zip
5.49 KB, 下载次数: 57, 下载积分: 魔法币 -3
-
-
4[1].8-TroubleshootingAndMonitor.rar
105.86 KB, 下载次数: 77, 下载积分: 魔法币 -3
-
-
4[1].8-Windows_Troubleshooting.zip
12.86 KB, 下载次数: 54, 下载积分: 魔法币 -3
-
-
4[1].9.rar
171.65 KB, 下载次数: 64, 下载积分: 魔法币 -3
-
-
303.rar
53.75 KB, 下载次数: 70, 下载积分: 魔法币 -3
-
-
323.rar
178.82 KB, 下载次数: 58, 下载积分: 魔法币 -3
-
-
General_Troubleshooting.zip
22 KB, 下载次数: 64, 下载积分: 魔法币 -3
|
发表于 2008-12-8 13:42:29
发表于 2008-12-8 14:32:44