|
|
大家看看
例1:
编号 相对时间 源 目标 协议 大小 解码 概要
52846 01:30:56.598992 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.170? 告诉 192.168.0.250
52847 01:30:56.599081 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.171? 告诉 192.168.0.250
52848 01:30:56.599444 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.172? 告诉 192.168.0.250
52849 01:30:56.599529 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.173? 告诉 192.168.0.250
52850 01:30:56.599799 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.174? 告诉 192.168.0.250
52851 01:30:56.599872 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.175? 告诉 192.168.0.250
52852 01:30:56.599936 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.176? 告诉 192.168.0.250
52853 01:30:56.600002 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.177? 告诉 192.168.0.250
52854 01:30:56.600189 Dept Of Foreign Affairs:39:5B:87 FF:FF:FF:FF:FF:FF ARP 64 谁是 192.168.0.178? 告诉 192.168.0.250
例2:
严重程度 协议层 事件 源 源端口 目标 目标端口 数据包
警告 DataLink Layer ARP请求风暴(主机IP地址192.168.0.250) 00:C0:4C:39:5B:87 NA 53156
警告 DataLink Layer ARP地址扫描(主机IP地址192.168.0.250) 00:C0:4C:39:5B:87 NA 53156
例3:
数据包信息:
数据包编号: 058117
数据包长度: 64
捕获长度: 60
时间戳: 2006-09-25 02:26:57.279302
以太网 - II [0/14]
目标地址: FF:FF:FF:FF:FF:FF [0/6]
源地址: 00:0F:68:90:00:28 [6/6]
协议类型: 0x0806 (ARP) [12/2]
ARP - 地址解析协议 [14/28]
硬件类型: 1 (以太网) [14/2]
协议类型: 0x0800 [16/2]
硬件地址长度: 6 [18/1]
协议地址长度: 4 [19/1]
操作类型: 1 (ARP 请求) [20/2]
源物理地址: 00:0F:68:90:00:28 [22/6]
源IP地址: 192.168.0.254 [28/4]
目标物理地址: 00:00:00:00:00:00 (Xerox) [32/6]
目标IP地址: 192.168.0.205 [38/4]
额外数据: [42/18]
字节数: 18 bytes [42/18]
FCS - 帧校验序列:
FCS: 0x8C972CC5 (计算出的)
帮忙解决一下 到底是什么问题~!先谢谢大家啦`! |
-
-
例子.rar
595.23 KB, 下载次数: 16, 下载积分: 积分 -3
图片
|
发表于 2006-9-25 02:31:43
发表于 2006-9-25 09:57:53
