Difference between revisions of "SNORT: sniffer mode"

From OnnoWiki
Jump to navigation Jump to search
Line 1: Line 1:
 
Sumber: http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node4.html
 
Sumber: http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node4.html
 +
 +
 +
Perintah yang penting
  
 
  snort -v
 
  snort -v
 
 
  snort -vd
 
  snort -vd
 
 
  snort -vde
 
  snort -vde
  
 +
Jika kita ingin melihat TCP/IP header di layar (sniffer mode), jalankan perintah
  
  First, let's start with the basics. If you just want to print out the TCP/IP packet headers to the screen (i.e. sniffer mode), try this:
+
  snort -v
  
    ./snort -v
+
Jika kita juga ingin melihat data aplikasi / payload yang di bawa oleh paket, gunakan perintah
  
This command will run Snort and just show the IP and TCP/UDP/ICMP headers, nothing else. If you want to see the application data in transit, try the following:
+
snort -vd
  
    ./snort -vd
+
Jika ingin lebih lengkap lagi dengan penjelasan, dan header data link layer, gunakan perintah,
  
This instructs Snort to display the packet data as well as the headers. If you want an even more descriptive display, showing the data link layer headers, do this:
+
snort -vde
 
 
    ./snort -vde
 
 
 
As an aside, notice that the command line switches can be listed separately or in a combined form. The last command could also be typed out as:
 
 
 
    ./snort -d -v -e
 
 
 
to produce the same result.
 
  
 +
atau
  
 +
snort -d -v -e
  
 
==Referensi==
 
==Referensi==
  
 
* http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node4.html
 
* http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node4.html

Revision as of 02:43, 16 March 2017

Sumber: http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node4.html


Perintah yang penting

snort -v
snort -vd
snort -vde

Jika kita ingin melihat TCP/IP header di layar (sniffer mode), jalankan perintah

snort -v

Jika kita juga ingin melihat data aplikasi / payload yang di bawa oleh paket, gunakan perintah

snort -vd

Jika ingin lebih lengkap lagi dengan penjelasan, dan header data link layer, gunakan perintah,

snort -vde

atau

snort -d -v -e

Referensi