copyright 2004 sheng bai1 commview report for 60-592 by sheng bai
TRANSCRIPT
Copyright 2004 Sheng Bai 1
CommViewCommView
Report for 60-592
By
Sheng Bai
Copyright 2004 Sheng Bai 2
Content
Introduction Example Alarm Packet Generator Summary Reference
Copyright 2004 Sheng Bai 3
Introduction
CommView is a program for monitoring Internet and Local Area Network (LAN) activity capable of capturing and analyzing network packets.
CommView is developed by Tamo Soft Inc. It is a commercial packet capture software.
you can download the 30-days free evaluation version from www.tamos.com/products/commview/
It can run any windows95/98/Me/NT/2000/XP/2003 systems.
Copyright 2004 Sheng Bai 4
Main Menus
IP Statistics Packets Logging Rules Alarms
Copyright 2004 Sheng Bai 5
IPStatistics
Copyright 2004 Sheng Bai 6
Packets
Copyright 2004 Sheng Bai 7
Rules
Copyright 2004 Sheng Bai 8
Sample ExperimentSample Experiment
CPU: Intel PentiumIII 1000HZ
Memory: 256MB
OS: Windows2000 Porfessional
IP: 24.57.41.2(cogeco cable)
Copyright 2004 Sheng Bai 9
Setting Rules
Copyright 2004 Sheng Bai 10
Using Web Mail
Copyright 2004 Sheng Bai 11
Result
Copyright 2004 Sheng Bai 12
Advanced ExperimentAdvanced Experiment
Copyright 2004 Sheng Bai 13
Advanced Rules
Copyright 2004 Sheng Bai 14
Advanced Result
Copyright 2004 Sheng Bai 15
AlarmsAlarms
Copyright 2004 Sheng Bai 16
Setting Alarms
Copyright 2004 Sheng Bai 17
Setting Alarms Cont.
Copyright 2004 Sheng Bai 18
Alarm Result
Copyright 2004 Sheng Bai 19
Packet Generator Packet Generator
Copyright 2004 Sheng Bai 20
Generating A Packet
Copyright 2004 Sheng Bai 21
Result
Copyright 2004 Sheng Bai 22
Summary
Friendly Interface, Easy to manipulate Supports of a lot of popular protocols Have some special and useful tools Should use strong cryptography.
Copyright 2004 Sheng Bai 23
Reference
Loris Degioanni, Development of an Architecture for Packet Capture and Network Traffic Analysis, Graduation Thesis, Politecnico Di Torino (Turin, Italy, Mar. 2000)
Horizon, Defeating Sniffers and Intrusion Detection Systems
http://unixgeeks.org/security/newbie//security/sniffer/ http://www.tamos.com/products/commview/ http://winpcap.polito.it/
Copyright 2004 Sheng Bai 24
Questions?Questions?