作者在 2006-09-01 07:24:00 发布以下内容
以下是我用軟件攔下的局域網終結者的記錄﹐看來這個軟件只是根據你在攻擊軟件里面輸入的IP列表的IP及MAC地址﹐然后產生一個假的MAC地址去﹐使正在使用的網絡發生異常﹐我也試著解決這個問題﹐但目前除了靜態ARP之外﹐沒有其他更好的辦法了﹐這是采用TCP/IP協議的必然了。
但是作為網管﹐完全可以追蹤到搞破壞的人的電腦呀﹐然后把此人打成馬蜂窩﹐并送公安局﹐這種只會利用別人現在工具搞破壞的人最可誤了﹗有能力自己寫吧﹗
下面作參考﹐但不要攻擊我呀﹐如果有錯誤﹐請大家指正﹐謝謝了﹗
1581 89.348477 LOCAL REALTEEE1819 SMB R tree disconnect FANLI 7733797.00E04CEE1819 IPX/XNS
Frame: Base frame properties
Frame: Time of capture = 2002/10/23 13:48:21.616
Frame: Time delta from previous physical frame: 0 microseconds
Frame: Frame number: 1581
Frame: Total frame length: 100 bytes
Frame: Capture frame length: 100 bytes
Frame: Frame data: Number of data bytes remaining = 100 (0x0064)
ETHERNET: 802.3 Length = 100
ETHERNET: Destination address : 00E04CEE1819
ETHERNET: .......0 = Individual address
ETHERNET: ......0. = Universally administered address
ETHERNET: Source address : 00E04CF8B16B
ETHERNET: .......0 = No routing information present
ETHERNET: ......0. = Universally administered address
ETHERNET: Frame Length : 100 (0x0064)
ETHERNET: Data Length : 0x0056 (86)
ETHERNET: Ethernet Data: Number of data bytes remaining = 86 (0x0056)
LLC: UI DSAP=0xE0 SSAP=0xE0 C
LLC: DSAP = 0xE0 : INDIVIDUAL : Novell IPX/SPX
LLC: SSAP = 0xE0: COMMAND : Novell IPX/SPX
LLC: Frame Category: Unnumbered Frame
LLC: Command = UI
LLC: LLC Data: Number of data bytes remaining = 83 (0x0053)
IPX: NetBIOS Packet - 7733797.00E04CF8B16B.455 -> 7733797.00E04CEE1819.455 - 0 Hops
IPX: Checksum = 65535 (0xFFFF)
IPX: IDP Length = 83 (0x53)
IPX: Transport control = 0 (0x0)
IPX: Packet type = IPX
IPX: Destination Address Summary 7733797.00E04CEE1819.455
IPX: Destination IPX Address = 07733797.00E04CEE1819
IPX: Destination Net Number = 124991383 (0x7733797)
IPX: Destination Socket Number = NetBIOS
IPX: Source Address Summary 7733797.00E04CF8B16B.455
IPX: Source IPX Address = 07733797.00E04CF8B16B
IPX: Source Net Number = 124991383 (0x7733797)
IPX: Source Socket Number = NetBIOS
IPX: Data: Number of data bytes remaining = 53 (0x0035)
NBIPX: Session Data
NBIPX: Connection control flag
NBIPX: 0....... = Non system packet
NBIPX: .0...... = No send acknowledge
NBIPX: ..0..... = No Attention
NBIPX: ...1.... = End Of Message
NBIPX: ....0... = No resend
NBIPX: Data stream type = Session Data
NBIPX: Source connection ID = 10227 (0x27F3)
NBIPX: Destination connection ID = 3 (0x3)
NBIPX: Send sequence number = 119 (0x77)
NBIPX: Total data length = 35 (0x23)
NBIPX: Offset = 0 (0x0)
NBIPX: Data length = 35 (0x23)
NBIPX: Receive Sequence number = 122 (0x7A)
NBIPX: Bytes received = 127 (0x7F)
NBIPX: Data: Number of data bytes remaining = 35 (0x0023)
SMB: R tree disconnect
SMB: NT status code = 0x0, Facility = System, Severity = Success, Code = (0) STATUS_WAIT_0
SMB: NT Status Severity Code = Success
SMB: NT Status Customer Code = 0 (0x0)
SMB: NT Status Reserved Bit = 0 (0x0)
SMB: NT Status Facility = System
SMB: NT Status Code System Success = STATUS_WAIT_0
SMB: Header: PID = 0xFEFF TID = 0x0803 MID = 0x5E84 UID = 0x6801
SMB: Tree ID (TID) = 2051 (0x803)
SMB: Process ID (PID) = 65279 (0xFEFF)
SMB: User ID (UID) = 26625 (0x6801)
SMB: Multiplex ID (MID) = 24196 (0x5E84)
SMB: Flags Summary = 152 (0x98)
SMB: .......0 = Lock & Read and Write & Unlock not supported
SMB: ......0. = Send No Ack not supported
SMB: ....1... = Using caseless pathnames
SMB: ...1.... = Canonicalized pathnames
SMB: ..0..... = No Opportunistic lock
SMB: .0...... = No Change Notify
SMB: 1....... = Server response
SMB: flags2 Summary = 51207 (0xC807)
SMB: ...............1 = Understands long filenames
SMB: ......
但是作為網管﹐完全可以追蹤到搞破壞的人的電腦呀﹐然后把此人打成馬蜂窩﹐并送公安局﹐這種只會利用別人現在工具搞破壞的人最可誤了﹗有能力自己寫吧﹗
下面作參考﹐但不要攻擊我呀﹐如果有錯誤﹐請大家指正﹐謝謝了﹗
1581 89.348477 LOCAL REALTEEE1819 SMB R tree disconnect FANLI 7733797.00E04CEE1819 IPX/XNS
Frame: Base frame properties
Frame: Time of capture = 2002/10/23 13:48:21.616
Frame: Time delta from previous physical frame: 0 microseconds
Frame: Frame number: 1581
Frame: Total frame length: 100 bytes
Frame: Capture frame length: 100 bytes
Frame: Frame data: Number of data bytes remaining = 100 (0x0064)
ETHERNET: 802.3 Length = 100
ETHERNET: Destination address : 00E04CEE1819
ETHERNET: .......0 = Individual address
ETHERNET: ......0. = Universally administered address
ETHERNET: Source address : 00E04CF8B16B
ETHERNET: .......0 = No routing information present
ETHERNET: ......0. = Universally administered address
ETHERNET: Frame Length : 100 (0x0064)
ETHERNET: Data Length : 0x0056 (86)
ETHERNET: Ethernet Data: Number of data bytes remaining = 86 (0x0056)
LLC: UI DSAP=0xE0 SSAP=0xE0 C
LLC: DSAP = 0xE0 : INDIVIDUAL : Novell IPX/SPX
LLC: SSAP = 0xE0: COMMAND : Novell IPX/SPX
LLC: Frame Category: Unnumbered Frame
LLC: Command = UI
LLC: LLC Data: Number of data bytes remaining = 83 (0x0053)
IPX: NetBIOS Packet - 7733797.00E04CF8B16B.455 -> 7733797.00E04CEE1819.455 - 0 Hops
IPX: Checksum = 65535 (0xFFFF)
IPX: IDP Length = 83 (0x53)
IPX: Transport control = 0 (0x0)
IPX: Packet type = IPX
IPX: Destination Address Summary 7733797.00E04CEE1819.455
IPX: Destination IPX Address = 07733797.00E04CEE1819
IPX: Destination Net Number = 124991383 (0x7733797)
IPX: Destination Socket Number = NetBIOS
IPX: Source Address Summary 7733797.00E04CF8B16B.455
IPX: Source IPX Address = 07733797.00E04CF8B16B
IPX: Source Net Number = 124991383 (0x7733797)
IPX: Source Socket Number = NetBIOS
IPX: Data: Number of data bytes remaining = 53 (0x0035)
NBIPX: Session Data
NBIPX: Connection control flag
NBIPX: 0....... = Non system packet
NBIPX: .0...... = No send acknowledge
NBIPX: ..0..... = No Attention
NBIPX: ...1.... = End Of Message
NBIPX: ....0... = No resend
NBIPX: Data stream type = Session Data
NBIPX: Source connection ID = 10227 (0x27F3)
NBIPX: Destination connection ID = 3 (0x3)
NBIPX: Send sequence number = 119 (0x77)
NBIPX: Total data length = 35 (0x23)
NBIPX: Offset = 0 (0x0)
NBIPX: Data length = 35 (0x23)
NBIPX: Receive Sequence number = 122 (0x7A)
NBIPX: Bytes received = 127 (0x7F)
NBIPX: Data: Number of data bytes remaining = 35 (0x0023)
SMB: R tree disconnect
SMB: NT status code = 0x0, Facility = System, Severity = Success, Code = (0) STATUS_WAIT_0
SMB: NT Status Severity Code = Success
SMB: NT Status Customer Code = 0 (0x0)
SMB: NT Status Reserved Bit = 0 (0x0)
SMB: NT Status Facility = System
SMB: NT Status Code System Success = STATUS_WAIT_0
SMB: Header: PID = 0xFEFF TID = 0x0803 MID = 0x5E84 UID = 0x6801
SMB: Tree ID (TID) = 2051 (0x803)
SMB: Process ID (PID) = 65279 (0xFEFF)
SMB: User ID (UID) = 26625 (0x6801)
SMB: Multiplex ID (MID) = 24196 (0x5E84)
SMB: Flags Summary = 152 (0x98)
SMB: .......0 = Lock & Read and Write & Unlock not supported
SMB: ......0. = Send No Ack not supported
SMB: ....1... = Using caseless pathnames
SMB: ...1.... = Canonicalized pathnames
SMB: ..0..... = No Opportunistic lock
SMB: .0...... = No Change Notify
SMB: 1....... = Server response
SMB: flags2 Summary = 51207 (0xC807)
SMB: ...............1 = Understands long filenames
SMB: ......
