我们如何通过snort工具从有效负载中分离和读取数据包头? 我只需要标题信息而不是所有数据包,我该怎么做?
答案 0 :(得分:0)
仅显示IP和TCP,UDP或ICMP标头
./snort -vd
数据包标头以及有效负载
.candidates_header_btns {
padding: 0px;
}
.candidates_header_btns>li {
display: inline-block;
margin-right: 4px;
margin-bottom: 20px;
cursor: pointer;
position: relative;
}
.add_candidates {
background: #124c56;
padding: 6px 18px;
text-align: center;
color: #fff;
}
.add_candidates:hover,
.add_candidates:focus {
color: #e4e4e4;
}
.date_button {
background: #8b8c8b;
color: #fff;
padding: 6px 15px;
}
.date_button:hover,
.date_button:focus {
color: #e4e4e4;
}
.add_candidates_dropdown {
background: #18505a;
padding: 5px 15px 15px 15px;
display: none;
position: absolute;
top: 40px;
z-index: 99;
}
.add_candidates_dropdown>li {
display: block;
margin-top: 10px;
}
.add_candidates_dropdown>li>a::after {
content: "";
position: absolute;
top: -8px;
left: 15px;
border-width: 0px 8px 8px 8px;
border-style: solid;
border-color: #124c56 transparent;
display: block;
width: 0;
}
.date_dropdown {
padding: 0;
}
.date_dropdown>li {
text-align: right;
border-bottom: 1px solid #fff;
min-width: 130px;
padding-bottom: 5px;
padding-right: 15px;
padding-left: 15px;
}
.date_dropdown>li>a {
color: #fff;
}
.date_dropdown>li:last-child {
border-bottom: none;
}
.date_dropdown>li>a:hover,
.date_dropdown>li>a:focus {
color: #eb3c29;
}