nDPI, oo lacag la'aan ah kormeerka baakadka qoto dheer

Darkcrizt

Daqiiqado 4

ka horumarinta mashruuca ntop (kuwaas oo sameeya qalab lagu qabsado laguna falanqeeyo taraafikada) la ogeysiiyey dhawaan la sii daayay nooca cusub ee nDPI, kaas oo ah dulucda dayactirka joogtada ah ee maktabadda caanka ah ee OpenDP.

nDPI Waxaa lagu gartaa in loo isticmaalo ntop iyo nProbe labadaba si loogu daro ogaanshaha borotokoollada lakabka arjiga, iyadoon loo eegin dekadda la isticmaalayo. Tani waxay ka dhigan tahay inay suurtogal tahay in la ogaado borotokoollada la yaqaan ee dekadaha aan caadiga ahayn.

Mashruuca wuxuu kuu oggolaanayaa inaad go'aamiso borotokoollada heerka dalabka ee loo adeegsado taraafikada adoo falanqeynaya dabeecadda waxqabadka shabakadda adigoon ku xirneyn dekadaha shabakadda (waxaad go'aamin kartaa borotokoollada la yaqaan oo darawaladooda ay aqbalaan isku xirnaanta dekadaha shabakadda ee aan caadiga ahayn, tusaale ahaan haddii http aan laga soo dirin dekadda 80, ama, taa beddelkeeda, markay isku dayaan inay qariyaan kuwa kale hawlaha shabakadda sida http oo ku shaqaynaya dekedda 80).

Kala duwanaanshaha OpenDPI ayaa hoos loo dhigay si loo taageero borotokoollada dheeraadka ah, u -qaadista mashiinka Windows -ka, hagaajinta waxqabadka, la -qabsiga si loogu adeegsado codsiyada si loola socdo taraafikada waqtiga dhabta ah (qaar ka mid ah astaamaha gaarka ah ee hoos u dhigay mashiinka ayaa la saaray), dhis awoodaha qaabka moodeelka kernel Linux iyo taageerada qeexidda sub -Borotokoollada.

Guud ahaan, Qeexitaanka dalabka iyo borotokoolka 247 waa la taageeray, kuwaas oo kuwan soo socda ay ka soo jeedaan: FTP_CONTROL, POP3, SMTP, IMAP, DNS, HTTP, NetBIOS, NFS, SNMP, XDMCP, Syslog, DHCP, PostgreSQL, MySQL, Hotmail, Direct_Download_Link, POPS, VMware, SMTPS, FacebookZero, UBNTAC2, Open eTT, Gnut , Signal, Xbox, ShoutCast, IRC, Ayiya, Unencrypted_Jabber, Yahoo, Telnet, VNC, Dropbox, GMail, YouTube, TeamViewer, UPnP, Spotify, OpenVPN, CiscoVPN, Deezer, Instagram, Microsoft, Google Drive, Cloudflare, MS_OneDrive, OpenDNS, Git, Pastebin, LinkedIn, SoundCloud, Amazon Video, Google Docs, Faylasha WhatsApp, Targus Dataspeed, Zabbix, WebSocket, iyo kuwo kale.

Astaamaha ugu waaweyn ee nDPI 4.0

Marka laga hadlayo waxyaabaha cusub ee lagu soo bandhigay noocgan cusub 4.0, waxaa la xoojiyay xagga xawaaraha iyadoo la hagaajiyay 2.5 marka loo eego taxanaha 3.x.

Dhinaca isbeddelada, waxaan ka heli karnaa in la hirgaliyay taageero loogu talagalay hagaajinta habka aqoonsiga macmiilka JA3 + TLS, taas oo u oggolaanaysa, iyada oo ku saleysan sifooyinka gorgortanka xiriirinta iyo cabbirrada la cayimay, si loo go'aamiyo software -ka loo isticmaalo in lagu dhiso xiriir (tusaale ahaan, waxay oggolaanaysaa in la go'aamiyo adeegsiga Tor iyo codsiyada kale ee caadiga ah).

Intaa waxaa dheer tirada ogaanshaha hanjabaadaha shabakadda iyo dhibaatooyinka la xiriira halista tanaasulka ayaa la ballaariyay (halista qulqulka) ilaa 33, oo lagu daray desktop -ka cusub iyo tilmaamayaasha hanjabaadda la wadaaga faylka ayaa lagu daray, taraafikada HTTP ee laga shakisan yahay, JA3 xaasidnimo leh iyo SHA1, marin u helidda aagagga dhibaatada leh iyo nidaamyada madaxbannaan, adeegsiga shahaadooyinka TLS oo leh ballaarinta shakiga leh ama taariikhaha dhicitaanka oo aad u dheer.

Waxaan sidoo kale ka heli karnaa taas taageero dheeraad ah oo loogu talagalay hab -maamuuska iyo adeegyada ayaa lagu daray, kuwaas oo aan hadda ka heli karno: Dhexdooda, AVAST SecureDNS, CPHA (Protocol -ka Helitaanka Sare ee CheckPoint), DisneyPlus, DTLS, Saamaynta Genshin, Maaraynta Kooxda Macmiilka ee HP (hpvirtgrp), Mongodb, Pinterest, Reddit, Snapchat VoIP, Tumblr, Wakiil Weyn ( Alexa, Siri), Z39.50.

Halka loogu talagalay adeegyada baarista iyo baarista oo la hagaajiyay noocaan cusub ayaa lagu sheegay: AnyDesk, DNS, Hulu, DCE / RPC, dnscrypt, Facebook, Fortigate, FTP Control, HTTP, IEC104, IEC60870, IRC, Netbios, Netflix, Ookla speedtest, openspeedtest.com, Outlook / MicrosoftMail, QUIC , Borotokoollada RTSP, RTSP ka sarreeya HTTP, SNMP, Skype, SSH, Steam, STUN, TeamViewer, TOR, TLS, UPnP, waardiye.

Isbadalada kale ee taagan ee nooca cusub:

  • Taageero la hagaajiyay oo loogu talagalay hababka falanqaynta taraafikada ee qarsoon (ETA).
  • Si ka duwan qaabkii hore loo taageeri jiray JA3, JA3 + waxay leedahay waxyaalo been abuur ah oo yar.
  • Kor -u -qaadis wax -ku -ool ah ayaa la fuliyay, marka la barbar dhigo laanta 3.0, xawaaraha socodsiinta taraafikada ayaa la kordhiyay 2.5 jeer.
  • Taageerada GeoIP ayaa lagu daray si loo go'aamiyo goobta cinwaanka IP -ga.
  • Waxaa lagu daray API si loo xisaabiyo RSI (Tusaha Xoogga Qaraabada).
  • Xakamaynta kala -goynta ayaa la hirgeliyay.
  • API lagu daray si loo xisaabiyo isu -socodka socodka (jitter).

Finalmente hadaad xiisaynayso inaad waxbadan ka ogaato, waad hubin kartaa faahfaahinta Xiriirka soo socda.


Ka tag faalladaada

cinwaanka email aan la daabacin doonaa. Beeraha loo baahan yahay waxaa lagu calaamadeeyay la *

*

*

  1. Ka mas'uul ah xogta: AB Internet Networks 2008 SL
  2. Ujeedada xogta: Xakamaynta SPAM, maaraynta faallooyinka.
  3. Sharci: Oggolaanshahaaga
  4. Isgaarsiinta xogta: Xogta looma gudbin doono dhinacyada saddexaad marka laga reebo waajibaadka sharciga ah.
  5. Kaydinta xogta: Macluumaadka ay martigelisay Shabakadaha Occentus (EU)
  6. Xuquuqda: Waqti kasta oo aad xadidi karto, soo ceshan karto oo tirtiri karto macluumaadkaaga.