{"id":518,"date":"2016-06-30T12:01:42","date_gmt":"2016-06-30T09:01:42","guid":{"rendered":"http:\/\/www.bilisimonline.net\/?p=518"},"modified":"2017-04-17T23:30:00","modified_gmt":"2017-04-17T20:30:00","slug":"oracle-solaris-snoop","status":"publish","type":"post","link":"http:\/\/www.bilisimonline.net\/index.php\/2016\/06\/30\/oracle-solaris-snoop\/","title":{"rendered":"Oracle Solaris Snoop"},"content":{"rendered":"

Snoop komutu, a\u011f trafi\u011findeki ar\u0131zalar\u0131 (paket kay\u0131plar\u0131,y\u00fcksek a\u011f gecikmesi vb.) bulma y\u00f6ntemlerinde \u00e7ok faydal\u0131d\u0131r. Snoop, ger\u00e7ek zamanl\u0131 a\u011f trafi\u011fini g\u00f6rmek i\u00e7in kullan\u0131labildi\u011fi gibi daha sonra incelemek i\u00e7in bir dosyaya kay\u0131t da yapabilir.<\/span><\/span><\/p>\n

E\u011fer sisteminiz shared-ip zone ise snoop komutunu global zone daki fiziksel a\u011f kart\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131n.<\/span><\/span><\/p>\n

E\u011fer sisteminiz exclusive-ip zone ise snoop’u non-global zone’da \u00e7al\u0131\u015ft\u0131r\u0131n.<\/span><\/span><\/p>\n

E\u011fer link aggregat\u0131on kullan\u0131yorsan\u0131z, snoop’u link aggregation kart\u0131nda **nam-\u0131 di\u011fer “aggr1″** kullan\u0131n.<\/span><\/span><\/p>\n

E\u011fer vlan kullan\u0131yorsan\u0131z, vlan aray\u00fcz\u00fcnde \u00e7al\u0131\u015ft\u0131r\u0131n.<\/span><\/span><\/p>\n

Snoop yap\u0131lacak kaynak makinenin aray\u00fcz\u00fcn\u00fc bulmak i\u00e7in hedef ip’sine traceroute \u00e7al\u0131\u015ft\u0131r\u0131n.<\/span><\/span><\/p>\n

SNOOP KULLANIMI<\/span><\/span><\/strong><\/p>\n

#usr\/sbin\/snoop -qr -d [device] -o [filename] -s 300<\/pre>\n
-q :paket say\u0131s\u0131n\u0131 g\u00f6sterme<\/span><\/span><\/p>\n
-r : IP’yi hostname’e \u00e7evirme<\/span><\/span><\/p>\n
-d device :snoop kullan\u0131lan a\u011f kart\u0131<\/span><\/span><\/p>\n
-o filename: yakalanan paketleri dosyaya kaydet<\/span><\/span><\/p>\n
-s num: her paketi verilen num byte’\u0131ndan sonra k\u0131rp.<\/span><\/span><\/p>\n
\u00d6RNEK A:<\/span><\/span><\/strong><\/p>\n
ce0 kart\u0131ndaki paketleri yakalama ve ce0_snoop dosyas\u0131na kaydetme:<\/span><\/span><\/p>\n
# \/usr\/sbin\/snoop -qr -d ce0 -o ce0_snoop.out -s 300<\/pre>\n
\u00d6RNEK B:<\/span><\/span><\/strong><\/p>\n
Dosyan\u0131n olu\u015fturuldu\u011funu teyit etme:<\/span><\/span><\/p>\n
# file snoop.out\r\nsnoop.out: Snoop capture file - version 2<\/pre>\n
\u00d6RNEK C:<\/span><\/span><\/strong><\/p>\n
Daha \u00f6nce olu\u015fturulan dosyadan okuma:<\/span><\/span><\/p>\n
# snoop -i [filename]<\/pre>\n
\u00d6RNEK D:<\/span><\/span><\/strong><\/p>\n
Sadece istenen porttan a\u011f trafi\u011fini g\u00f6zetleme:<\/span><\/span><\/p>\n
mesela 8080<\/span><\/span><\/p>\n
# \/usr\/sbin\/snoop -qr -d ce0 -o ce0_snoop.out -s 300 port 8080<\/pre>\n
\u00d6RNEK E:<\/span><\/span><\/strong><\/p>\n
belirlenen IP de snoop yapma:<\/span><\/span><\/p>\n
# \/usr\/sbin\/snoop -qr -d ce0 -o ce0_snoop.out -s 300 192.168.1.1<\/pre>\n
IP adresleri aras\u0131nda virg\u00fcl(,) kullanarak \u00e7oklu IP yaz\u0131labilir.<\/span><\/span><\/p>\n
\u00d6RNEK F:<\/span><\/span><\/strong><\/p>\n
\u0130ki IP aras\u0131nda snoop yapma:<\/span><\/span><\/p>\n
# snoop -i [filename] [IP-address1] [IP-address2]<\/pre>\n
\u00d6RNEK G:<\/span><\/span><\/strong><\/p>\n
\u00d6zel protokol i\u00e7in snoop yapma:<\/span><\/span><\/p>\n
# \/usr\/sbin\/snoop -qr -d ce0 -o ce0_snoop.out icmp,arp<\/pre>\n
\u00d6RNEK H:<\/span><\/span><\/strong><\/p>\n
Snoop un ne zaman al\u0131nd\u0131\u011f\u0131n\u0131 kontrol edin:<\/span><\/span><\/p>\n
9 ve 13 paketler aras\u0131n\u0131 kontrol eder.<\/span><\/span><\/p>\n
# snoop -i snoop.out -ta -p9,13\r\nLoading name file snoop.out.names\r\n9 18:10:54.71861 webcache -> mizue HTTP (proxy) R port=41579\r\n10 18:10:55.03142 webcache -> mizue HTTP HTTP\/1.1 200 OK\r\n11 18:10:55.03168 mizue -> webcache HTTP (proxy) C port=41579\r\n12 18:10:56.37426 webcache -> mizue HTTP (body)\r\n13 18:10:56.47427 mizue -> webcache HTTP (proxy) C port=41579<\/pre>\n
\u00d6RNEK I:<\/span><\/span><\/strong><\/p>\n
Ftp data transferi i\u00e7in ge\u00e7en toplam zaman\u0131 kontrol edin.<\/span><\/span><\/p>\n
# snoop -i ftp.snoop -tr port 20 | tail -1\r\n1393 2.47569 129.158.x.x -> 129.158.x.x FTP-DATA C port=32841<\/pre>\n
==> 2.47569 sec<\/span><\/span><\/p>\n
\u00d6RNEK \u0130:<\/span><\/span><\/strong><\/p>\n
Paketlerin i\u00e7eri\u011fini g\u00f6r\u00fcn:<\/span><\/span><\/p>\n
# snoop -i snoop.out -p4 -x0<\/pre>\n
\u00d6RNEK J:<\/span><\/span><\/strong><\/p>\n
Jumpstart’ta sorun \u00e7\u00f6z\u00fcn:<\/span><\/span><\/p>\n
MAC adres kullan\u0131l\u0131r.<\/span><\/span><\/p>\n
# snoop -i [filename] xx:xx:xx:xx:xx:xx<\/pre>\n
\u00d6RNEK K:<\/span><\/span><\/strong><\/p>\n
Snoop un kay\u0131p paketlerini inceleyin:<\/span><\/span><\/p>\n
Genelde Gigabit a\u011fda sorun olu\u015fur.<\/span><\/span><\/p>\n
# snoop -i snoop.out -D | grep TCP<\/pre>\n
\u00d6RNEK L:<\/span><\/span><\/strong><\/p>\n
\u00d6zel paketleri snoop dosyas\u0131ndan ba\u015fka bir snoop dosyas\u0131na aktar\u0131n:<\/span><\/span><\/p>\n
# snoop -i snoop.out -o snoop.telnet.out port 23<\/pre>\n
\u00d6RNEK M:<\/span><\/span><\/strong><\/p>\n
Protokol bilgilerini g\u00f6r\u00fcn:<\/span><\/span><\/p>\n
# snoop -i nfs.snoop -p23 -V<\/pre>\n
-v de ayn\u0131 i\u015fi g\u00f6r\u00fcr.<\/span><\/span><\/p>\n
# snoop -i nfs.snoop -p23 -v\/<\/pre>\n
\u00d6RNEK N:<\/span><\/span><\/strong><\/p>\n
\u00d6zel ping paketini inceleyin:<\/span><\/span><\/p>\n
ID numaras\u0131 ile filtreleme yapabilirsiniz.<\/span><\/span><\/p>\n
# snoop -i snoop.out \"icmp[4:2] = 16005\"<\/pre>\n","protected":false},"excerpt":{"rendered":"
Snoop komutu, a\u011f trafi\u011findeki ar\u0131zalar\u0131 (paket kay\u0131plar\u0131,y\u00fcksek a\u011f gecikmesi vb.) bulma y\u00f6ntemlerinde \u00e7ok faydal\u0131d\u0131r. Snoop, ger\u00e7ek zamanl\u0131 a\u011f trafi\u011fini g\u00f6rmek i\u00e7in kullan\u0131labildi\u011fi gibi daha sonra incelemek i\u00e7in bir dosyaya kay\u0131t da yapabilir. E\u011fer sisteminiz shared-ip zone ise snoop komutunu global zone daki fiziksel a\u011f kart\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131n. E\u011fer sisteminiz exclusive-ip zone ise snoop’u non-global zone’da \u00e7al\u0131\u015ft\u0131r\u0131n. …<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[30,106,8,10],"tags":[296,233,39,297,295,459,458,457,38],"class_list":["post-518","post","type-post","status-publish","format-standard","hentry","category-ag","category-ag-yazilimlari","category-os","category-unix","tag-ag-trafigi-izleme","tag-oracle","tag-oracle-solaris","tag-oracle-solaris-11","tag-snoop","tag-snoop-commands","tag-snoop-komutlari","tag-snoop-kullanimi","tag-solaris10"],"jetpack_publicize_connections":[],"aioseo_notices":[],"views":2040,"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7k56R-8m","jetpack-related-posts":[],"_links":{"self":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts\/518"}],"collection":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/comments?post=518"}],"version-history":[{"count":16,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts\/518\/revisions"}],"predecessor-version":[{"id":878,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/posts\/518\/revisions\/878"}],"wp:attachment":[{"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/media?parent=518"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/categories?post=518"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.bilisimonline.net\/index.php\/wp-json\/wp\/v2\/tags?post=518"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}