{"id":105,"date":"2025-11-30T12:18:00","date_gmt":"2025-11-30T04:18:00","guid":{"rendered":"https:\/\/danchengjie.cn\/?p=105"},"modified":"2026-04-06T13:05:12","modified_gmt":"2026-04-06T05:05:12","slug":"wireshark-%e5%8f%af%e6%8d%95%e8%8e%b7%e5%8d%8f%e8%ae%ae%e5%85%a8%e6%80%bb%e7%bb%93%ef%bc%88%e6%8c%89%e7%bd%91%e7%bb%9c%e5%88%86%e5%b1%82-%e6%a0%b8%e5%bf%83%e5%8c%ba%e5%88%ab%ef%bc%89","status":"publish","type":"post","link":"https:\/\/danchengjie.cn\/index.php\/2025\/11\/30\/wireshark-%e5%8f%af%e6%8d%95%e8%8e%b7%e5%8d%8f%e8%ae%ae%e5%85%a8%e6%80%bb%e7%bb%93%ef%bc%88%e6%8c%89%e7%bd%91%e7%bb%9c%e5%88%86%e5%b1%82-%e6%a0%b8%e5%bf%83%e5%8c%ba%e5%88%ab%ef%bc%89\/","title":{"rendered":"Wireshark \u534f\u8bae\u5168\u666f\u901f\u67e5\u624b\u518c"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u9002\u7528\u573a\u666f\uff1a\u65e5\u5e38\u7f51\u7edc\u6392\u969c \/ \u62a4\u7f51\u884c\u52a8\u6d41\u91cf\u5206\u6790 \/ \u6e17\u900f\u6d4b\u8bd5\u8f85\u52a9 \/ \u5b89\u5168\u5ba1\u8ba1<br>\u5de5\u5177\u7248\u672c\uff1aWireshark 4.x\uff08\u6240\u6709\u4e0b\u5217\u534f\u8bae\u5747\u539f\u751f\u652f\u6301\u89e3\u6790\uff09<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u4e00\u3001\u6570\u636e\u94fe\u8def\u5c42\uff08\u4e8c\u5c42\uff09<\/h2>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u5c40\u57df\u7f51\u5185\u8bbe\u5907\u95f4\u7684\u5e27\u4f20\u8f93\u4e0e\u7269\u7406\u5bfb\u5740\uff0c\u662f\u6240\u6709\u4e0a\u5c42\u534f\u8bae\u7684\u5e95\u5c42\u8f7d\u4f53\u3002<\/p>\n<\/blockquote>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u534f\u8bae<\/th><th>\u6838\u5fc3\u7279\u70b9<\/th><th>\u5178\u578b\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>Ethernet<\/strong><\/td><td>\u6700\u4e3b\u6d41\u6709\u7ebf\u5c40\u57df\u7f51\u534f\u8bae\uff0c\u57fa\u4e8e MAC \u5730\u5740\u5bfb\u5740\uff0c\u652f\u6301\u5355\u64ad \/ \u7ec4\u64ad \/ \u5e7f\u64ad\uff0c\u517c\u5bb9\u6027\u6781\u5f3a<\/td><td>\u5bb6\u5ead \/ \u4f01\u4e1a\u6709\u7ebf\u7f51\u7edc\u5e95\u5c42\u4f20\u8f93<\/td><\/tr><tr><td><strong>ARP \/ RARP<\/strong><\/td><td>\u5b9e\u73b0 IP \u4e0e MAC \u5730\u5740\u7684\u4e92\u76f8\u6620\u5c04\uff0c\u660e\u6587\u5e7f\u64ad\u4f20\u8f93\uff0c<strong>\u65e0\u8ba4\u8bc1\u673a\u5236<\/strong><\/td><td>\u5c40\u57df\u7f51\u8bbe\u5907\u901a\u4fe1\u3001\u6392\u67e5 IP \u51b2\u7a81\u3001\u68c0\u6d4b ARP \u6b3a\u9a97\u653b\u51fb<\/td><\/tr><tr><td><strong>802.11 (WiFi)<\/strong><\/td><td>\u65e0\u7ebf\u5c40\u57df\u7f51\u6807\u51c6\uff0c\u5305\u542b\u7ba1\u7406 \/ \u63a7\u5236 \/ \u6570\u636e\u4e09\u7c7b\u5e27\uff0c\u652f\u6301 WPA2 \/ WPA3 \u52a0\u5bc6<\/td><td>WiFi \u7f51\u7edc\u6293\u5305\u3001\u6392\u67e5\u65e0\u7ebf\u6389\u7ebf \/ \u4fe1\u53f7\u5e72\u6270<\/td><\/tr><tr><td><strong>PPPoE<\/strong><\/td><td>\u4ee5\u592a\u7f51\u4e0a\u7684\u70b9\u5bf9\u70b9\u534f\u8bae\uff0c\u652f\u6301\u8eab\u4efd\u8ba4\u8bc1\u4e0e\u52a0\u5bc6<\/td><td>\u5bb6\u5ead\u5bbd\u5e26\u62e8\u53f7\u4e0a\u7f51\u3001\u8fd0\u8425\u5546\u4e13\u7ebf\u63a5\u5165<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u26a0\ufe0f <strong>\u62a4\u7f51\u5173\u6ce8\u70b9\uff1a<\/strong> ARP \u65e0\u8ba4\u8bc1\u7684\u7279\u6027\u4f7f\u5176\u6210\u4e3a\u5c40\u57df\u7f51\u5185\u4e2d\u95f4\u4eba\u653b\u51fb\uff08ARP \u6b3a\u9a97\uff09\u7684\u5e38\u89c1\u5165\u53e3\uff0c\u62a4\u7f51\u671f\u95f4\u5e94\u91cd\u70b9\u76d1\u63a7\u5f02\u5e38 ARP \u5e7f\u64ad\u98ce\u66b4\u3002<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u4e8c\u3001\u7f51\u7edc\u5c42\uff08\u4e09\u5c42\uff09<\/h2>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u8d1f\u8d23\u8de8\u7f51\u6bb5\u7684\u5168\u5c40\u5bfb\u5740\u4e0e\u8def\u7531\u8f6c\u53d1\uff0c\u5b9e\u73b0\u7aef\u5230\u7aef\u7684\u8de8\u7f51\u7edc\u901a\u4fe1\u3002<\/p>\n<\/blockquote>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u534f\u8bae<\/th><th>\u6838\u5fc3\u7279\u70b9<\/th><th>\u5178\u578b\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>IPv4 \/ IPv6<\/strong><\/td><td>\u4e92\u8054\u7f51\u6838\u5fc3\u534f\u8bae\uff0c\u57fa\u4e8e IP \u5730\u5740\u5168\u5c40\u5bfb\u5740\uff1bIPv4 \u4e3a 32 \u4f4d\uff08\u5f53\u524d\u4e3b\u6d41\uff09\uff0cIPv6 \u4e3a 128 \u4f4d\uff08\u89e3\u51b3\u5730\u5740\u67af\u7aed\u95ee\u9898\uff09<\/td><td>\u6240\u6709\u4e92\u8054\u7f51\u901a\u4fe1\u7684\u57fa\u7840<\/td><\/tr><tr><td><strong>ICMP \/ ICMPv6<\/strong><\/td><td>\u65e0\u8fde\u63a5\u63a7\u5236\u6d88\u606f\u534f\u8bae\uff0c\u5c01\u88c5\u4e8e IP \u5305\u5185\uff0c\u7528\u4e8e\u5dee\u9519\u62a5\u544a\u4e0e\u7f51\u7edc\u63a2\u6d4b<\/td><td>ping \u8fde\u901a\u6027\u6d4b\u8bd5\u3001traceroute \u8def\u7531\u8ffd\u8e2a\u3001\u6392\u67e5\u4e22\u5305 \/ \u5ef6\u8fdf<\/td><\/tr><tr><td><strong>OSPF \/ BGP<\/strong><\/td><td>\u52a8\u6001\u8def\u7531\u534f\u8bae\uff1aOSPF \u7528\u4e8e\u5185\u7f51\u81ea\u6cbb\u7cfb\u7edf\uff0cBGP \u7528\u4e8e\u5168\u7403\u4e92\u8054\u7f51\u9aa8\u5e72\u7f51<\/td><td>\u4f01\u4e1a \/ \u8fd0\u8425\u5546\u8def\u7531\u914d\u7f6e\uff0c\u6392\u67e5\u8def\u7531\u73af\u8def \/ \u4e0d\u53ef\u8fbe<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u26a0\ufe0f <strong>\u62a4\u7f51\u5173\u6ce8\u70b9\uff1a<\/strong> ICMP \u5e38\u88ab\u7528\u4e8e\u9690\u853d\u4fe1\u9053\uff08ICMP Tunnel\uff09\uff0c\u62a4\u7f51\u671f\u95f4\u9700\u5173\u6ce8\u5f02\u5e38\u5927\u5305\u6216\u9ad8\u9891 ICMP \u6d41\u91cf\uff1bBGP \u52ab\u6301\u53ef\u5bfc\u81f4\u6d41\u91cf\u88ab\u91cd\u5b9a\u5411\u3002<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u4e09\u3001\u4f20\u8f93\u5c42\uff08\u56db\u5c42\uff09<\/h2>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u8d1f\u8d23\u7aef\u5230\u7aef\u7684\u901a\u4fe1\u63a7\u5236\u4e0e\u7aef\u53e3\u5bfb\u5740\uff0c\u533a\u5206\u540c\u4e00\u8bbe\u5907\u4e0a\u7684\u4e0d\u540c\u5e94\u7528\u8fdb\u7a0b\u3002<\/p>\n<\/blockquote>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u534f\u8bae<\/th><th>\u6838\u5fc3\u7279\u70b9<\/th><th>\u5178\u578b\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>TCP<\/strong><\/td><td>\u9762\u5411\u8fde\u63a5\u3001\u53ef\u9760\u4f20\u8f93\uff0c\u4e09\u6b21\u63e1\u624b\u5efa\u7acb\u8fde\u63a5\uff0c\u652f\u6301\u786e\u8ba4\u91cd\u4f20 \/ \u62e5\u585e\u63a7\u5236 \/ \u6d41\u91cf\u63a7\u5236<\/td><td>HTTP\/HTTPS\u3001SSH\u3001\u6570\u636e\u5e93\u901a\u4fe1\u7b49\u9700\u8981\u53ef\u9760\u6027\u7684\u573a\u666f<\/td><\/tr><tr><td><strong>UDP<\/strong><\/td><td>\u65e0\u8fde\u63a5\u3001\u4e0d\u53ef\u9760\u4f20\u8f93\uff0c\u65e0\u63e1\u624b \/ \u91cd\u4f20\u673a\u5236\uff0c\u5ef6\u8fdf\u6781\u4f4e\u3001\u5f00\u9500\u6781\u5c0f<\/td><td>DNS\u3001\u89c6\u9891\u76f4\u64ad\u3001\u6e38\u620f\u3001\u8bed\u97f3\u901a\u8bdd\u3001QUIC \u5e95\u5c42\u4f20\u8f93<\/td><\/tr><tr><td><strong>SCTP<\/strong><\/td><td>\u9762\u5411\u6d88\u606f\u3001\u591a\u6d41\u5e76\u884c\u3001\u591a\u5bbf\u4e3b\u652f\u6301\uff0c\u517c\u987e TCP \u53ef\u9760\u6027\u4e0e UDP \u4f4e\u5ef6\u8fdf<\/td><td>5G \u4fe1\u4ee4\u3001\u91d1\u878d\u4ea4\u6613\u3001\u5de5\u63a7\u7cfb\u7edf\u7b49\u9ad8\u53ef\u7528\u573a\u666f<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u26a0\ufe0f <strong>\u62a4\u7f51\u5173\u6ce8\u70b9\uff1a<\/strong> TCP SYN Flood \u662f\u6700\u5e38\u89c1\u7684 DDoS \u624b\u6bb5\uff1bUDP \u5e38\u88ab\u7528\u4e8e\u6d41\u91cf\u653e\u5927\u653b\u51fb\uff08DNS \/ NTP \u653e\u5927\uff09\uff1b\u5927\u91cf SYN_SENT \u534a\u8fde\u63a5\u72b6\u6001\u9700\u91cd\u70b9\u6392\u67e5\u3002<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u56db\u3001\u5e94\u7528\u5c42\uff08\u4e03\u5c42\uff09<\/h2>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u76f4\u63a5\u627f\u8f7d\u7528\u6237\u4e1a\u52a1\u6570\u636e\uff0c\u662f\u6293\u5305\u5206\u6790\u4e1a\u52a1\u95ee\u9898\u4e0e\u5b89\u5168\u4e8b\u4ef6\u7684\u6838\u5fc3\u5c42\u3002<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">4.1 \u6838\u5fc3 Web \u4e0e\u52a0\u5bc6\u534f\u8bae\uff08\u6293\u5305\u9ad8\u9891\uff09<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u534f\u8bae<\/th><th>\u6838\u5fc3\u7279\u70b9<\/th><th>\u5178\u578b\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>HTTP\/1.1 \/ 2 \/ 3<\/strong><\/td><td>\u8d85\u6587\u672c\u4f20\u8f93\u534f\u8bae\uff1a1.1 \u4e3a\u6587\u672c\u683c\u5f0f\u4e32\u884c\u4f20\u8f93\uff1b2 \u4e3a\u4e8c\u8fdb\u5236\u591a\u8def\u590d\u7528\uff1b3 \u57fa\u4e8e QUIC \u65e0\u961f\u5934\u963b\u585e<\/td><td>\u7f51\u9875\u6d4f\u89c8\u3001APP \/ \u5c0f\u7a0b\u5e8f\u63a5\u53e3\u8c03\u7528<\/td><\/tr><tr><td><strong>TLS 1.2 \/ 1.3<\/strong><\/td><td>\u4f20\u8f93\u5c42\u5b89\u5168\u534f\u8bae\uff0c\u5b9e\u73b0\u6570\u636e\u52a0\u5bc6\u3001\u8eab\u4efd\u8ba4\u8bc1\u3001\u5b8c\u6574\u6027\u6821\u9a8c\uff1bTLS 1.3 \u63e1\u624b\u66f4\u5feb\u3001\u5b89\u5168\u6027\u66f4\u5f3a<\/td><td>HTTPS \u52a0\u5bc6\u3001\u90ae\u4ef6\u3001VPN\u3001\u91d1\u878d\u63a5\u53e3\u7b49\u4e00\u5207\u5b89\u5168\u901a\u4fe1<\/td><\/tr><tr><td><strong>QUIC<\/strong><\/td><td>\u57fa\u4e8e UDP + TLS 1.3\uff0c\u5185\u7f6e 0-RTT \/ 1-RTT \u5feb\u901f\u63e1\u624b\uff0c\u652f\u6301\u8fde\u63a5\u8fc1\u79fb\u3001\u6297\u4e22\u5305<\/td><td>HTTP\/3\u3001\u77ed\u89c6\u9891 \/ \u76f4\u64ad\u3001\u79fb\u52a8\u7aef APP<\/td><\/tr><tr><td><strong>SOCKS5 \/ SOCKS4<\/strong><\/td><td>\u4f20\u8f93\u5c42\u4ee3\u7406\u534f\u8bae\uff1aSOCKS5 \u652f\u6301 TCP\/UDP\u3001\u8ba4\u8bc1\u3001IPv6\uff1bSOCKS4 \u4ec5\u652f\u6301 TCP<\/td><td>\u4ee3\u7406\u7a7f\u900f\u3001\u5185\u7f51\u6a2a\u79fb\u3001\u6e38\u620f\u52a0\u901f<\/td><\/tr><tr><td><strong>HTTPS \u4ee3\u7406<\/strong><\/td><td>\u57fa\u4e8e HTTP <code>CONNECT<\/code> \u65b9\u6cd5\u5efa\u7acb\u96a7\u9053\uff0c\u517c\u5bb9\u6027\u597d\uff0c\u4e3b\u8981\u4ee3\u7406 HTTPS \/ TCP \u6d41\u91cf<\/td><td>\u4f01\u4e1a\u5185\u7f51\u4ee3\u7406\u3001Burp \/ Charles \/ Fiddler \u6293\u5305<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">4.2 \u901a\u7528\u57fa\u7840\u534f\u8bae<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u534f\u8bae<\/th><th>\u6838\u5fc3\u7279\u70b9<\/th><th>\u5178\u578b\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>DNS<\/strong><\/td><td>\u57df\u540d\u89e3\u6790\u534f\u8bae\uff0c\u9ed8\u8ba4 UDP 53 \u7aef\u53e3\uff0c\u5927\u62a5\u6587\u8d70 TCP<\/td><td>\u57df\u540d\u4e0e IP \u4e92\u8f6c\uff0c\u6392\u67e5\u89e3\u6790\u5931\u8d25 \/ DNS \u52ab\u6301<\/td><\/tr><tr><td><strong>DHCP<\/strong><\/td><td>\u52a8\u6001\u4e3b\u673a\u914d\u7f6e\u534f\u8bae\uff0c\u57fa\u4e8e UDP\uff0c\u81ea\u52a8\u5206\u914d IP \/ \u7f51\u5173 \/ DNS<\/td><td>\u5c40\u57df\u7f51\u8bbe\u5907\u81ea\u52a8\u83b7\u53d6\u7f51\u7edc\u914d\u7f6e<\/td><\/tr><tr><td><strong>SSH<\/strong><\/td><td>\u52a0\u5bc6\u8fdc\u7a0b\u7ba1\u7406\u534f\u8bae\uff0c\u57fa\u4e8e TCP 22 \u7aef\u53e3\uff0c\u66ff\u4ee3\u660e\u6587 Telnet<\/td><td>\u670d\u52a1\u5668\u5b89\u5168\u767b\u5f55\u3001SFTP \u52a0\u5bc6\u6587\u4ef6\u4f20\u8f93<\/td><\/tr><tr><td><strong>FTP \/ SFTP<\/strong><\/td><td>\u6587\u4ef6\u4f20\u8f93\u534f\u8bae\uff1aFTP \u660e\u6587\u4f20\u8f93\uff0cSFTP \u57fa\u4e8e SSH \u52a0\u5bc6<\/td><td>\u670d\u52a1\u5668\u6587\u4ef6\u4e0a\u4f20\u4e0b\u8f7d\u3001\u6570\u636e\u5907\u4efd<\/td><\/tr><tr><td><strong>NTP<\/strong><\/td><td>\u7f51\u7edc\u65f6\u95f4\u534f\u8bae\uff0c\u57fa\u4e8e UDP 123 \u7aef\u53e3\uff0c\u5b9e\u73b0\u9ad8\u7cbe\u5ea6\u65f6\u95f4\u540c\u6b65<\/td><td>\u670d\u52a1\u5668 \/ \u8bbe\u5907\u65f6\u95f4\u6821\u51c6<\/td><\/tr><tr><td><strong>SMTP \/ POP3 \/ IMAP<\/strong><\/td><td>\u90ae\u4ef6\u534f\u8bae\u4e09\u4ef6\u5957\uff1aSMTP \u53d1\u4fe1\uff0cPOP3 \/ IMAP \u6536\u4fe1<\/td><td>\u4f01\u4e1a \/ \u4e2a\u4eba\u7535\u5b50\u90ae\u4ef6\u6536\u53d1<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">4.3 \u5185\u7f51\u4e0e\u8fdc\u7a0b\u529e\u516c\u534f\u8bae<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u534f\u8bae<\/th><th>\u6838\u5fc3\u7279\u70b9<\/th><th>\u5178\u578b\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>RDP<\/strong><\/td><td>Windows \u8fdc\u7a0b\u684c\u9762\u534f\u8bae\uff0c\u9ed8\u8ba4 TCP 3389 \u7aef\u53e3\uff0c\u652f\u6301\u52a0\u5bc6\u4e0e\u5916\u8bbe\u91cd\u5b9a\u5411<\/td><td>Windows \u8bbe\u5907\u56fe\u5f62\u5316\u8fdc\u7a0b\u7ba1\u7406<\/td><\/tr><tr><td><strong>SMB \/ CIFS<\/strong><\/td><td>Windows \u6587\u4ef6\u5171\u4eab\u534f\u8bae\uff0c\u9ed8\u8ba4 TCP 445 \u7aef\u53e3<\/td><td>\u5c40\u57df\u7f51\u6587\u4ef6 \/ \u6253\u5370\u673a\u5171\u4eab<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u26a0\ufe0f <strong>\u62a4\u7f51\u5173\u6ce8\u70b9\uff1a<\/strong> RDP 3389 \u548c SMB 445 \u662f\u62a4\u7f51\u671f\u95f4\u6700\u9ad8\u9891\u7684\u653b\u51fb\u5165\u53e3\uff0c\u6c38\u6052\u4e4b\u84dd\uff08EternalBlue\uff09\u5373\u5229\u7528 SMB \u6f0f\u6d1e\u4f20\u64ad\uff0c\u5e94\u91cd\u70b9\u76d1\u63a7\u8fd9\u4e24\u4e2a\u7aef\u53e3\u7684\u5f02\u5e38\u8fde\u63a5\u3002<\/p>\n<\/blockquote>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u4e94\u3001\u4e13\u7528\u6269\u5c55\u534f\u8bae<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u7c7b\u522b<\/th><th>\u4ee3\u8868\u534f\u8bae<\/th><th>\u6838\u5fc3\u7528\u9014<\/th><\/tr><\/thead><tbody><tr><td><strong>VPN \u96a7\u9053<\/strong><\/td><td>IPSec\u3001OpenVPN\u3001WireGuard<\/td><td>\u52a0\u5bc6\u8de8\u7f51\u96a7\u9053\u901a\u4fe1\uff0c\u6392\u67e5 VPN \u8fde\u63a5\u6545\u969c<\/td><\/tr><tr><td><strong>\u6570\u636e\u5e93<\/strong><\/td><td>MySQL\u3001PostgreSQL\u3001Redis<\/td><td>\u6570\u636e\u5e93\u901a\u4fe1\u6293\u5305\uff0c\u6392\u67e5\u6162\u67e5\u8be2 \/ \u8fde\u63a5\u8d85\u65f6<\/td><\/tr><tr><td><strong>\u7269\u8054\u7f51<\/strong><\/td><td>MQTT\u3001CoAP<\/td><td>\u667a\u80fd\u5bb6\u5c45 \/ \u4f20\u611f\u5668\u8bbe\u5907\u901a\u4fe1\uff0c\u4f4e\u529f\u8017\u9002\u914d<\/td><\/tr><tr><td><strong>\u6d41\u5a92\u4f53<\/strong><\/td><td>RTP \/ RTMP \/ SIP<\/td><td>\u89c6\u9891\u4f1a\u8bae\u3001\u76f4\u64ad\u3001\u76d1\u63a7\uff0c\u6392\u67e5\u5361\u987f \/ \u82b1\u5c4f<\/td><\/tr><tr><td><strong>\u5de5\u63a7<\/strong><\/td><td>Modbus\u3001S7\u3001Profinet<\/td><td>\u5de5\u4e1a\u8bbe\u5907\u901a\u4fe1\uff0c\u5de5\u63a7\u5b89\u5168\u5ba1\u8ba1\u4e0e\u6545\u969c\u6392\u67e5<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u516d\u3001\u5173\u952e\u6ce8\u610f\u4e8b\u9879<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">6.1 \u52a0\u5bc6\u534f\u8bae\u89e3\u6790\u9650\u5236<\/h3>\n\n\n\n<p>TLS \/ QUIC \/ SSH \u7b49\u52a0\u5bc6\u534f\u8bae\u9ed8\u8ba4<strong>\u4ec5\u80fd\u89e3\u6790\u63e1\u624b\u9636\u6bb5<\/strong>\uff0c\u65e0\u6cd5\u67e5\u770b\u52a0\u5bc6\u540e\u7684\u4e1a\u52a1\u6570\u636e\u3002<\/p>\n\n\n\n<p>\u89e3\u5bc6\u65b9\u5f0f\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u6d4f\u89c8\u5668\u6d41\u91cf<\/strong>\uff1a\u914d\u7f6e <code>SSLKEYLOGFILE<\/code> \u73af\u5883\u53d8\u91cf\uff0c\u5c06\u4f1a\u8bdd\u5bc6\u94a5\u5bfc\u51fa\u540e\u5728 Wireshark \u4e2d\u52a0\u8f7d<\/li>\n\n\n\n<li><strong>\u81ea\u7b7e\u8bc1\u4e66\u5e94\u7528<\/strong>\uff1a\u5bfc\u5165\u79c1\u94a5\u81f3 Wireshark\uff08<code>\u7f16\u8f91 \u2192 \u9996\u9009\u9879 \u2192 Protocols \u2192 TLS<\/code>\uff09<\/li>\n\n\n\n<li><strong>QUIC<\/strong>\uff1a\u540c\u6837\u4f9d\u8d56 SSLKEYLOG\uff0c\u9700 Wireshark 4.0+ \u7248\u672c\u652f\u6301<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6.2 \u4e09\u79cd\u4ee3\u7406\u534f\u8bae\u5bf9\u6bd4<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><th>\u7ef4\u5ea6<\/th><th>SOCKS5<\/th><th>SOCKS4<\/th><th>HTTPS \u4ee3\u7406<\/th><\/tr><\/thead><tbody><tr><td>\u4f20\u8f93\u5c42\u652f\u6301<\/td><td>TCP + UDP<\/td><td>\u4ec5 TCP<\/td><td>\u4ec5 TCP<\/td><\/tr><tr><td>\u8ba4\u8bc1\u652f\u6301<\/td><td>\u2705<\/td><td>\u274c<\/td><td>\u2705\uff08Basic Auth\uff09<\/td><\/tr><tr><td>IPv6 \u652f\u6301<\/td><td>\u2705<\/td><td>\u274c<\/td><td>\u2705<\/td><\/tr><tr><td>\u9002\u7528\u573a\u666f<\/td><td>\u6e38\u620f \/ \u7a7f\u900f \/ \u901a\u7528<\/td><td>\u9010\u6b65\u6dd8\u6c70<\/td><td>\u7f51\u9875 \/ \u6293\u5305\u5de5\u5177<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">6.3 \u62a4\u7f51\u6293\u5305\u4f18\u5148\u7ea7\u5efa\u8bae<\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>\u9ad8\u4f18\u5148\u7ea7\u76d1\u63a7\u7aef\u53e3\uff1a\n  445  (SMB)      \u2192 \u52d2\u7d22\u8f6f\u4ef6 \/ \u6a2a\u5411\u79fb\u52a8\n  3389 (RDP)      \u2192 \u66b4\u529b\u7834\u89e3 \/ \u8fdc\u7a0b\u5165\u4fb5\n  53   (DNS)      \u2192 DNS \u96a7\u9053 \/ \u52ab\u6301\n  80\/443 (HTTP\/S) \u2192 Web \u653b\u51fb \/ C2 \u901a\u4fe1\n  22   (SSH)      \u2192 \u66b4\u529b\u7834\u89e3 \/ \u540e\u95e8\u8fde\u63a5\n\n\u5f02\u5e38\u6d41\u91cf\u7279\u5f81\uff1a\n  \u00b7 \u5355 IP \u9ad8\u9891 SYN\uff08\u7aef\u53e3\u626b\u63cf\uff09\n  \u00b7 \u5927\u91cf ICMP \u5927\u5305\uff08\u9690\u853d\u4fe1\u9053\uff09\n  \u00b7 \u975e\u5e38\u89c4\u7aef\u53e3\u7684\u52a0\u5bc6\u6d41\u91cf\uff08C2 \u9690\u533f\uff09\n  \u00b7 \u5185\u7f51\u8bbe\u5907\u4e3b\u52a8\u5916\u8054\u964c\u751f IP<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u9002\u7528\u573a\u666f\uff1a\u65e5\u5e38\u7f51\u7edc\u6392\u969c \/ \u62a4\u7f51\u884c\u52a8\u6d41\u91cf\u5206\u6790 \/ \u6e17\u900f\u6d4b\u8bd5\u8f85\u52a9 \/ \u5b89\u5168\u5ba1\u8ba1\u5de5\u5177\u7248\u672c\uff1aWireshark 4. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[17,19],"class_list":["post-105","post","type-post","status-publish","format-standard","hentry","category-20","tag-whireshark","tag-19"],"_links":{"self":[{"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/posts\/105","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/comments?post=105"}],"version-history":[{"count":3,"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/posts\/105\/revisions"}],"predecessor-version":[{"id":120,"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/posts\/105\/revisions\/120"}],"wp:attachment":[{"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/media?parent=105"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/categories?post=105"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/danchengjie.cn\/index.php\/wp-json\/wp\/v2\/tags?post=105"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}