Remote Network Analysis



Similar documents
Remote Network Analysis

Host Fingerprinting and Firewalking With hping

Passive Network Traffic Analysis: Understanding a Network Through Passive Monitoring Kevin Timm,

CIT 380: Securing Computer Systems

Network and Services Discovery

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Firewalls. Pehr Söderman KTH-CSC

Port Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.

Network Scanning. What is a Network scanner? Why are scanners needed? How do scanners do? Which scanner does the market provide?

Host Discovery with nmap

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

Firewall Introduction Several Types of Firewall. Cisco PIX Firewall

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

Introduction to Firewalls

NETWORK SECURITY WITH OPENSOURCE FIREWALL

Chapter 6 Phase 2: Scanning

INTRODUCTION TO FIREWALL SECURITY

Network Security. Chapter 3. Cornelius Diekmann. Version: October 21, Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik

Linux Network Security

Stateful Firewalls. Hank and Foo

Network Security CS 192

FIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others

Divide and Conquer Real World Distributed Port Scanning

Firewalls. configuring a sophisticated GNU/Linux firewall involves understanding

Chapter 8 Network Security

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Evading Infrastructure Security Mohamed Bedewi Penetration Testing Consultant

An Introduction to Nmap with a Focus on Information Gathering. Ionuț Ambrosie

FIREWALL AND NAT Lecture 7a

How to protect your home/office network?

Firewall. IPTables and its use in a realistic scenario. José Bateira ei10133 Pedro Cunha ei05064 Pedro Grilo ei09137 FEUP MIEIC SSIN

Attack and Defense Techniques

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

A S B

Firewall Testing. Cameron Kerr Telecommunications Programme University of Otago. May 16, 2005

CS5008: Internet Computing

Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS)

Lecture 5: Network Attacks I. Course Admin

Firewall implementation and testing

Network Security. Marcus Bendtsen Institutionen för Datavetenskap (IDA) Avdelningen för Databas- och Informationsteknik (ADIT)

Scanning Tools. Scan Types. Network sweeping - Basic technique used to determine which of a range of IP addresses map to live hosts.

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Firewalls. Firewalls. Idea: separate local network from the Internet 2/24/15. Intranet DMZ. Trusted hosts and networks. Firewall.

Xprobe2++: Low Volume Remote Network Information Gathering Tool

Netfilter / IPtables

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

Solution of Exercise Sheet 5

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Introduction to Firewalls Open Source Security Tools for Information Technology Professionals

Project 2: Firewall Design (Phase I)

Outline. Outline. Outline

Network Mapper and Vulnerability Scanning

CIT 480: Securing Computer Systems. Firewalls

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Chapter 8 Security Pt 2

Algorithms and Techniques Used for Auto-discovery of Network Topology, Assets and Services

Time has something to tell us about Network Address Translation

IP Network Scanning & Reconnaissance

Linux MDS Firewall Supplement

Firewalls. Chapter 3

1! Network forensics

CSCE 465 Computer & Network Security

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Firewalls. Test your Firewall knowledge. Test your Firewall knowledge (cont) (March 4, 2015)

Network Security. Routing and Firewalls. Radboud University Nijmegen, The Netherlands. Autumn 2014

Firewalls, IDS and IPS

Security: Attack and Defense

What is a DoS attack?

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Firewalls N E T W O R K ( A N D D ATA ) S E C U R I T Y / P E D R O B R A N D Ã O M A N U E L E D U A R D O C O R R E I A

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

How the Great Firewall discovers hidden circumvention servers. Roya Ensafi David Fifield Philipp Winter Nick Weaver Nick Feamster Vern Paxson

Introduction of Intrusion Detection Systems

Visualizations and Correlations in Troubleshooting

Firewalls, Tunnels, and Network Intrusion Detection

Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS)

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

7. Firewall - Concept

Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme. Firewall

Network Security Management

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Firewalking. A Traceroute-Like Analysis of IP Packet Responses to Determine Gateway Access Control Lists

Unverified Fields - A Problem with Firewalls & Firewall Technology Today

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Chapter 9 Firewalls and Intrusion Prevention Systems

Stop that Big Hack Attack Protecting Your Network from Hackers.

Proxy Server, Network Address Translator, Firewall. Proxy Server

Firewalls. Chien-Chung Shen

Firewalls. Castle and Moat Analogy. Dr.Talal Alkharobi. Dr.Talal Alkharobi

Customized Data Exchange Gateway (DEG) for Automated File Exchange across Networks

Transcription:

Remote Network Analysis - I know what you know - Torsten Höfler htor@cs.tu-chemnitz.de Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 1/41

Outline 1. 2. 3. 4. Advanced Scanning 5. 6. Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 2/41

Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 3/41

Motivation Motivation Typical Targets Structure of FW Systems Structure of FW Systems Possible Attacks play instinct :o) explore a remote network find backdoors check weaknesses prepare an attack fool IDS systems see which software your bank runs... Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 4/41

Typical Targets Motivation Typical Targets Structure of FW Systems Structure of FW Systems Possible Attacks Router / Firewalls / Packetfilter Intrusion Detection Systems Loghosts (to hide traces) servers - from the outside accessible (DMZ?) Client-Systems / Workstations Hardware-Systems (e.g. Access Points, Routers...) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 5/41

Structure of FW Systems easy layout: Motivation Typical Targets Structure of FW Systems Structure of FW Systems Possible Attacks Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 6/41

Structure of FW Systems more complex layout(s): Motivation Typical Targets Structure of FW Systems Structure of FW Systems Possible Attacks Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 7/41

Possible Attacks Motivation Typical Targets Structure of FW Systems Structure of FW Systems Possible Attacks attacker (we) located in the Internet attacks performed from outside passive analysis (e.g. sniffing) noticeable active analysis (e.g. scanning) hidden active analysis (e.g. fingerprinting) analysis of topology (e.g. firewalking, tracing) social engineering Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 8/41

Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 9/41

Layer 2/3/4 Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary different possibilities: passive fingerprinting (without sending anything) Layer 4 (versions of used software products) Payload Analysis (not widely used, no tools available) Layer 2/3 (OS s TCP/IP implementation) Header-Analysis (widely used, tools available) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 10/41

Header-Analysis Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary gives information about deployed topology: TTL: OS usually starts with typical values (255, 128, 64...) -> difference equals Hop-Count be aware of exceptions (e.g. traceroute)! offered or used services e.g.: analyse source or/and destination port Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 11/41

Header-Fields Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 12/41

Header-Information Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary much information can be gained from the header fields: Field Location Tools? What? TTL IP x OS + Topology Fragmentation IP x OS + Topology Header Length IP x OS TOS IP - OS ID IP - OS + Traffic Source Port TCP - OS + Traffic Window Size TCP/Opt x OS Max. Segmentsz. TCP/Opt x OS...... - OS Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 13/41

Header-Analysis (example) SYN/ACK Header from www.ccc.de:80 Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 14/41

Header-Analysis (example) SYN/ACK Header from www.microsoft.de:80 Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 15/41

Example practical values: Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary OS TOS DF TTL Window Options Win2000 0 1 128 65535 tsval=0, SACK Win98 0 1 128 8760 SACK Linux 2.2 0 1 64 32210 tsval>0, SACK Linux 2.4 0 1 64 5792 tsval>0, SACK Linux 2.6 0 1 64 5792 tsval>0, SACK FreeBSD 4.6 0 1 64 57344 tsval>0 FreeBSD 5.0 0 1 64 65535 tsval>0 OpenBSD 16 0 64 17520 tsval=0, SACK 2.x.................. Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 16/41

More Examples Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary examples (p0f - SYN/ACK analysis): www.metro.de - Windows 2000 SP4 www.ebay.de - unknown www.heise.de - NetApp Data OnTap 6.x www.microsoft.de:80 - Windows 2000 (SP1+) (firewall!) www.openbsd.org:80 - Solaris 7 (up: 2533 hrs) www.freebsd.org:80 - FreeBSD 4.6-4.8 (up: 9 hrs) www.mcafee.com:80 - Windows 2000 SP4 www.georgewbush.com:80 - Windows 2000 SP4 www.bundeskanzler.de:80 - Linux recent 2.4 (1) (up: 11405 hrs) www.nsa.gov:80 - Linux recent 2.4 (1) (up: 5664 hrs) www.dod.gov:80 - Linux recent 2.4 (up: 2804 hrs)... Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 17/41

Summary Layer 2/3/4 Header-Analysis Header-Fields Header-Information Header-Analysis (example) Header-Analysis (example) Example More Examples Summary fingerprinting without sending any data utilizes imprecise standard definitions...... or deviations of OSes from standards (RFC) cumulative analysis of different header fields manually nearly impossible (huge information databases) automated tools (ettercap, siphon, p0f) BUT: very slow / imprecise! active analysis is more accurate new techniques (AI / Fuzzy Match) improve accurancy Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 18/41

Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 19/41

Layer 4 (Application Level) Layer 4 (Application Level) Layer 2/3 (OS Level) OS Detection Tools sending packets and analysing the response classical manual banner grabbing e.g. FTP, HTTP, POP, IMAP, SMTP, SSH, NNTP, Finger... binary analysis e.g. /bin/ls from FTP server (which binary format (ELF, COFF) OS) well known ports e.g. 80 HTTP, 22 SSH,... easy to prevent/fake e.g. 222 SSH (ipcop) application fingerprinting (sending special requests, evaluate (error) responses) automated tools: thc-amap, nmap (-sv) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 20/41

Layer 2/3 (OS Level) Layer 4 (Application Level) Layer 2/3 (OS Level) OS Detection Tools send special crafted IP packets and analyse the response easy to detect e.g. IDS notifies attempts (see portscan) firewall can block results e.g. stateful firewalls block connectionless FIN packets firewall can modify results e.g. change TTL, TOS or filter out Options with iptables Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 21/41

OS Detection Tools Layer 4 (Application Level) Layer 2/3 (OS Level) OS Detection Tools de-facto standard: nmap from Fyodor a lot of active fingerprinting techniques (FIN to open port, ISN Sampling, ICMP Tests, TCP Options, Fragmentation Handling...) is recognized by many IDS or packetfilters and can be filtered easily nmap needs one opened and one closed TCP-Port + one closed UDP-Port (often not possible firewall) other metrics have to be found others: xprobe2 - fuzzy logic, similar to nmap queso - no further development Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 22/41

Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 23/41

Old Techniques Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) Inverse Mapping normal inconspicuous packets to different IP s e.g. FIN, ACK, DNS-Reply only for stateless firewalls / IDS non existing hosts: router sends ICMP host unreachable -> attacker concludes network structure / used addresses Slow Scan packet-rate < 1 packet/hour very hard to detect automatically Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 24/41

RING Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) RING (Remote Identification Next Generation) TCP retransmissioncount and -time is used! deviations from RFC2988 (defines a retransmission algorithm) tools: snacktime, Cron-OS, tbit Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 25/41

RING - Examples Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) snacktime evaluation: www.metro.de:80 - Windows_2000_Server_SP3 www.ebay.de:80 - Windows_XP_Professional www.heise.de:80 - no retransmission www.microsoft.de:80 - no retransmission www.openbsd.org:80 - Linux_2.4.9_Alpha (???) www.freebsd.org:80 - Generic_BSD_Stack www.mcafee.com:80 - no retransmission www.georgewbush.com:80 - RST after first retrans! www.bundeskanzler.de:80 - Linux_2.4.18 www.nsa.gov:80 - no retransmission www.dod.gov:80 - Linux_2.4.18... Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 26/41

Overview Fingerprinting Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 27/41

Idle Scan Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) no packet sent directly sending through zombie hosts using predictable IP fragment-numbers suitable for testing IP-based filter-rules IDS sees zombie as attacker tool: nmap (-D) - decoy scan protect own hosts from being used as zombies: stateful firewall OS with unpredictable or constant fragment-numbers Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 28/41

Idle Scan - Example Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 29/41

Finding Zombies Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) chance to find zombies is relatively high! htor@archimedes: $ hping2 -SA -p 80 www.tu-dresden.de len=46 ip=141.30.66.151 ttl=46 DF id=216 sport=80... len=46 ip=141.30.66.151 ttl=46 DF id=217 sport=80... len=46 ip=141.30.66.151 ttl=46 DF id=218 sport=80... htor@archimedes: $ ping -c1 www.tu-dresden.de htor@archimedes: $ hping2 -SA -p 80 www.tu-dresden.de len=46 ip=141.30.66.151 ttl=46 DF id=220 sport=80... IP-ID counts up globally! more useable zombies: www.tu-dresden.de 64.203.100.217 (hosting georgewbush.com :) mx2.freebsd.org www.openbsd.org... Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 30/41

Firewalking = analyze the hosts behind a firewall e.g. test if IP is up: Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) SYN-packets are dropped by firewall SYN/ACK not (only stateful FWs) use SYN/ACK packets to scan IP s behind FW ruleset of the FW can be guessed Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 31/41

Firewalking - Example Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) e.g. portscan of wald.informatik.tu-chemnitz.de (134.109.184.40): archimedes: # hping2 wald.informatik.tu-chemnitz.de -p 22 -A HPING wald.informatik.tu-chemnitz.de (eth0 134.109.184.40): A set... len=46 ip=134.109.184.40 ttl=55 DF id=0 sport=22 flags=r seq=0 win=0 rtt=64.3 ms len=46 ip=134.109.184.40 ttl=55 DF id=0 sport=22 flags=r seq=1 win=0 rtt=64.8 ms port 22 (ssh) open archimedes: # hping2 wald.informatik.tu-chemnitz.de -p 81 -A HPING wald.informatik.tu-chemnitz.de (eth0 134.109.184.40): A set... ICMP Port Unreachable from ip=134.109.184.40 name=wald ICMP Port Unreachable from ip=134.109.184.40 name=wald port 81 closed are the pool-computers switched on during the weekend? HPING donau.hrz.tu-chemnitz.de (eth0 134.109.72.177): SA set... len=46 ip=134.109.72.177 ttl=55 DF id=0 sport=82 flags=r seq=0 win=0 rtt=62.5 ms len=46 ip=134.109.72.177 ttl=55 DF id=0 sport=82 flags=r seq=1 win=0 rtt=65.4 ms yes ;o) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 32/41

Firewalking (2) Cambridge Technology Partners: A Traceroute-Like Analysis of IP Packet Responses to determine Gateway Access Control Lists. Old Techniques RING RING - Examples Overview Fingerprinting Idle Scan Idle Scan - Example Finding Zombies Firewalking Firewalking - Example Firewalking (2) newer development phase 1: determine hop-count to FW (Gateway) = HC(FW) phase 2: packets with TTL=HC(GW)+1 for SYN scan if HC(target) > HC(GW)+1 no packet reaches target open port: ICMP Time exceed closed Port: no answer (timeout) prevention: drop outgoing ICMP time exceed packets application proxy Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 33/41

Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 34/41

TCP/IP Stack Tuning TCP/IP Stack Tuning Linux Kernel Modifications Deep Packet Inspection DPI - Example Linux (adjustment of kernel parameters): /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts = 1 /proc/sys/net/ipv4/conf/*/accept_source_route = 0 /proc/sys/net/ipv4/conf/*/rp_filter = 1 (prevent spoofing) /proc/sys/net/ipv4/ipfrag_high_thresh =? (fragments will be dropped when this valua is reached - Rose Attacks?) /proc/sys/net/ipv4/ipfrag_low_thresh =? (fragments will be accepted again under this level) /proc/sys/net/ipv4/conf/*/log_martians (log packets with unusual addresses) /proc/sys/net/ipv4/ip_default_ttl =? (confuses simple OS detection) appropriate values on other Operating Systems (e.g. sysctl with BSD) Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 35/41

Linux Kernel Modifications TCP/IP Stack Tuning Linux Kernel Modifications Deep Packet Inspection DPI - Example Grsecurity larger entropy pools (better random numbers) randomized TCP Initial Sequence Numbers (confuses OS detection) randomized IP IDs (prevents zombie -scans) randomized TCP source ports (confuses OS detection) IP Personality changeable characteristics to pretend other TCP/IP stacks nice tool, but only up to kernel 2.4.18 :-( own modifications in kernel sources z.b. no answer to illegal packets: /usr/src/linux/net/ipv4/* change the window size: /usr/src/linux/include/net/tcp.h (MAX_TCP_WINDOW)... Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 36/41

Deep Packet Inspection TCP/IP Stack Tuning Linux Kernel Modifications Deep Packet Inspection DPI - Example Firewall Evolution Firewall - protect IDS - observe today: manual adding of firewall rules after notification from IDS problem: fast attacks (Code Red, Nimda) deep packet inspection = FW + IDS coupled exploits and scan attempts can be interrupted automatically e.g. layer 4 monitoring (see PIX fixup command) next slide Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 37/41

DPI - Example TCP/IP Stack Tuning Linux Kernel Modifications Deep Packet Inspection DPI - Example Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 38/41

Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 39/41

?? Sources Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 40/41

Sources? Sources own experience :o) Laurent Joncheray: Simple Active Attack Against TCP, 1995 Kevin Timm: Passive Network Traffic Analysis, 2003 Lance Spitzner: Passive Fingerprinting, 2000 Fyodor: Remote OS detection via TCP/IP Stack FingerPrinting, 1998 Intranode Research: RING - Full Paper, 2002 Synnergy Networks: Advanced Host Detection, 2001 Cambridge Technology Partners: Firewalking, 1998 Ido Dubrawsky: Firewall Evolution - Deep Packet Inspection, 2003 Torsten Höfler, 21. November 2004 Remote Network Analysis - p. 41/41

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information