Æ Øûóö Ò Ìóóð× ½

Total Page:16

File Type:pdf, Size:1020Kb

Æ Øûóö Ò Ìóóð× ½ Ù×ØØ× ÁÒ×ØØÙØ Ó Ì ÒÓÐÓÝ ÔÖØÑÒØ Ó ÒÒÖÒ Ò ÓÑÔÙØÖ º¾ ÐÐ ¾¼¼¾ ÆeØÛÓÖkiÒg ÌÓÓÐ× ËÔØÑÖ ½¿¸ ¾¼¼½ ÇÚÖÚÛº ÁÒ Ø× ØÙØÓÖи Û ÛÐÐ ÚÖ ØÓ ÓÐ× ØØ Ö Ù× Ò ÒØÛÓÖÒ ´ÒÓØ ØÓ ÑÒØÓÒ Ò Ø ÖÐ ÛÓÖÐ ÓÖ ÙÒµº Ï Ò ÛØ ÒØ×ØØ Ò ¸ Ö­Ý ÓÛ ØÓ Ù× Ó Ø× ØÓ ÓÐ× Ý ÐÓ ÓÒ Ø ÐÚ ÌÈ Ò ÑÒ ×Ò× Ó ØÖ ÓÙØÔÙغ ϳÐÐ Ù× ÒØ×ØØ ØÓ ÓÒ Ó Ø ×ÙØÐØ× Ó Ø ÌÈ ×ØØ Òº ÆÜظ Û³ÐÐ ÐÓ Ó Ø Ó ÐÓ ÓÙÔ¹× ØÓ ÓÐ׸ Ò ÛÓ׸ ØØ ÔÖÓÚ ÒÓÖÑØÓÒ ÓÙØ ÆË ÒÓÖÑØÓÒ ÓÙØ Ó×Ø׸ Ò Ö×ØÖÝ ÒÓÖÑØÓÒ ÓÙØ ÒÑ× Ò ÒØÛÓÖ׸ Ö×Ô Ðݺ Ï ÛÐÐ ØÒ ÑÓÚ ÓÒ ØÓ ×ØÒÖ ÒØÛÓÖ Ñ×ÙÖÑÒØ ØÓ ÓÐ׸ ÔÒ Ò¸ ÑÓÖ ÒØÖ×ØÒÐݸ ¸ ÓÛ ØÝ ÛÓÖ Ò ÛØ ØÝ Ó ´Ò Óҳص ØÐÐ ÝÓÙº ÒÐÐݸ ÓÖ ØÓ× Ó ÝÓÙ ÛÓ ÓÒ³Ø ÒÓÛ Ô Öи Á³ÐÐ ×ÓÛ ÓÛ ØÓ Ø ØÒ× ØÓØÖ Ý ÑÓÒ¹ ×ØÖØÒ ×ÑÔÐ Ô ÖÐ ØØ Ø× ÓÙÖ Ò Ø× ÝØ× ØÓ ×ØÒØÓÒ ÁÈ Ö××× Ò Ë׺ ½ aÒd ÒØ×ØØ ÀÓÛ Ó × ÙÑÔ ÛÓÖ ÓÖ Ë¹ÖÚ ÖÒÐ׸ Ø ÖÐÝ È Ø ÐØÖ ´Èµ × ÚÐк Ì ¬ÐØÖ Ø ÖÚÖ ÒØÓ ÑÓ ¸ × ÖÓÑ Ø ÖÚÖ ÐÐ ØÖÒ×ÑØØ Ò Ø׺ Ì× Ø× Ö ØÒ ÖÙÒ ØÖÓÙ Ù×Ö¹×Ô ¬ÐØÖ¸ ×Ó ØØ ÓÒÐÝ Ø Ø× ØØ Ø Ù×Ö ×Ô × ÒØÖ×ØÒ ÛÐÐ Ô×× ØÓ Ø Ù×Ö ÔÖÓ ÏØ ÓÙØ Ø ØÓ ØÐÝ ØÖÔÔÒ ØÓ Ø ÖÒÐ ÓÖ ×ÑÐÐ Ö× ØÑÓÙØ ÚÐÙ ÛØ Ö× ×ÓÐÚ× Ø× ÔÖÓÐѺ ÐØÖÒ × ÓÒ Ò Ø ÖÒк Ì× ÐÑØ× Ø ÑÓÙÒØ Ó Ø ØØ ÑÙ×Ø ÖÓÑ Ø ÖÒÐ ÒØÓ Ù×Ö ÀÖ × ÛØ Ø ÓÙØÔÙØ ÖÓÑ Ó×Ø ¹ ؼ ÔÓÖØ ×× ÖÓÑ ÑÝ Ò ÛÐÐ ÐÓ Ó Ð ¼¾¿º½¿ Ë ¾½¿¾½¿´¼µ ÛÒ ¿¾½¾¼ Ñ×× ℄ ´µ ¼¾¿º¾¼ Ë ¾¼¾¼¾¼¾¼´¼µ ¾½¿ ÛÒ ¿ Ñ×× ℄ ¼¾¿º¾½ º ½ ÛÒ ¿¾½¾¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¾¼¿ ¿¼¼½¾¼ ´µ ¼¾¿º¿¾¿ È ½½´¼µ ½ ÛÒ ¾¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¿¼¼½¼ ¾¼¿ ´µ ¼¾¿º¿¾½ º ½ ÛÒ ¿¾¼¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¾¼¿ ¿¼¼½¼ ´µ ½ ¾ ÄÇÇÃÍÈ ÌÇÇÄË: Á AÆD ÏÀÇÁË ÍÌ ¼¿¾¾º¿¼ ½½´¼µ ½¿½ ÛÒ ¿¾½¾¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¾¼¿ ¿¼¿ ´µ ØÓ× ℄ ¼¿¾¾º¾ º ½ ÛÒ ¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¿¼½ ¾¼¿ ´µ ØÓ× ℄ ¼¿¾¾º½ ½¿½½¿½´¼µ ½ ÛÒ ¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¿¼½ ¾¼¿ ´µ ØÓ× ℄ ¼¿¾¾º½¼½ º ½¿¾ ÛÒ ¿¾½¾¼ ÒÓÔ¸ÒÓÔ¸ØÑ×ØÑÔ ¾¼¿ ¿¼½ ´µ ØÓ× ℄ ÏØ³× ÓÒ ÓÒ ÛØ Ø ØÑ×ØÑÔ ÓÔØÓÒ ÓÖ ÜÑÔи ÛÝ ÒÓØ Ù×Ø ÑÖ Ø ÛØ Ø Ø ØÑ Ø Û× ×ÒØ ´ÊÕÙÖ× ÖÓÒÞØÓÒºµ ÁÒÓÖÑØÓÒ Ò ÐÒ ØÑ×ØÑÔ¸ Ò ×ØÒØÓÒ ´ÁÈ Ö×× Ò Ô ÓÖص¸ ÌÈ ­×¸ ×ÑÒØ ÒÓ ´×ØÖظ Ò¸ ×Þµ¸ ׸ ÛÒÓÛ ×Þ¸ ÚÖÓÙ× ÓØÖ ÌÈ ÓÔØÓÒ׺ Ì È ­ ×ØÒ× ÓÖ ÔÙ× Ø Ø ØÓ Ø × ×Ó ÓÒ × Ô Ó××к Ø ¿¹ÛÝ Ò׺ Ð×Ó¸ Ø ÔÖÓ Ó ØÖÒ ÓÛÒ ¼ ¼ ËÌÄÁËÀ ¼ ¼ ÌÁÅÏÁÌ Ö­Ý Ø ×ØØ ØÖÒ×ØÓÒ ÖÑ × Ø ×ÙÑÑÖÝ Ó Ø ÖÙÐ ×Ø ÓÖ ÓÛ ÌÈ Ú׺ ÏÝ Ó × Ø Ó ÒØÓ Ø ØÑ ÛØ ×ØØ ÆÓØ Ø× × Ð×Ó Ø ¾ÅËÄ ´ÑÜÑÙÑ ×ÑÒØ ÐØѵ ×Øغ Ì Ò ØØ Ô ÖÓÖÑ× Ø Ó × ÒÓØ ÒÓÛ Ø ¬ÒÐ Ã Û× ÚÖ ¸ ×Ó Ø Ó ×Ò³Ø ÒÓÛ ØØ Ø ÓØÖ × Ø ÂÙ×Ø Ø ÁÆ ÖÖÚ׸ Û ××ÙÑ ØØ Ø × ×ÑÒØ× ÑÝ ÖÖÚ ÓÙØ Ó ÓÖÖº Ò ÝÓÙ ØÒ Ó ÚÖÓÙ× × ÓÒ ÌÈ ÒÙÑÖ Ò × ÓÒ ÜÑÔк ËÆ ­Ó Ó × × ÒÓØÖ ÀÓÛ ÛÓÙÐ ÝÓÙ Ò Ò×Ø ËÆ ­Ó Ó ÇÒ × ×ÓÑØÒ ËÆ Ó Ó׸ ÛÖÝ Ø ×ÒÖ Ó × ÒÓØ ×Ø ÙÔ ×ØØ ÓÖ ÙÒØÐ ØÖ Ø ØÖ¹ÛÝ Ò× × ´ÖØÖ ØÒ ÓÒ ÒØÓ Ø ËÆ ×ØØ ÑÑØÐÝ ØÖ Ø ¬Ö×Ø ËƵº Ì× ÛÐÐ Ò Ò Ø Û׺ ¾ ÄÓ ÓkÙÔ ÌÓÓÐ×: dig aÒd ÛhÓi× × ÆË ÐÓ ÓÙÔ ÙØÐØݺ ÁØ³× ×ÑÐÖ ØÓ Ò×ÐÓÓÙÔ¸ ÙØ × ÑÓÖ Ô ÓÛÖÙк ÓÙ ÕÙÖÝ ÓÖ ÚÖÓÙ× ØÝÔ× Ó ÅÓ×Ø ´Ò ÙÐص × Ø ÑÔ× ÆË ÒÑ ØÓ Ò ÁÈ Ö×׺ ÀÖ × ×ÓÑ ÜÑÔÐ ÓÙØÔÙØ ÓÖ ÐÓ ÓÙÔ ÓÒ ÑÝ Òº ØØ Ø ÕÙÖÝ × ÓÖ Ò Ð×Ó ÖØÙÖÒ× Ó ÓØÖ Ù×ÙÐ ÒÓÖÑØÓÒº ÓÖ ÜÑÔи Ø ÖØÙÖÒ× Ø ÆË ­ ¾¼¼¾ Ñ×ØÖ ¾ Ç ÆÇÌ ÊÁËÌÊÁÍÌ ¾ ÄÇÇÃÍÈ ÌÇÇÄË: Á AÆD ÏÀÇÁË ÓÖ Ì ÆË ÖØÙÖÒ Ø ÙØÓÖØØÚ ÆË ×ÖÚÖ× ÓÖ ÓÑÒº Á Ð×Ó Ø Ø ÓÖ ÐÐ Ó ØÓ× Ò׺ ÏÝ × ØÖ ÓØ Ø Ø Ò Ó ÚÖÝ ÓÑÒ Ø× ØÐÐ× ÝÓÙ Ø ÒÑ × ÙÐÐÝ ÕÙЬ ´ØÖÝ ÐÓ ÓÒ ÙÔ Ú׺ º ÓÒ ÅÁÌ Ò×µº Ì ÒÙÑÖ× × ½¼¼ ÓÛ ÐÓÒ ÐÓ ÆË ×ÖÚÖ ×ÓÙÐ Ø Ö×ÙÐØ Ó ØØ Ò×ÛÖº ÜÔÐÒ ÛØ Ø ÓÙØÔÙØ ÐÓ Ó× Ð ÛÒ Ø ÒÑ Ó ×Ò³Ø Ö×ÓÐÚ ØÓ ÒÝØÒº ÜÔÐÒ Ø ×Ñ ÓÖ ÖÚÖ× Æ˸ ÔÖØÐÐÝ ÕÙЬ ÓÑÒ ÒÑ׸ ¿ÑÒ×Ò± º¾º½ ÐÓÐ ÓÔØÓÒ× ÓØ Ò×ÛÖ ¹Àʹ ÉÍʸ ×ØØÙ× ÆÇÊÊÇʸ ¾½ Ð× ÕÖ Ö Ö ÉÍÊ ½¸ ÆËÏÊ ½¸ ÍÌÀÇÊÁÌ ¸ ÁÌÁÇÆÄ ÉÍËÌÁÇÆ ËÌÁÇÆ ÁÆ ÆËÏÊ ËÌÁÇÆ ½¼¼ ÁÆ ½º¿½º¼º¿ ÍÌÀÇÊÁÌ ËÌÁÇÆ ½¼¼ ÁÆ ÆË ½¼¼ ÁÆ ÆË ÜººÑغٺ ½¼¼ ÁÆ ÆË ½¼¼ ÁÆ ÆË ÁÌÁÇÆÄ ËÌÁÇÆ ½¼¼ ÁÆ ½º¾º¼º¿ ܺºÑغٺ ½¾ ÁÆ ½¾º½º¾¾º¿ ½¼¼ ÁÆ ½º¾º¼º½ ½¼¼ ÁÆ ½º¾º½¼º ½¼¼ ÁÆ ½º½½½º¼º¾ ½¼¼ ÁÆ ½º¾º¼º½¾¼ ½¼¼ ÁÆ ½º¾º½º½¾¼ ½¼¼ ÁÆ ½º¾º¾º ½¼¼ ÁÆ ½º¾ºº½¾¼ ÉÙÖÝ ØÑ ¿ ËÊÎÊ ½º¾º¼º½¿´½º¾º¼º½µ ÏÀÆ ÌÙ ËÔ ½¾ ¼¿ ¾¼¼¾ ÅË ËÁ ¾ ÇØÖ ØÒ× ÝÓÙ ÑØ × Ö ØÝÔ× Ð Æź ÇØÒ Ô ÓÔÐ Ú Ð×׸ ÓÖ ÑÙÐØÔÐ ÒÑ× ÓÖ ÓÒ Òº Ì× × ÑÔÐÑÒØ Ù×Ò ÒÑ׸ Ö ÜÔÖ×× Ò ÆË Ú ­ ¾¼¼¾ Ñ×ØÖ ¿ Ç ÆÇÌ ÊÁËÌÊÁÍÌ ¾ ÄÇÇÃÍÈ ÌÇÇÄË: Á AÆD ÏÀÇÁË ÆÅ Ì× × ×ÓÛÒ ÐÓÛ ÆËÏÊ ËÌÁÇÆ ½¼¼ ÁÆ ÆÅ Ñغٺ Ñغٺ ½¼¼ ÁÆ ½º¿½º¼º½ ÇÒ Ð×Ó Ù× ØÓ ÐÓ Ó ÙÔ Ø ÑÐ ×ÖÚÖ ÓÖ ÓÑÒº ÄØ³× ×Ý ×ÓÑÓÒ ÛÒØ ØÓ ×Ò ÑÐ ØÓ ÓÛ Ó × ØÖ ÑÐ ÔÖÓÖÑ ¬Ò Ø ÑÐ ×ÖÚÖ Ö×Ô ÓÒ×Ð ÓÖ ÐÚÖÒ ÑÐ ØÓ Ì× × ÜÔÖ×× Ú Ò Å Á ÕÙÖÝ ÓÖ Ø× ÓÖ ÜÑÔи Ý ØÝÔÒ Åº ÏØ³× ÙÔ ÛØ Ø ÒÙÑÖ× ÌÝ ÜÔÖ×× ÓÖ ÓÒ ÑÐ ×ÖÚÖ ÓÚÖ Ø ÓØÖº ÆËÏÊ ËÌÁÇÆ ½¼¼ ÁÆ Å ½¼ ܺºÑغٺ ½¼¼ ÁÆ Å ½ ÓÙ Ð×Ó Ù× ØÓ Ó ÖÚÖ× ÐÓ ÓÙÔ׺ ¹Ü × Ø ××Ø ÛÝ ØÓ Ó Ø׺ Ð×Ó Ù× Ò ÑÓ º Ë Ø ÑÒ Ô ÓÖ ÑÓÖ ØÐ׺ ÛÓ× × Ð×Ó Ù×ÙÐ ØÓ ÓÐ ØØ ÐÐÓÛ× ÝÓÙ ØÓ ÕÙÖÝ ÒÝ ÛÓ× ×ÖÚÖº ÌÖ Ö Û ØÝÔ× Ó ÛÓ× ×ÖÚÖ׺ ÇÒ × Ø ×ÖÚÖ׸ ØØ Ø ØÐÐ ÝÓÙ ÒÓÖÑØÓÒ ÓÙØ ÛÓ ÒÑ × Ö×ØÖ ØÓº Ì ÙÐØ ÛÓ× ×ÖÚÖ ÓÒ ÑÝ Ò × º Ì× ÛÓ× ×ÖÚÖ ØÒ ××Ù× ÕÙÖÝ ØÓ ÛÓ× ×ÖÚÖ ØØ × Ö×Ô ÓÒ×Ð ÓÖ Ö×ØÖÒ ØØ ÒѺ Ò Ó Ø ÓÙØÔÙØ × ÐÓÛ ÑÒ×Ò± ÛÓ× Ñغ٠℄ ÓÑÒ ÆÑ ÅÁÌºÍ Ê×ØÖÖ ÍÍË ÏÓ× ËÖÚÖ ÊÖÖÐ ÍÊÄ ÙÓÑÒ ÆÑ ËÖÚÖ ÁÌ˺ÅÁÌºÍ ÆÑ ËÖÚÖ ËÌÊϺÅÁÌºÍ ÆÑ ËÖÚÖ Ï¾¼Æ˺ÅÁÌºÍ ÍÔØ Ø ¾¹Ñݹ¾¼¼¾ ℄ ÓÑÒ ÆÑ ÅÁÌºÍ Ê×ØÖÒØ ÁÒ×ØØÙØ Ó ÑÖ¸ Å ¼¾½¿ ÍÆÁÌ ËÌÌË ÏÓ× Ð×Ó Ù× ØÓ ÕÙÖÝ Ø Ö×× Ö×ØÖ׸ ÊÁÆ ´ÆÓÖØ ÈÆÁ ´×µ¸ Ò ÊÁÈ ´ÙÖÓÔ µº ÓÖ ÜÑÔи ÐØ³× ×Ý Á ÛÒØ ØÓ ÒÓÛ ÑÓÖ ÓÙØ Ø Ö×× ½º¿½º¼º¿ ­ ¾¼¼¾ Ñ×ØÖ Ç ÆÇÌ ÊÁËÌÊÁÍÌ ¾ ÄÇÇÃÍÈ ÌÇÇÄË: Á AÆD ÏÀÇÁË ÑÒ×Ò± ÛÓ× ¹ ÛÓ׺ÖÒºÒØ ½º¿½º¼º¿ ℄ ÇÖÆÑ ÁÒ×ØØÙØ Ó ÇÖÁ ÅÁ̹¾ ÆØÊÒ ½º¼º¼º¼ ¹ ½º¾º¾º¾ ÁÊ ½º¼º¼º¼» ÆØÆÑ ÅÁÌ ÆØÀÒÐ Æ̹½¹¼¹¼¹¼¹½ ÈÖÒØ ÆØÌÝÔ ××ÒÑÒØ ÆÑËÖÚÖ ËÌÊϺÅÁÌºÍ ÆÑËÖÚÖ Ï¾¼Æ˺ÅÁÌºÍ ÆÑËÖÚÖ ÁÌ˺ÅÁÌºÍ ÓÑÑÒØ ÊØ ÍÔØ ½¹¼¹¾ ÂÁ˹ÊÁÆ ÂÖÝ ·½¹½¹¾¿¹¼¼ ÊÁÆ ÏÓ× Ø׸ Ð×Ø ÙÔØ ¾¼¼¾¹¼¹½½ ½¼ ÒØÖ ÓÖ ØÓÒÐ ÒØ× ÓÒ ÊÁÆ³× ÏÓ× Ø׺ ÆÓØ Ð×Ó Ø Ø Ø Ø Ø× Û× Ð×Ø ÙÔ Ø¸ Ò ÛÒ Ø Û× Ð×Ø ÙÔ Øº Ì× Ú ÝÓÙ ×ÓÑ ÓÙØ Ø Ó Ø ÒÓÖÑØÓÒº ×× ÛÓ× ×ÖÚÖ× ØØ Ö Ù× ØÓ Ö×ÓÐÚ ÒÑ× ÒØÓ ÑÒ×ØÖØÚ ÓÑÒ׸ ØÖ Ü×Ø ÛÓ× ×ÖÚÖ× ØØ ÐÔ ÑÔ ÒÙÑÖ× ÒØÓ ÑÒ×ØÖØÚ ÓÑÒ׺ ËÔ ¸ Ø ÒÙÑÖ× ´ºº¸ ÁÈ Ö××× Ò Ë ÒÙÑÖ×µ Ö ÑÒ Ý Ø ÓÐÐÓÛÒ ÓÖÒÞØÓÒ× ¯ ÊÁÈ Ê×ÙÜ ÁÈ ÙÖÓÔ Ò× ¯ ÊÁÆ Ê×ØÖÝ ÓÖ ÁÒØÖÒØ ÆÙÑÖ× ´Ð×Ó Ó × ¯ ÈÆÁ × È ÆØÛÓÖ ÁÒÓÖÑØÓÒ ÒØÖ ´Ò Ù×ØÖе Á Á ÛÒØ ØÓ ÒÓÛ ×ÓÑØÒ ÓÙØ ×ÓÑ ÁÈ Ö×× ÓÖ Ë ÒÙÑÖ Ø ÅÁ̸ Á ØÒ × Ø ÊÁÆ ÛÓ× ×ÖÚÖ ´ÛÓ׺ÖÒºÒصº Ì ÊÁÆ ÛÓ× ×ÖÚÖ × ÐÓØ Ó ÓÔØÓÒ× ÛÖÝ ÝÓÙ ÐÑØ Ø ÕÙÖÝ ØÓ ×Ô ØÝÔº ÄØ³× ×Ý Á ÛÒØ ØÓ ÐÓ Ó ÙÔ Ë ¼½ ½¼¼ÑÒ×Ò± ÛÓ× ¹ ÛÓ׺ÖÒºÒØ ¼½ ℄ ÇÖÆÑ Ì²Ì ÏÓÖÐÆØ ­ ¾¼¼¾ Ñ×ØÖ Ç ÆÇÌ ÊÁËÌÊÁÍÌ ¿ ÅEAËÍÊEÅEÆÌ ÌÇÇÄË: ÈÁÆ AÆD ÌÊÊÇÍÌ ÇÖÁ ÌÌÏ ËÆÙÑÖ ¼½ ËÆÑ Ì̹ÁÆÌÊÆÌ ËÀÒР˼½ ÓÑÑÒØ ÊØ ½¹¼¹¿¼ ÍÔØ ¾¼¼¼¹¼¾¹¼½ ÉÙÖ× ÓÒ ×ÙÔ ÖÒØ× Ö Ð×Ó ×ÙÔÔ ÓÖØ ÈÁÆÁ ´ µ Ò ÊÁÈ ´ÛÓ׺ÖÔºÒص ÛÓÖ Ò ×ÑÐÖ ×ÓÒº ÀÓÛ ×ÓÙÐ Û Ó ÓÙØ ¬ÒÒ Ø ÙØÓÒÓÑÓÙ× ×Ý×ØÑ ÓÖ ÒØÛÓÖ ÓÖ ÁÈ Ö×× ÌÖ³× ÒÓØÖ ÛÓ× Ø׸ ʸ ØØ Ô× Ø× ÒÓÖÑØÓÒ ÖÐØÚÐÝ ÙÔ¹Øӹغ ÆÓØ ØØ Ø× × ÓÛ ¹ Ö×ÓÐÚ× ÁÈ Ö××× ØÓ Ë³×º ½¼¼ÑÒ×Ò± ÛÓ× ¹ ÛÓ׺ֺÒØ ½º¿½º¼º¿ ℄ ÖÓÙØ ½º¼º¼º¼» ÁÒ×ØØÙØ Ó ½ ÑÖ×Ø ËØÖØ ÑÖ Å ¼¾½¿¸ ÍË ÓÖÒ Ë¿ ÑÑÖ¹Ó Ê˹ÇÅÅÆËÆÌ ÑÒØ¹Ý ÅÁÆ̹˿ ½¼½½ Ê ¿ Åea×ÙÖeÑeÒØ ÌÓÓÐ×: ÔÒ aÒd ÔÒ × ×ÑÔÐ ÔÖÓÖÑ ØØ ×Ò× Ò ÁÅÈ Ó ÊÕÙ×Ø Ñ×× ØÓ Ò Ò ÛØ× ØÓ Ö Ò ÁÅÈ Ó ÊÔÐݺ ÁØ³× Ù×ÙÐ ÓÖ ØÐÐÒ Ó×Ø × Ö×Ô ÓÒÒ ´Ò ØÖÓÖ ØØ Ø³× ØÙÖÒ ÓÒ¸ ÓÒ Ø ÒØÛÓÖ¸ ÈÒ Ð×Ó ×ÓÛ× Ò ÊÌÌ ÚÐÙ ÓÖ ÖÕÙ×Ø»ÖÔÐÝ ÔÖ¸ Ò ÒÙÑÖº ÈÒ ÛÐÐ Ú ×ÙÑÑÖÝ Ó Ø ÐÓ×× ÖØ × ÛÐк ÆÓØ ØØ Ø ÊÌÌ ÑÝ ÒÓØ ÁÅÈ × ÒÓØ ÓÒ Ø ×Ø ÔØ ÓÖ ÑÒÝ ÖÓÙØÖ׺ ÁÒØÖ×ØÒ ÓÔØÓÒ× ´­Ó Ó ¸ ×ÓÑØÑ× ÖÕÙÖ× ÖÓ Óص¸ ´×Ò ÒÙÑÖ Ó Ø×µ¸ × ´×Ô Ø ×Þ¸ ×ÓÑØÑ× Ù×ÙÐ ÓÖ ÐÓ ÓÒ Ø ÖÑÒØØÓÒµº ÌÖÝ ×ÒÒ ÔÒ× Ó ÐÖ Ø ×Þ¸ Ò Û Ò Ø ÁÈ Á Ò ÙÑÔº × ØÓ ÓÐ ÓÖ ØØÒ ×ÓÑ ÓÙØ Ø ÖÓÙØ ØØ Ó×Ø ×× ØÓ ×ØÒØÓÒº Ì ×Ò× Ò ÁÈ Ø ÛØ ÌÌÄ ÚÐÙ× ¸ ¿ Ô Ö ÌÌÄ ÚÐÙµ¸ Ö×Ô ÓÒ×× ÓÖ ÓÔ ÐÓÒ Ø ÔØ ØÓ Ø Ó×غ ËÓÑ Ò Ð×ØÒ× ÓÖ ÁÅÈ ÌÁÅ ÑÔ ÓÖØÒØ ØÒ× ØÓ ÒÓØ ÓÙØ ¯ ÓÔ ×Ô Ò Ò ´ÖÓÑ Ø Ñ×× Û× ×Òص¸ ÒÓØ Ó×Ø ÓÖ ÖÓÙØÖº ÔØ ÑÝ ØÖÚÖ× ÑÓÖ ØÒ ÓÒ ÓÔ ÓÒ ÖÓÙØÖº ­ ¾¼¼¾ Ñ×ØÖ Ç ÆÇÌ ÊÁËÌÊÁÍÌ 4 ÈEÊÄ ¯ ÁØ ÑÝ Ø ØØ Ø Ó Ø Ñ×× × ×Ø ØÓ Ø ÁÈ Ö×× Ó Ø ÓÙØgÓiÒg Ò ÓÒ Ø ÖØÙÖÒ ÔØ ØÓ Ø Ó×ظ ÖØÖ ØÒ Ø Ò ØØ Ø Ø ÖÖÚ ÓÒº Ì× ÔÖÓ ×ÓÑ ×ÙÖÔÖ×Ò Ö×ÙÐØ׺ ¯ ÐÙÖ Ò Ó × ÒÓØ ÐÙÖ Ø ØØ Ô ÓÒØ ÁØ ÐÙÖ ÐÓÒ Ø ÖÚÖ× Ôظ ÓÖ ÜÑÔк ØÓÒÐÐݸ ¶ Ó × ÒÓØ ÐÙÖ Ø× ÑØ ÑÒ¸ ÓÖ ÜÑÔи ØØ Ø ÖÓÙØÖ Ó × ÒÓØ Ö×Ô ÓÒ ØÓ ÁÅÈ Ñ××׺ ÆÓØ ØØ Ø ÚÖ×ÓÒ Ó ÓÒ ÑÓ×Ø Ò× Ó ×Ò³Ø ×ÙÔÔ ÓÖØ Ø ¹ ÓÔØÓÒº ÓÙ ØÖ Ó Ø× ÑÒÙÐÐÝ ´× ÓÚµ¸ ¬Ò Ø ÊÈÅ ÓÖ ÔÔÖÓÔÖØ Ü×ØÒ ÓÖ ÝÓÙÖ Ò¸ ÓÖ ÓÛÒÐÓ Ø ÆÒÓ Ì ÖÓÑ º¾»ÓØÖ» ÒÒÓºØÖºÞ¸ Ò Ø ÓÖ ÝÓÙÖ Ò ´ÒÓØ ØØ ØÖ ÖÕÙÖ× ×ÙÔ ÖÙ×Ö ÔÖÚÐ× ØÓ ÖÙÒ¸ ÓÖ ÝÓÙ ÑÙ×Ø ×Ø Ø ØÓ ×ØÙ ÖÓ Óظ ÓÖ ÝÓÙ ÛÐÐ Ø Ô ÖÑ××ÓÒ ÖÖÓÖ×µº ½¼¾¼ÑÒ×Ò± ¹ ØÓ ´¾¼º½º½½º½½µ¸ ¿¼ ÓÔ× Ñܸ ¼ ÝØ ½ ´½º¿½º¼º½µ ℄ ½ Ñ× ½ Ñ× ½ Ñ× ¾ ÖÓÐ ´½º¾º½¼º¿µ ℄ ¾ Ñ× ½ Ñ× ½ Ñ× ¿ ¾¹ÊÌʹ½¹Ä˹ÄÁÆúÅÁÌºÍ ´½º¾¼½º½º½µ ℄ Ñ× ¾ Ñ× ¾ Ñ× ÌÊÆĹÊÌʹ¾¹ÃÇƺÅÁÌºÍ ´½º½º¼º¾µ ℄ ¾ Ñ× ¾ Ñ× ¾ Ñ× ØºÒØ ´º¾ººµ ℄ ¾ Ñ× ¾ Ñ× ¾ Ñ× ×Ó¹¹¿¹¼º×ØÒѽ¹ÒÖ¾ºÒÔÐÒغÒØ ´º¾ºº¾¼¾µ ℄ ¾ Ñ× ¿ Ñ× ½ Ñ× ÒغÒØ ´º¾ºº¼µ ℄ Ñ× Ñ× Ñ× ÒغÒØ ´º¾ºº½¼µ ℄ Ñ× Ñ× Ñ× ÐÒغÒØ ´º¼ºº½¾µ ℄ ½¼ Ñ× Ñ× Ñ× ½¼ ¼º×Ó¹¹¼¹¼ºÄ½ºÆºÄÌʺÆÌ ´½¾º¿º½º¾¾µ ℄ Ñ× Ñ× ½¼ Ñ× ½½ ¼º×Ó¹¹¼¹¼ºÌĽºÆºÄÌʺÆÌ ´½¾º¿º¼º½¿µ ℄ Ñ× Ñ× Ñ× ½¾ ¼º×Ó¹½¹¼¹¼ºÌĽºËÄ̺ÄÌʺÆÌ ´½¾º¿º½º½µ ℄ Ñ× Ñ× Ñ× ½¿ ¼º×Ó¹¿¹¼¹¼ºÄ½ºËÄ̺ÄÌʺÆÌ ´½¾º¿ººµ ℄ Ñ× Ñ× Ñ× ½ ½ºÌŹ¼¹¼ºÏ½ºËÄ̽ºÄÌʺÆÌ ´½¾º¿º½ºµ ℄ Ñ× Ñ× Ñ× ½ Ì ´½º½¿¼º½¼º¿µ ℄ Ñ× ¿ Ñ× ¿ Ñ× ½ ÞÙ׺ÖÓ׺ÒØ ´¾¼º½¿º½º½½½µ ℄ Ñ× Ñ× Ñ× ½ ´¾¼º½º½½º½½µ ℄ Ñ× ¿ Ñ× Ñ× 4 ÈeÖÐ ÁÒ Ø× Û³ÐÐ × ÓÛ ØÓ Ù× ÈÖÐ ´ Ô ÓÔÙÐÖ ÐÒÙµ ØÓ Ô ÖÓÖÑ ØÛÓ ÒÐÝ×× Ø×× ÓÒ ÙÑÔ ¬Ð ¯ ÓÙÒØ Ø ÒÙÑÖ Ó ÝØ× ØÖÒ×ÖÖ ÖÓÑ ÓÒ Ó×Ø ØÓ ÒÓØÖ ¯ ÈÐÓØ Ò ÆÓØ ØØ Ø ÓÐÐÓÛÒ Ó × ÒÓØ ×ÓÛ ÝÓÙ ÓÛ ØÓ Ù× ×ÓÑ ØÒ׸ × ÖÖÝ× Ò ×׸ ÛÐÐ Ð×Ó ÐÔÙÐ ÓÖ Ø ÔÖÓÐÑ ×غ ÓÖ Ø× ÒÓÖÑØÓÒ ´Ò ÓÖ ÑÓÖ ­ ¾¼¼¾ Ñ×ØÖ Ç ÆÇÌ ÊÁËÌÊÁÍÌ Linux Network Administrators Guide (Reference: http://www.faqs.org/docs/linux_network/index.html) 3.2.
Recommended publications
  • Implementing Cisco Cyber Security Operations
    2019 CLUS Implementing Cisco Cyber Security Operations Paul Ostrowski / Patrick Lao / James Risler Cisco Security Content Development Engineers LTRCRT-2222 2019 CLUS Cisco Webex Teams Questions? Use Cisco Webex Teams to chat with the speaker after the session How 1 Find this session in the Cisco Live Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space Webex Teams will be moderated cs.co/ciscolivebot#LTRCRT-2222 by the speaker until June 16, 2019. 2019 CLUS © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • Goals and Objectives • Prerequisite Knowledge & Skills (PKS) • Introduction to Security Onion • SECOPS Labs and Topologies • Access SECFND / SECOPS eLearning Lab Training Environment • Lab Evaluation • Cisco Cybersecurity Certification and Education Offerings 2019 CLUS LTRCRT-2222 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Goals and Objectives: • Today's organizations are challenged with rapidly detecting cybersecurity breaches in order to effectively respond to security incidents. Cybersecurity provides the critical foundation organizations require to protect themselves, enable trust, move faster, add greater value and grow. • Teams of cybersecurity analysts within Security Operations Centers (SOC) keep a vigilant eye on network security monitoring systems designed to protect their organizations by detecting and responding to cybersecurity threats. • The goal of Cisco’s CCNA Cyber OPS (SECFND / SECOPS) courses is to teach the fundamental skills required to begin a career working as an associate/entry-level cybersecurity analyst within a threat centric security operations center. • This session will provide the student with an understanding of Security Onion as an open source network security monitoring tool (NSM).
    [Show full text]
  • Hands-On Network Forensics, FIRST 2015
    2015-04-30 WWW.FORSVARSMAKTEN.SE Hands-on Network Forensics Workshop Preparations: 1. Unzip the virtual machine from NetworkForensics_ VirtualBox.zip on your EXTENSIVE USE OF USB thumb drive to your local hard drive COMMAND LINE 2. Start VirtualBox and run the Security Onion VM IN THIS WORKSHOP 3. Log in with: user/password 1 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE Hands-on Network Forensics Erik Hjelmvik, Swedish Armed Forces CERT FIRST 2015, Berlin 2 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE Hands-on Network Forensics Workshop Preparations: 1. Unzip the virtual machine from NetworkForensics_ VirtualBox.zip on your EXTENSIVE USE OF USB thumb drive to your local hard drive COMMAND LINE 2. Start VirtualBox and run the Security Onion VM IN THIS WORKSHOP 3. Log in with: user/password 3 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE ”Password” Ned 4 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE SysAdmin: Homer 5 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE PR /Marketing: Krusty the Clown 6 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE Password Ned AB = pwned.se 7 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE pwned.se Network [INTERNET] | Default Gateway 192.168.0.1 PASSWORD-NED-XP www.pwned.se | 192.168.0.53 192.168.0.2 [TAP]--->Security- | | | Onion -----+------+---------+---------+----------------+------- | | Homer-xubuntu Krustys-PC 192.168.0.51 192.168.0.54 8 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE Security Onion 9 FM CERT 2015-04-30 WWW.FORSVARSMAKTEN.SE Paths (also on Cheat Sheet) • PCAP files: /nsm/sensor_data/securityonion_eth1/dailylogs/ • Argus files:
    [Show full text]
  • CIT 485: Network Forensics
    CIT 485/585 Network Forensics The primary objective of this assignment is to learn a process for investigating security incidents and to give students practice analyzing such an incident using captured network data. 1S TUDENT LEARNING OUTCOMES 1. Describe digital evidence and how the type of legal dispute affects evidence used to resolve it. 2. Describe the steps of the OSCAR network forensics methodology. 3. Identify and decode protocols used on non-standard ports. 4. Investigate suspicious network data for malicious activity. 2D IGITAL EVIDENCE Digital evidence refers to any data collected in digital form from any computer, whether that computer is a desktop, mobile device, game console, printer, or IoT device. A primary goal of digital forensics is ensuring evidence integrity, the preservation of evidence in its original form. Evidence integrity is supported by a chain of custody, a set of documentation that describes the acquisition, copying, and analysis of digital evidence. As analysis of digital data often changes that data (reading a file will not modify the file itself but will change the last accessed time on the file), cryptographic checksums such as SHA-256 are often used to ensure that copies of digital evidence match the original evidence. Details of digital evidence handling are discussed in CIT 430: Computer Forensics. Digital evidence in a criminal case is returned through an inventory of items take through a search warrant. Any devices that may contain an embedded computer can contain digital evidence. Defense attorneys can request an invetory of items and obtain forensic copies of the data from those devices.
    [Show full text]
  • Network Forensics
    Network Forensics Michael Sonntag Institute of Networks and Security What is it? Evidence taken from the “network” In practice this means today the Internet (or LAN) In special cases: Telecommunication networks (as long as they are not yet changed to VoIP!) Typically not available “after the fact” Requires suspicions and preparation in advance Copying the communication content At the source (=within the suspects computer): “Online search” This could also be a webserver, e.g. if it contains illegal content “Source” does NOT mean that this is the client/initiator of communication/… At the destination: See some part of the traffic Only if unavoidable or the only interesting part Somewhere on the way of the (all?) traffic: ISP, physically tapping the wires, home routers etc. Network Forensics 2 Problems of network forensics “So you have copied some Internet traffic – but how is it linked to the suspect?” The IP addresses involved must be tied to individual persons This might be easy (location of copying) or very hard “When did it take place?” Packet captures typically have only relative timestamps But there may be lots of timestamps in the actual traffic! As supporting evidence to some external documentation “Is it unchanged?” These are merely packets; their content can be changed Although it is possible to check e.g. checksums, this is a lot of work and normally not done Treat as any other digital evidence Hash value + Chain of Custody; work on copies only Network Forensics 3 Scenario Suspect: Mallory Malison; released
    [Show full text]
  • Guide to Computer Forensics and Investigations Fourth Edition
    Guide to Computer Forensics and Investigations Fourth Edition Chapter 11 Virtual Machines, Network Forensics, and Live Acquisitions Objectives • Describe primary concerns in conducting forensic examinations of virtual machines • Describe the importance of network forensics • Explain standard procedures for performing a live acquisition • Explain standard procedures for network forensics • Describe the use of network tools Guide to Computer Forensics and Investigations 2 Virtual Machines Overview • Virtual machines are important in today’s networks. • Investigators must know how to detect a virtual machine installed on a host, acquire an image of a virtual machine, and use virtual machines to examine malware. Virtual Machines Overview (cont.) • Check whether virtual machines are loaded on a host computer. • Check Registry for clues that virtual machines have been installed or uninstalled. Network Forensics Overview • Network forensics – Systematic tracking of incoming and outgoing traffic • To ascertain how an attack was carried out or how an event occurred on a network • Intruders leave trail behind • Determine the cause of the abnormal traffic – Internal bug – Attackers Guide to Computer Forensics and Investigations 5 Securing a Network • Layered network defense strategy – Sets up layers of protection to hide the most valuable data at the innermost part of the network • Defense in depth (DiD) – Similar approach developed by the NSA – Modes of protection • People • Technology • Operations Guide to Computer Forensics and Investigations
    [Show full text]
  • Contents in Detail
    CONTENTS IN DETAIL ACKNOWLEDGMENTS xv INTRODUCTION xvii Why This Book? .....................................................................................................xvii Concepts and Approach ........................................................................................xviii How to Use This Book ............................................................................................. xix About the Sample Capture Files ................................................................................ xx The Rural Technology Fund ....................................................................................... xx Contacting Me ........................................................................................................ xx 1 PACKET ANALYSIS AND NETWORK BASICS 1 Packet Analysis and Packet Sniffers ............................................................................. 2 Evaluating a Packet Sniffer ............................................................................ 2 How Packet Sniffers Work............................................................................. 3 How Computers Communicate.................................................................................... 4 Protocols ..................................................................................................... 4 The Seven-Layer OSI Model .......................................................................... 5 Data Encapsulation .....................................................................................
    [Show full text]
  • Linux Networking Cookbook.Pdf
    Linux Networking Cookbook ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Mike Loukides Indexer: John Bickelhaupt Production Editor: Sumita Mukherji Cover Designer: Karen Montgomery Copyeditor: Derek Di Matteo Interior Designer: David Futato Proofreader: Sumita Mukherji Illustrator: Jessamyn Read Printing History: November 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc. Java™ is a trademark of Sun Microsystems, Inc. .NET is a registered trademark of Microsoft Corporation. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense
    Bleed rule--remove from file Bleed rule--remove from file MITRE’s accumulated Ten Strategies of a World-Class Cybersecurity Operations Center conveys MITRE’s expertise on accumulated expertise on enterprise-grade computer network defense. It covers ten key qualities enterprise- grade of leading Cybersecurity Operations Centers (CSOCs), ranging from their structure and organization, computer MITRE network to processes that best enable effective and efficient operations, to approaches that extract maximum defense Ten Strategies of a World-Class value from CSOC technology investments. This book offers perspective and context for key decision Cybersecurity Operations Center points in structuring a CSOC and shows how to: • Find the right size and structure for the CSOC team Cybersecurity Operations Center a World-Class of Strategies Ten The MITRE Corporation is • Achieve effective placement within a larger organization that a not-for-profit organization enables CSOC operations that operates federally funded • Attract, retain, and grow the right staff and skills research and development • Prepare the CSOC team, technologies, and processes for agile, centers (FFRDCs). FFRDCs threat-based response are unique organizations that • Architect for large-scale data collection and analysis with a assist the U.S. government with limited budget scientific research and analysis, • Prioritize sensor placement and data feed choices across development and acquisition, enteprise systems, enclaves, networks, and perimeters and systems engineering and integration. We’re proud to have If you manage, work in, or are standing up a CSOC, this book is for you. served the public interest for It is also available on MITRE’s website, www.mitre.org. more than 50 years.
    [Show full text]
  • CIT 485: Exploit Kits
    CIT 485/585 Exploit Kits The primary objective of this assignment is to learn how exploit kits act to compromise victims and how such malware attempts to hide itself. This lesson comes with a set of files containing captured packets in either the PCAP or PCAPNG formats. Sections of the lesson will refer to the appropriate packet capture files to use by name. Use the references in the References section at the bottom of the lesson when needed to answer questions about the protocols in the lesson. STUDENT LEARNING OUTCOMES 1. Identify malware activity in captured network traffic. 2. Extract files transferred over HTTP. 3. Determine if files are malicious using local and cloud anti-malware tools. INTRODUCTION The objective of this assignment is to learn how to use network data to detect and respond to malware attacks. We will use PCAP tools like Wireshark, the snort IDS, and a two new tools: Clam AV and justniffer. To install ClamAV, run the following commands on your Kali VM. # apt-get update # apt-get install clamav # freshclam Clam AV is a free anti-virus program, which we can use to determine whether executables found in network traffic are malware or not. In addition to ClamAV, we can upload extracted files (or entire pcap files) to VirusTotal to evaluate files using dozens of anti-virus programs. Note that VirusTotal archives uploaded files, so the site should only be used with files that do not contain confidential or sensitive information. Uploading malware executables or example PCAPs from this assignment is fine. Packet captures from corporate networks typically need to have data removed or altered to avoid giving away confidential data and non-confidential but still sensitive data like IP addresses.
    [Show full text]
  • PCAP Command-Line Madness!
    PCAP Command-Line Madness! Hal Pomeranz / [email protected] / @hal_pomeranz tcpdump You can use it to capture some packets tcpdump –n –i ens0 –w full-packets.pcap Or maybe just the packet headers tcpdump –n –i ens0 –s 160 –w headers-only.pcap But did you know? You can capture a collection of PCAP files tcpdump –n –i ens0 –w mypcap –C 1000 –W 7 tcpdump –n –i ens0 –w mypcap-%j –G 86400 –W 14 You can filter large PCAPs into smaller chunks tcpdump –n –r large.pcap –w dns.pcap 'port 53' tcpdump –n –r large.pcap –w smb.pcap 'tcp and port 445' tshark All the filtering power of Wireshark Only output the fields you want It's like AWK for packets! tshark -n -r example.pcap -Y http.request -T fields -e frame.time -e ip.src -e http.request.method -e http.host -e http.request.uri -e http.user_agent -e http.referer Ugh! That timestamp! Default timestamp format is ugly Sneaky conversion trick: -e frame.time_epoch + AWK tshark -n -r example.pcap -Y http.request -T fields -e frame.time_epoch … | awk '{$1=strftime("%F %T", $1); print}' Because I sed So tshark and shell commands go great together! Let's look at Google search activity in a PCAP tshark -n -r example.pcap -Y 'http.host contains google.com and http.request.uri contains "/search?"' -T fields -e http.request.uri | sed 's/.*q=//' | sed 's/&.*//' The Command-Line Histogram Find the most visited web sites tshark -n -r example.pcap -Y 'http.request' -T fields -e http.host | sort | uniq -c | sort -n Noise Reduction Only track sites with Google analytics cookies Gives you top web sites visited, no advertising domains tshark -n -r example.pcap -Y 'http.cookie contains "_utm"' -T fields -e http.host | sort | uniq -c | sort -n Other Useful PCAP Tools capinfos – Show basic PCAP stats editcap – Split PCAPs by date and time ngrep – String searching in packet content tcpflow – Write TCP streams to files nfpcapd – Create Netflow data from PCAP Snort and Bro can also read from PCAPs! Thanks For Listening! Any final questions? Hal Pomeranz [email protected] @hal_pomeranz Slides! – http://deer-run.com/~hal/.
    [Show full text]
  • System Administration Training Available!
    LISA ’06 offers the most in-depth, real-world system administration training available! A Blueprint for Real World System Administration 20TH LARGE INSTALLATION SYSTEM ADMINISTRATION CONFERENCE DECEMBER 3–8, 2006 | WASHINGTON, D.C. Register by November 10 and save! www.usenix.org/lisa2006 CONFERENCE AT A GLANCE Saturday, December 2 5:00 p.m.–8:00 p.m. On-Site Registration 6:00 p.m.–7:00 p.m. Welcome Get-Together 7:00 p.m.–8:00 p.m. Conference Orientation Sunday, December 3 7:30 a.m.–5:00 p.m. On-Site Registration 9:00 a.m.–5:00 p.m. Training Program Building a 9:00 a.m.–5:00 p.m. Workshops 12:30 p.m.–1:30 p.m. Luncheon for Training Sysadmin & Workshop Attendees Monday, December 4 7:30 a.m.–5:00 p.m. On-Site Registration Community 9:00 a.m.–5:00 p.m. Training Program 9:00 a.m.–5:00 p.m. Workshops 12:30 p.m.–1:30 p.m. Luncheon for Training & Workshop Attendees WHY ATTEND LISA ’06? 7:00 p.m.–11:00 p.m. Birds-of-a-Feather Sessions “There is always one thing that I learn that makes me want to shout, ‘That just paid for the entire conference!’ Also, there Tuesday, December 5 have been many times when I learned about a new sysadmin 7:30 a.m.–5:00 p.m. On-Site Registration tool at LISA years before it was popular: that’s really helped me 9:00 a.m.–5:00 p.m.
    [Show full text]
  • Evaluating the Availability of Forensic Evidence from Three Idss: Tool Ability
    Evaluating the Availability of Forensic Evidence from Three IDSs: Tool Ability EMAD ABDULLAH ALSAIARI A thesis submitted to the Faculty of Design and Creative Technologies Auckland University of Technology in partial fulfilment of the requirements for the degree of Masters of Forensic Information Technology School of Engineering, Computer and Mathematical Sciences Auckland, New Zealand 2016 i Declaration I hereby declare that this submission is my own work and that, to the best of my knowledge and belief, it contains no material previously published or written by another person nor material which to a substantial extent has been accepted for the qualification of any other degree or diploma of a University or other institution of higher learning, except where due acknowledgement is made in the acknowledgements. Emad Abdullah Alsaiari ii Acknowledgement At the beginning and foremost, the researcher would like to thank almighty Allah. Additionally, I would like to thank everyone who helped me to conduct this thesis starting from my family, supervisor, all relatives and friends. I would also like to express my thorough appreciation to all the members of Saudi Culture Mission for facilitating the process of studying in a foreign country. I would also like to express my thorough appreciation to all the staff of Saudi Culture Mission for facilitating the process of studying in Auckland University of Technology. Especially, the pervious head principal of the Saudi Culture Mission Dr. Satam Al- Otaibi for all his motivation, advice and support to students from Saudi in New Zealand as well as Saudi Arabia Cultural Attaché Dr. Saud Theyab the head principal of the Saudi Culture Mission.
    [Show full text]