Открыть Электронные книги
Категории
Открыть Аудиокниги
Категории
Открыть Журналы
Категории
Открыть Документы
Категории
I NF O WAT CH T R A F FI C MO NI TO R E NT E R P RI S E 3 .5
. +7 (495) 229-00-22 +7 (495) 229-00-22
http://www.infowatch.com
: 2011
.............................................................................................................................................................................. 5
........................................................................................................................................................................... 5
..................................................................................................................................................... 5
...................................................................................................................................... 6
.................................................................................................................................................... 6
........................................................................................................................ 7
1. INFOWATCH TRAFFIC MONITOR ENTERPRISE 3.5 ........................................................................ 8
1.1. InfoWatch Traffic Monitor Enterprise 3.5 .................................................................................................... 8
1.2. InfoWatch Traffic Monitor Enterprise 3.5....................................................................................................... 9
2. .......................................................................................................................... 10
2.1. ........................................................................................................................... 10
2.1.1. SMTP- ( relay-) .................................................... 10
2.1.2. Sniffer .............................................................................................. 12
2.1.3. HTTP-, ICAP ................................................................. 16
2.1.4. , InfoWatch Device Monitor ...................................................................... 19
2.1.5. DeviceLock ...................................................................................................................... 21
2.2. ............................................................................................................. 23
2.2.1. Traffic Monitor Server......................................................................................................................................... 23
2.2.2. Sniffer.................................................................................................................................................................. 24
2.2.3. IW ICAP ............................................................................................................................................... 25
2.2.4. ................................................................................. 25
2.2.5. Oracle ........................................................................................................................................ 26
2.2.6. Management Console ....................................................................................................................................... 26
2.3. Postfix...................................................................................................................................................... 27
3. ................................................................................................................................... 28
3.1. ................................................................................................................................................. 28
3.1.1. ....................................................................................... 28
3.1.2. ....................................................................................................................... 30
3.2. Traffic Monitor Server ................................................................................................................................................ 39
3.2.1. .................................................................................................................................... 40
3.2.2. .......................................................................................... 45
3.2.2.1. ........................................................................... 45
3.2.2.2. .......................................................................................... 47
3.2.3. ........................................................ 47
3.2.3.1. ................................................................................................ 47
3.2.3.2. ................................................................................................................ 48
3.2.4. DNS Active Directory .......................................................................................... 48
3.2.5. Postfix Traffic Monitor Server .................................................................................. 49
3.2.6. Sniffer ..................................................................................... 50
3.2.6.1. Sniffer ............................................................................................................. 50
3.2.6.2. Traffic Monitor Server.............................................................................................. 51
3.2.7. ........................................ 52
3.2.7.1. () ......................... 52
3.2.7.2. ( ) ...... 54
InfoWatch Traffic Monitor
Enterprise 3.5.
, , ,
InfoWatch Traffic Monitor.
, , InfoWatch Traffic Monitor (Linux, Microsoft Windows).
InfoWatch Traffic Monitor , Oracle.
Oracle.
:
1. InfoWatch Traffic Monitor Enterprise 3.5 (. 8).
.
2. (. 10).
,
; .
3. (. 28).
.
.
4. (. 63).
.
5. (. 70).
.
A. Oracle (. 75).
Oracle.
.
B. (. 86).
,
.
C. (. 88).
, , .
D. (. 93).
,
.
:
InfoWatch Traffic Monitor Enterprise 3.5. .
InfoWatch Traffic Monitor Enterprise ( ,
/ , ).
InfoWatch Traffic Monitor Enterprise 3.5. .
( , ).
InfoWatch Device Monitor.
InfoWatch Device Monitor.
InfoWatch DeviceLock Adapter. .
InfoWatch DeviceLock Adapter.
InfoWatch DeviceLock Adapter. .
InfoWatch DeviceLock
Adapter.
Oracle. .
. 1.
1.
(, .)
, ,
Courier New
, .
(
), ,
.
/usr/local/infowatch/tm3/etc/tm.
conf, [AUTO_RESTART]
COURIER NEW
( )
SQL, PL/SQL,
,
2 , .
7
2.
Courier New
Courier New ()
[]
1 | 2
[]
On | Off
,
:
InfoWatch,
.
InfoWatch , InfoWatch support@infowatch.com.
10-00 18-00 , .
http://www.infowatch.ru/support.html.
: http://www.infowatch.ru/faq/infowatch-traffic-monitor-enterprise. , .
1. INFOWATCH TRAFFIC
MONITOR ENTERPRISE 3.5
:
InfoWatch Traffic Monitor Enterprise 3.5 (. 1.1 . 8).
InfoWatch Traffic Monitor Enterprise 3.5 (. 1.2 . 9).
, ( , )
Management Console
2.
:
(. 2.1 . 10).
(. 2.2 . 23).
Postfix (. 2.3 . 27).
2.1.
:
SMTP- ( relay-) (. 2.1.1 . 10).
Sniffer (. 2.1.2 . 12).
HTTP-, ICAP (. 2.1.3 . 16).
, InfoWatch Device Monitor (. 2.1.4 . 19).
DeviceLock (. 2.1.5 . 21).
.
2.1.1. SMTP- (
relay-)
SMTP- . SMTP- Traffic Monitor Server .
1. , (. . 1).
1. SMTP-
2. SMTP-, ,
(. . 2). SMTP- .
11
2. SMTP-
.
Traffic Monitor Server.
1.
, , ,
:
Traffic Monitor Server (. 2.2.1 . 23).
Oracle (. 2.2.5 . 26).
Management Console (. 2.2.6 . 26).
2.
Postfix
3.
4.
1. , ,
Oracle, .
:
Oracle Linux (. A.2.1 . 83).
Oracle (. A.2.2 . 85).
Oracle (. A.2.3 . 85).
2. (. 3.1 . 28).
12
5.
1 (. . 1). . :
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server DNS (. 3.2.4 . 48).
2 (. . 2). . ( 128 /):
, SMTP-:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.1
. 52).
DNS (. 3.2.4 . 48).
:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.2 . 54).
DNS (. 3.2.4 . 48).
6.
Management Console
2.1.2. Sniffer
(SMTP, HTTP, ICQ) CISCO, SPAN-.
Sniffer. Sniffer Traffic Monitor Server
.
Traffic Monitor Server. Traffic Monitor Server. 3 .
!
Sniffer Traffic Monitor Server , , Sniffer.
.
13
1. (. . 3).
. , .
CISCO
SMTP-, HTTP-,
ICQ-
3.
2. ,
(. . 4). , .
CISCO
Sniffer
4.
14
CISCO
SMTP-, HTTP-, ICQ-
Sniffer
4. . . . (. . 6).
CISCO
( 128 /)
Sniffer
Client
(Traffic Monitor Server)
Server
(Traffic Monitor Server)
6. Sniffer
.
Traffic Monitor Server.
1.
, , ,
:
Traffic Monitor Server (. 2.2.1 . 23).
Sniffer (. 2.2.2 . 24).
Oracle (. 2.2.5 . 26).
Management Console (. 2.2.6 . 26).
2.
15
3.
1. , ,
Oracle, .
:
Oracle Linux (. A.2.1 . 83).
Oracle (. A.2.2 . 85).
Oracle (. A.2.3 . 85).
2. (. 3.1 . 28).
4.
1 (. . 3). . ( ). ,
:
1. Sniffer Traffic Monitor Server (. 3.3 . 59).
2. Traffic Monitor Server DNS (. 3.2.4 . 48).
2 (. . 4). .
( ). ,
:
1. Sniffer (. 3.3 . 59).
2. :
Traffic Monitor Server (. 3.2.1 . 40);
Sniffer (. 3.2.6.1 . 50).
DNS (. 3.2.4 . 48).
3 (. . 5). .
( ).
, :
1. Sniffer (. 3.3 . 59).
2. Traffic Monitor Server:
Traffic Monitor Server (. 3.2.1 . 40).
Sniffer (. 3.2.6.1 . 50).
(. 3.2.6.2 . 51).
DNS (. 3.2.4 . 48).
.2, Traffic Monitor Server.
!
,
. Traffic Monitor Server Traffic
Monitor Server (. . 3.2.9 . 59).
16
4 (. . 6). .
( ).
.
, :
1. Sniffer (. 3.3 . 59).
2. :
Traffic Monitor Server (. 3.2.1 . 40);
(. . 3.2.7.1
. 52).
Sniffer (. 3.2.6.1 . 50).
DNS (. 3.2.4 . 48).
:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.2
. 54).
DNS (. 3.2.4 . 48).
5.
Management Console
2.1.3. HTTP-,
ICAP
- ICAP HTTP- Traffic Monitor Server .
/ .
:
- Blue Coat, HTTPS. - Blue Coat , HTTPS Traffic Monitor Server HTTP-.
: NTLM, LDAP, Basic, Digest.
!
Traffic Monitor Server - ICAP- .
, HTTP(S)- - (SQUID, Blue Coat).
.
17
1. , (. . 7).
7. HTTP-, ICAP
2 . , HTTP- .
HTTP- .
(. . 8).
8. HTTP-,
.
Traffic Monitor Server.
1.
, , ,
:
Traffic Monitor Server (. 2.2.1 . 23).
IW ICAP (. 2.2.3 . 25).
Oracle (. 2.2.5 . 26).
Management Console (. 2.2.6 . 26).
18
2.
3.
, ,
Oracle, .
:
Oracle Linux (. A.2.1 . 83).
Oracle (. A.2.2 . 85).
Oracle (. A.2.3 . 85).
(. 3.1 . 28).
4.
1 (. . 7). . :
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
IW ICAP (. . 3.2.8 . 55).
DNS (. 3.2.4 . 48).
2 (. . 8). . ( 128 /):
, HTTP, ICAP:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
IW ICAP (. . 3.2.8 . 55).
DNS (. 3.2.4 . 48).
Traffic Monitor Server
(. . 3.2.7.1 . 52).
:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.2
. 54).
DNS (. 3.2.4 . 48).
5.
Management Console
19
Http Normal
Transparent.
InfoWatch Traffic Monitor. .
.
Traffic Monitor Server.
1.
, , ,
:
Traffic Monitor Server (. 2.2.1 . 23).
Oracle (. 2.2.5 . 26).
Management Console (. 2.2.6 . 26).
20
2.
3.
1. , ,
Oracle, .
:
Oracle Linux (. A.2.1 . 83).
Oracle (. A.2.2 . 85).
Oracle (. A.2.3 . 85).
2. (. 3.1 . 28).
4.
1 (. . 9). . :
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server DNS (. 3.2.4 . 48).
2 (. . 10). . ( 128 /):
, InfoWatch Device Monitor:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.1
. 52).
DNS (. 3.2.4 . 48).
:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.2
. 54).
DNS (. 3.2.4 . 48).
5.
Management Console
21
2.1.5. DeviceLock
, DeviceLock, Traffic Monitor Server .
1. , (. . 11).
11. DeviceLock
12. DeviceLock
.
Traffic Monitor Server.
1.
, , ,
:
Traffic Monitor Server (. 2.2.1 . 23).
Oracle (. 2.2.5 . 26).
Management Console (. 2.2.6 . 26).
InfoWatch DeviceLock Adapter (. InfoWatch DeviceLock Adapter. ).
22
2.
3.
, ,
Oracle, .
:
Oracle Linux (. A.2.1 . 83).
Oracle (. A.2.2 . 85).
Oracle (. A.2.3 . 85).
(. 3.1 . 28).
4.
1 (. . 11). . :
1. InfoWatch DeviceLock Adapter. :
InfoWatch DeviceLock Adapter. .
InfoWatch DeviceLock Adapter. .
2. Traffic Monitor Server (. 3.2.1 . 40).
3. Traffic Monitor Server DNS (. 3.2.4 . 48).
2 (. . 12). . ( 128 /):
, DeviceLock:
1. InfoWatch DeviceLock Adapter. :
InfoWatch DeviceLock Adapter. .
InfoWatch DeviceLock Adapter. .
2. Traffic Monitor Server (. 3.2.1 . 40).
3. Traffic Monitor Server:
(. . 3.2.7.1
. 52).
DNS (. 3.2.4 . 48).
:
1. Traffic Monitor Server (. 3.2.1 . 40).
2. Traffic Monitor Server:
(. . 3.2.7.2
. 54).
DNS (. 3.2.4 . 48).
5.
23
Management Console
2.2.
:
Traffic Monitor Server (. 2.2.1 . 23).
Sniffer (. 2.2.2 . 24).
IW ICAP (. 2.2.3 . 25).
(. 2.2.4 . 25).
Oracle (. 2.2.5 . 26).
Management Console (. 2.2.6 . 26).
xxxx.rpm .
! .
24
2.2.2. Sniffer
100 /
Sniffer 50 /:
: , Red Hat Enterprise Linux Server 5.5 x8632: . https://hardware.redhat.com/.
- HP ProLiant DL 360 G7 Server.
: Intel Xeon E5502 1.87.
: 4 DDR3.
: SAS 300 (10000 rpm).
:
Gigabit Ethernet
Sniffer :
SPAN- CISCO.
SPAN- (
, ), SPAN-
.
. ,
Traffic Monitor Server ( Sniffer Traffic Monitor Server ).
Sniffer c Traffic Monitor Server,
, Traffic Monitor Server . 2.2.1 . 23.
25
Sniffer , :
xxxx.rpm .
! .
2.2.3. IW ICAP
IW ICAP HTTP- -.
HTTP- Traffic Monitor Server ICAP ICAP-.
ICAP- -.
Traffic Monitor Server - ICAP- .
-:
SQUID 3.1.7, ICAP.
Cisco IronPort S10.
Blue Coat SG Series ICAP. , Blue Coat Systems .
, , Blue Coat
Proxy SG IW ICAP InfoWatch.
:
HTTPS-, - ,
HTTPS InfoWatch Traffic Monitor Server HTTP.
-. - . . 3.2.8 . 55.
ICAP- ICAP.
Traffic Monitor Server (. . 2.2.1 . 23).
.
2.2.4.
26
2.2.5. Oracle
InfoWatch Traffic Monitor Oracle Database
11g Release 2 (11.2.0.1.0) Linux x64.
8 DDR3
RAID- SAS ( 1
). RAID-
200 GB ( ,
)
xxxx.rpm .
Celeron 1.7
Pentium IV 3
512
.Net Framework
27
2.3. Postfix
:
1. Postfix , SMTP- Sniffer (. . 2.1.2 . 12).
2. (Microsoft Exchange .),
, Postfix relay-.
SMTP- Postfix (. . 2.1.1 . 10),
Traffic Monitor Server :
1. , Postfix ( ) .
2. system-switch-mail:
system-switch-mail
Postfix (MTA).
:
, .
, , :
rpm q system-switch-mail
3. Postfix:
service postfix stop
4. /etc/postfix/main.cf :
inet_interfaces = all
append_dot_mydomain = no
InfoWatch Traffic Monitor SMTP-,
relayhost. ip- ,
SMTP- Traffic Monitor Server.
Traffic Monitor Server SMTP-, relayhost,.
5. sendmail ():
rpm e sendmail
6. Postfix
service postfix start
3.
:
(. 3.1 . 28).
Traffic Monitor Server (. 3.2 . 39).
Sniffer (. 3.3 . 59).
Management Console (. 3.4 . 60).
3.1.
Traffic Monitor Server . :
(. 3.1.1 . 28).
(. 3.1.2 . 30).
!
,
(. 5 . 70).
3.1.1.
(
), . (SMTP-, HTTP- .), .
, . , .
. , . :
N = S/10/32
:
N ,
. .
S ( ).
.
0 1280
()
0 320
321 640
641 960
29
()
961 1280
:
. ,
80% . ( : * 32 .)
00 00 .
, .
(, ). ,
. , , .
.
!
, . ,
HTTP-, TTP- .
32 . :
N = TMAX/32
:
N ,
. .
TMAX ( ).
, 65 3.
. . , ,
, . ,
,
, .
.
, (
).
:
, .
,
. ,
, . -
30
. . , 3
, :
1.
2.
3.
1.
. .
,
1. .
3.1.2.
!
(..
).
1.
, :
Oracle;
Oracle recyclebin off . :
1. :
sqlplus sys@<SID> as sysdba
( <SID> - ), .
2. :
select name, value
from v$parameter p
where lower(p.NAME) = 'recyclebin'
recyclebin ( on),
. :
1. SYS :
alter system set RECYCLEBIN='off' scope=spfile
2. , recyclebin off.
, ,
Oracle 11g R2 (11.2.0.1.0), . , :
[X]:\app\[ ]\product\11.2.0\client_1\BIN\sqlldr.exe
:
[X] , Oracle;
[ ] , .
Oracle . A.2.1 . 83.
, :
, SYSDBA ( , SYS);
31
!
, :
, :
(),;\.:!~`#$%^*-_+ '[]{}|?<>
, .
30 .
, .
, .
(. . 3.1.1 . 28).
2.
CreateSchemaWizard.exe.
, , .
!
.
.
3.
OK.
.
4.
(. . 13) :
. , (
tnsnames.ora).
SYSDBA. , SYSDBA (, SYS).
SYSDBA. ,
SYSDBA.
32
13.
5.
:
B
. 86.
(. . 14):
. .
, _. . 10 .
!
. , .
, . .
, :
(),;\.:!~`#$%^*-_+ '[]{}|?<>
, . Oracle , . 30 .
33
14.
6.
Management Console , .
.
(. . 15):
. .
, _. . 10 . _ADM.
!
. , .
, . .
, :
(),;\.:!~`#$%^*-_+ '[]{}|?<>
, . Oracle , . 30 .
34
15.
7.
. Management Console , .
. .
, _. . 10 .
!
.
, .
, . .
, :
(),;\.:!~`#$%^*-_+ '[]{}|?<>
, . Oracle , . 30 .
35
16.
8.
, (. . 17):
. Linux .
, _. . 10 .
!
Linux . , .
, . .
, :
(),;\.:!~`#$%^*-_+ '[]{}|?<>
, . Oracle , . 30 .
36
17. Linux
9.
!
. 3.1.1 . 28.
(. . 18):
;
;
( );
, ( ).
37
18.
10.
!
. 3.1.1 . 28.
(. . 19):
, .
( );
, ( ).
( ) , .
. , . , 1
, (.. , 3 ).
38
19.
11.
!
. 3.1.1 . 28.
(. . 20):
( 10 ).
, (1 ).
( ).
:
5, .
39
20.
12.
01 00 .
, ( ) . . 100 .
, .
40
(. 3.2.2 . 45).
(. 3.2.3 . 47).
DNS Active Directory (. 3.2.4 . 48).
Postfix Traffic Monitor Server (. 3.2.5 . 49).
Sniffer (. 3.2.6 . 50).
(. 3.2.7 . 52).
IW ICAP (. 3.2.8 . 55).
Traffic Monitor Server c (. 3.2.9 . 59).
3.2.1.
!
Traffic Monitor Server Oracle .
!
,
. Traffic Monitor
Server Traffic Monitor Server (.
. 3.2.9 . 59).
:
Traffic Monitor Server , ,
, (. . 5.4 . 73). Traffic Monitor Server,
, /usr/local/infowatch.
1.
, Traffic Monitor
Server. /etc/hosts IP-, , Traffic Monitor Server:
IP- __
:
10.1.10.120 tmserver.company.com tmserver
:
Reboot
, Linux, rpm-,
. :
rpm qpR xxxx.rpm
xxxx.rpm .
2.
41
2. ( ):
tmcap-x.x.x-x.i686.rpm
.
Sniffer (.
. 2.1.2 . 12).
iwtm-x.x.x-x.i686.rpm
iwtm_gpl_components-x.x.xx.i686.rpm
:
rpm -i /u01/tmcap-3.4.3-59.i686.rpm
rpm -i /u01/iwtm-3.4.3-59.i686.rpm
rpm -i /u01/iwtm_gpl_components-3.4.3-59.i686.rpm
tmcap /lib/modules/unam-r/extra.
iwtm /usr/local/infowatch/tm3.
gpl_components /usr/local/infowatch/tm3/tools.
3.
setup.sh:
/usr/local/infowatch/tm3/setup.sh
:
1. Enter user name to be used as an owner of InfoWatch Traffic Monitor
Traffic Monitor Server, . iwtm.
2. Enter group name to be used as an owner of InfoWatch Traffic Monitor
, InfoWatch Traffic
Monitor.
Oracle ( oinstall).
Oracle.
3. Select ip-addresses for IW SMTP Server
IP-, iw_smtpd
. :
IP-, , Traffic Monitor Server
( IP- );
42
127.0.0.1 , (
Postfix);
0.0.0.0 IP- ( ).
:
SMTP- ,
.
4. Select a port to be listened
,
iw_smtpd. (2025) Postfix.
5. Select a type of IW SMTP Server MTA installation
. :
relay to a Postfix instance running on localhost Postfix , Traffic Monitor Server ( ).
, Postfix.
relay to another smtp-server Postfix .
, Postfix ,
( ).
6. . ,
5.
, .. Traffic Monitor Server Postfix , :
Hostname of this machine
, Traffic Monitor Server.
, setup.sh.
Enter a port number used by target smtp-server
relay-, (
2020).
, .. Postfix ,
:
Enter a hostname or ip-address of target smtp-server
IP- relay-, .
Enter a port number used by target smtp-server
relay-, (
25).
7. Select Oracle Home to be used
, Oracle. ORACLE_HOME /etc/profile.
Oracle, . .
8. Oracle:
Oracle User Name (InfoWatch Traffic Monitor Linux DB User)
Linux ( , .
. 3.1.2 . 30, 6). IWTM_LINUX.
43
tnsnames.ora
/ORACLE_HOME/network/admin ( /ORACLE_HOME ,
Oracle).
9. Do you want to set up interaction with Postfix?
, Postfix SMTP- (
y ). :
SMTP- Postfix
y ( )
SMTP-
. SMTP-. Postfix
y ( )
SMTP- Sniffer
4.
:
Traffic Monitor Server Sniffer (.
. 2.1.2 . 12, 2 4), .
.
30 Traffic Monitor Server. , (. . 3.2.2 . 45).
. , (.
. 3.2.3 . 47).
5.
Postfix
Traffic Monitor Server Postfix, , (. . 3.2.5 . 49).
Sniffer
44
Sniffer,
Sniffer (. . 3.2.6.1 . 50).
Traffic Monitor Server , (. . 3.2.6.2 . 51).
, , , :
Traffic Monitor Server (.
. 3.2.7.1 . 52;
Traffic Monitor Server
(. . 3.2.7.2 . 54).
IW ICAP
HTTP- ICAP-, IW
ICAP (. . 3.2.8 . 55).
6.
, Traffic
Monitor Server :
iw_smtpd
SMTP-
iw_messed
SMTP- ( Sniffer)
iw_deliverd
SMTP-
iw_sniffer
Sniffer
iw_proxy SMTP
HTTP
ICQ
HTTP-, ICAP-.
iw_proxy HTTP
iw_proxy ICQ
iw_icap
, IW ICAP
iw_expressd
InfoWatch Device
Monitor
DeviceLock
iw_qmover_server
. .
,
iw_qmover_client
.
.
,
45
iw_dbloader
iw_updater
iw_warpd
iw_adlibitum
!
, (iw_smtpd,
iw_proxy, iw_expressd, iw_icap). .
/ :
1. Traffic Monitor Server:
service iw-trafmon stop
2. /usr/local/infowatch/tm3/etc/tm.conf, [AUTO_RESTART] :
, : autorestart = On
( iw_sniffer):
iw_sniffer:
autorestart = On
, : autorestart = Off
3. Traffic Monitor Server:
service iw-trafmon start
3.2.2.
:
(. 3.2.2.1 . 45).
(. 3.2.2.2 . 47).
3.2.2.1.
30 Traffic
Monitor Server. , , .
iw_licence.dat,
.
iw_customer.dat. iw_lickey, Traffic
Monitor Server. , iw_lickey ,
.
. 3.2.2.2 . 47.
:
( iw_licence.dat) - , (
iw_customer.dat). , iw_licence.dat
InfoWatch Traffic Monitor .
46
iw_licence.dat - .
,
:
;
Traffic Monitor Server;
.
( ) , .
(. 5 . 70).
, . , :
SMTP- ( relay-)
SMTP ,
InfoWatch Traffic Monitor.
Postfix . . 2.3
. 27 . 3.2.5 . 49
SMTP- (
relay-).
HTTP- ICAP
DeviceLock
47
3.2.2.2.
!
Traffic Monitor
Server. Traffic Monitor Server .
Sniffer ( Traffic Monitor Server) .
:
1. iw_lickey, /usr/local/infowatch/tm3/bin. /usr/local/infowatch/tm3/bin
iw_customer.dat.
2. iw_customer.dat
InfoWatch. iw_customer.dat iw_licence.dat.
3. iw_licence.dat,
InfoWatch,
/usr/local/infowatch/tm3/etc. iw_licence.dat, .
!
, iw_customer.dat.
HTTP- ICAP, iw_licence.dat Traffic Monitor Server (
iwtm):
chown iwtm:oinstall iw_licence.dat
:
Traffic Monitor Server /usr/local/infowatch/tm3/etc/tm.conf,
[GENERAL], user.
4. , Traffic Monitor Server:
service iw-trafmon restart
!
, (iw_smtpd,
iw_proxy, iw_expressd). .
3.2.3.
:
(. 3.2.3.1 . 47).
(. 3.2.3.2 . 48).
3.2.3.1.
. Traffic
Monitor Server . , .
48
license, trial.info. (
30 ):
( ) + (
);
( ) + ( ).
.
, .
, .
( ) Traffic Monitor Server.
:
;
.
3.2.3.2.
!
Traffic Monitor Server.
Traffic Monitor Server
.
:
1.
Traffic
/usr/local/infowatch/tm3/etc/tm.conf.
Monitor
Server
:
1. InfoWatch. .
2.
Traffic
/usr/local/infowatch/tm3/etc/tm.conf.
Monitor
Server
49
:
search company.com
nameserver 10.10.0.98
nameserver 10.10.0.106
21. Postfix
inet n
n
smtpd
-o content_filter=smtp:127.0.0.1:2025
pickup
fifo n
n
60
1
pickup
-o content_filter=smtp:127.0.0.1:2025
:
127.0.0.1:2020
inet n
n
21
smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o mynetworks=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
50
/usr/local/infowatch/tm3/etc/tm.conf:
tm.conf
[SMTPD]
ListenAddr = 127.0.0.1
ListenPort = 2025
[MESSED]
Relay = 127.0.0.1
RelayPort = 2020
[DELIVERD]
Relay = 127.0.0.1
RelayPort = 2020
3.2.6. Sniffer
:
Sniffer (. 3.2.6.1 . 50).
Traffic Monitor Server (. 3.2.6.2 . 51).
3.2.6.1. Sniffer
Traffic Monitor Server. ,
Sniffer Traffic Monitor Server .
/usr/local/infowatch/tm3/etc/tm.conf, :
[PROXY_SMTP], [PROXY_HTTP],
[PROXY_ICQ]:
SnifferInterface
, CISCO. :
;
SnifferPorts
, . ,
/ .
( )
/ ( ). :
"80, 8080 9090".
SnifferLiveTimeout
(), ESTABLISHED. ,
SnifferOpenTimeout
( )
SnifferCloseTimeout
( )
TIME_WAIT
SnifferQueueMemorySize
( ), . , .
51
: 1 500 . 104857600.
SnifferHost
IP- Sniffer
SnifferPort
, Sniffer
SnifferClusterID
, Traffic
Monitor Server. .
. , icq 1
!
Traffic Monitor Server, , .
SnifferBalancer
(
Traffic Monitor Server iw_proxy). :
Connection. TCP- Traffic
Monitor Server iw_proxy. , Traffic Monitor Server.
SrcIp. Traffic Monitor
Server iw_proxy IP- . ,
IP- Traffic Monitor Server.
! SrcIp
PROXY_HTTP, ICQ-, ( HTTP).
Connection
52
[PROXY_HTTP]:
SnifferClusterID = http
SnifferBalancer = Connection
3.2.7.
:
() (. 3.2.7.1
. 52).
( )
(. 3.2.7.2 . 54).
3.2.7.1.
()
1.
1. , Linux,
. :
rpm qpR /___iwtm/iwtm_qmover-x.x.x-x.i686.rpm
:
rpm -i /u01/iwtm_qmover-3.4.3-59.i686.rpm
53
/usr/local/infowatch/tm3
3. qmover-setup.sh:
/usr/local/infowatch/tm3/qmover-setup.sh
4. :
Select remote queue setup type?
client.
Enter TM EE qmover server's IP address.
IP-, ( ),
. 127.0.0.1.
Enter TM EE qmover server's port number.
, . 16888.
5. Traffic Monitor Server:
service iw-trafmon restart
2.
iw_qmover_client.
iw_dbloader, iw_deliverd iw_adlibitum.
/ :
1. Traffic Monitor Server:
service iw-trafmon stop
2. /usr/local/infowatch/tm3/etc/tm.conf, [AUTO_RESTART] :
, : autorestart = On
( iw_qmover_client):
iw_qmover_client:
autorestart = On
, : autorestart = Off
3. Traffic Monitor Server:
service iw-trafmon start
3.
128 /.
.
iw_qmover_channel__width_setter.
128 / 2 M/ .
:
()
crond
iw_qmover_channel__width_setter .
:
iw_qmover_channel__width_setter <_>
:
_ (/), .
54
9.00 18.00
50%
128
18.00 9.00
100%
256
2. cron :
00 9 * * * iwtm /usr/local/infowatch/tm3/bin/iw_qmover_channel_width_setter 128
00 18 * * * iwtm /usr/local/infowatch/tm3/bin/iw_qmover_channel_width_setter 256
3.2.7.2.
( )
1.
1. , Linux,
. :
rpm qpR /___iwtm/iwtm_qmover-x.x.x-x.i686.rpm
:
rpm -i /u01/iwtm_qmover-3.4.1-169.i686.rpm
:
/usr/local/infowatch/tm3
3. qmover-setup.sh:
/usr/local/infowatch/tm3/qmover-setup.sh
4. :
Select remote queue setup type?
server.
Enter TM EE qmover server's port number.
, , ( ). 16888.
Enter number of clients.
, .
Please enter IP address of client N.
IP- N. 127.0.0.1.
.
55
:
/usr/local/infowatch/tm3/etc/tm.conf, [AUTO_RESTART] iw_qmover_server.
Traffic Monitor Server. . . 3.2.1 . 40, 6 .
2.
:
- N ( c
QueuePath [client_N]).
- (
queue/db).
:
iw_qtool move /u01/client_1 /usr/local/infowatch/tm3/queue/db
4. crond iw_qtool .
3.2.8. IW ICAP
1.
, Linux, IW ICAP. :
rpm qpR /___iwtm/iwtm_icap-x.x.x-x.i686.rpm
2.
IW ICAP
56
:
rpm -i /u01/iwtm_icap-3.4.3-59.i686.rpm
:
/usr/local/infowatch/tm3
:
/usr/local/infowatch/tm3/etc/tm.conf, [AUTO_RESTART] iw_icap.
Traffic Monitor Server. . . 3.2.1 . 40, 6 .
3.
HTTP- -.
!
, HTTP(S)- - (SQUID, Blue Coat).
.
SQUID
- :
ICAP;
ICAP-: Request Mod;
IP- ICAP-, HTTP-. ICAP- IW ICAP. IP- , .
ICAP SQUID 3.1.7
squid.conf :
icap_enable on
icap_preview_enable off
icap_send_client_ip on
icap_send_client_username on
icap_service service_1 reqmod_precache 0 icap://IP_TM_Server:Port_TM_Server/reqmod
icap_class class_1 service_1
icap_access class_1 allow all
never_direct allow all
57
kerberos
2. samba (/etc/samba/smb.conf):
[global]
workgroup = EXAMPLE
server string = Samba server %v
netbios name = machine
security = ADS
realm = EXAMPLE.COM
password server = 192.168.1.1
encrypt passwords = Yes
preferred master = No
domain master = No
:
EXAMPLE , ICAP-;
EXAMPLE.COM DNS ICAP-.
3. kerberos (/etc/krb5.conf):
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
EXAMPLE.COM = {
kdc = dc.example.com:88
admin_server = dc.example.com:749
default_domain = example.com
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
4. /etc/nsswitch.conf:
passwd: files winbind
group: files winbind
shadow: files
squid.example.com
6. smb.conf:
testparm
, samba:
58
7.
net ads join U username
username .
8. winbind:
winbindd
/etc/init.d/smb restart
9. winbind:
, :
wbinfo u
, :
wbinfo g
10. /etc/squid/squid.conf, :
auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
auth_param ntlm children 5
auth_param ntlm keep_alive on
acl ntlm_users proxy_auth REQUIRED
http_access allow ntlm_users
/etc/init.d/squid restart
59
Traffic
Monitor
Server
/usr/local/infowatch/tm3/etc/tm.conf, [FILTER],
.
Traffic Monitor Server, ,
:
service iw-caserv start
3.3. Sniffer
1.
Sniffer
,
Postfix, ( n).
iw_sniffer.
60
,
Traffic Monitor Server. Postfix, ( n).
2.
iw_sniffer.
iw_dbloader, iw_updater, iw_warpd iw_adlibitum.
: iw_proxy ICQ, iw_proxy HTTP, iw_proxy SMTP.
.
Sniffer :
1. Traffic Monitor Server, :
service iw-trafmon stop
2. /usr/local/infowatch/tm3/etc/tm.conf, [SNIFFER],
:
Host. IP-, .
Port. ,
3. iw_sniffer:
service iw-trafmon start
Setup.Gui.Ru. setup.exe.
"InfoWatch Traffic Monitor
Management Console".
.
2.
. , .
3.
61
, Management Console, .
Management Console:
. , .
. , .
.
4.
, , Management Console.
, Management Console.
5.
3.4.2. Oracle
Management Console
Oracle.
Oracle:
1. NLS_LANG RUSSIAN_CIS.AL32UTF8.
:
HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\KEY_OraClient11g_home#\NLS_LANG
# . KEY_OraClient11g_home#
# OraHome_#.
!
(, ,
Oracle), (, ) Oracle.
2. Oracle
tnsnames.ora. :
C:\Program Files\InfoWatch\Traffic Monitor\Management Console\instantclient_11_1
tnsnames.ora , :
IWTM =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = iwtm_host)(PORT = 1521))
)
62
3.4.3.
Management Console :
1. Traffic Monitor Server.
2. .
3. ( ),
.
:
, InfoWatch Traffic
Monitor.
4.
InfoWatch Traffic Monitor, 3.4.0, .
:
(. 4.1 . 63).
(. 4.2 . 64).
(. 4.3 . 65).
4.1.
Traffic Monitor Server .
,
.
!
, .
:
1. (. . 4.2 . 64).
2. (. . 4.3.2 . 67).
3. .
!
Red Hat
Enterprise Linux Server 5.5 x86-32.
InfoWatch Traffic Monitor Enterprise 3.5
. 2.2 . 23.
:
Sniffer
1. Traffic Monitor Server (. . 5.4
. 73).
2. Traffic Monitor Server. :
SMTP- ( relay) (. 2.1.1 . 10).
HTTP-,
ICAP (. 2.1.3 . 16).
, InfoWatch Device Monitor
(. 2.1.4 . 19).
DeviceLock (. 2.1.5 . 21).
64
Sniffer
4.2.
:
1. Traffic Monitor Server:
service iw-trafmon stop
4. , . ( . , . 3.2.6 [QUEUE]).
:
, ,
.
65
4.3.
:
(. 4.3.1 . 65).
(. 4.3.2 . 67).
(. 4.3.3 . 69).
4.3.1.
. :
SELECT vers.get_schema_version
FROM dual
, :
Oracle;
Oracle recyclebin off . :
1. :
sqlplus sys@<SID> as sysdba
( <SID> - ), .
2. SYS :
select name, value
from v$parameter p
where lower(p.NAME) = 'recyclebin'
recyclebin ( on),
. :
1. SYS :
alter system set RECYCLEBIN='off' scope=spfile
2. oracle .
:
lsnrctl stop
dbshut
:
lsnrctl start
dbstart
3. , recyclebin off.
, ,
Oracle 11g R2 (11.2.0.1.0), . , :
[X]:\app\[ ]\product\11.2.0\client_1\BIN\sqlldr.exe
:
[X] , Oracle;
[ ] , .
Oracle . A.2.1 . 83.
66
, SYSDBA ( ,
SYS);
!
, :
, :
,;\.:!~`#$%^*()-_+<'[]{}|>?
, .
15 .
, .
, .
, , . , .
:
, ,
.
, Example ( EX1) EXAMPLE ( EX2),
Example_EX1 EXAMPLE_EX2 .
, :
1. Management Console. , . .
2. IWADDPARTS, IWTM_SYNC_INDEXES IWDROP (
), :
BEGIN
dbms_scheduler.disable('IWDROP',true);
dbms_scheduler.disable('IWADDPARTS',true);
dbms_scheduler.disable('IWTM_SYNC_INDEXES',true);
COMMIT;
END;
3. , .
user_scheduler_jobs, :
SELECT job_name,next_run_date,last_run_duration
FROM user_scheduler_jobs
:
job_name .
next_run_date .
last_run_duration , . null , .
- , .
4. Traffic Monitor Server:
service iw-trafmon stop
67
4.3.2.
. ( 1 ).
!
(..
).
:
1. , (. . 4.3.1 . 65).
2. , , *. .
1.
CreateSchemaWizard.
Setup.exe.
, , .
!
.
.
2.
OK.
.
.
3.
(. . 23) :
. , (
tnsnames.ora).
SYSDBA. , SYSDBA (, SYS).
SYSDBA. SYSDBA.
68
23.
4.
(. . 24):
. .
. .
24.
. .
:
, .
69
4.3.3.
:
1. :
sqlplus db_login/db_password@tns_name
3. . :
/var/log/messages
, InfoWatch.
4. IWADDPARTS, IWTM_SYNC_INDEXES, IWDROP (
):
BEGIN
dbms_scheduler.enable('IWDROP');
dbms_scheduler.enable('IWADDPARTS');
dbms_scheduler.enable('IWTM_SYNC_INDEXES');
COMMIT;
END;
5.
:
(. 5.1 . 70).
(. 5.2 . 72).
IW ICAP (. 5.3 . 72).
Traffic Monitor Server (. 5.4 . 73).
Sniffer (. 5.5 . 74).
Management Console (. 5.6 . 74).
5.1.
:
(. 5.1.1 . 70).
(. 5.1.2 . 71).
5.1.1.
, :
Oracle;
, ,
Oracle 11g R2 (11.2.0.1.0), . Oracle . A.2.1 . 83.
, SYSDBA ( );
, , .
:
:
SELECT vers.get_schema_version
FROM dual
Management Console;
c , .
71
5.1.2.
!
, .
.
:
(. . 5.1.1 . 70).
, , *.
.
1.
CreateSchemaWizard. Setup.exe.
, , .
!
.
.
2.
OK.
.
.
3.
( , . 23)
:
. , (
tnsnames.ora).
SYSDBA. , SYSDBA (, SYS).
SYSDBA. SYSDBA.
.
4.
(. . 25):
. , .
72
25.
. .
.
5.2.
:
1. :
rpm -e iwtm_qmover
(qmover.conf) ,
qmover.conf.rpmsave.
2. ( ) cron , ( . . 3.2.7.1 . 52, 2).
5.3. IW ICAP
HTTP- ICAP , IW_ICAP.
IW_ICAP:
1. Traffic Monitor Server:
service iw-trafmon stop
2. iw_icap /usr/local/infowatch/tm3/etc/tm.conf,
[AUTO_RESTART]:
iw_icap:
autorestart = Off
73
5. - ( . . 3.2.8 . 55,
2).
rpm- iwtm_icap.
rpm- IW ICAP:
:
rpm -e iwtm_icap
(icap.conf) ,
icap.conf.rpmsave.
SMTP ( relay-)
, Postfix (.. ,
). Postfix . . 3.2.5 . 49
SMTP-
(
Postfix)
, Postfix (.. ,
). Postfix . . 3.2.5
. 49.
SMTP-
, InfoWatch Traffic Monitor
:
, (tm.conf, detector.conf,
qmover.conf, icap.conf).
.rpmsave (, tm.conf.rpmsave). ,
, .
.
.
.
InfoWatch Traffic Monitor , .
74
5.5. Sniffer
Sniffer Traffic Monitor Server , Sniffer Traffic Monitor Server (. . 5.4 . 73). .
Sniffer, Traffic Monitor Server:
:
rpm -e iwtm
:
, tm.conf, . tm.conf.rpmsave (, tm.conf.rpmsave). , ,
.
InfoWatch Traffic Monitor , .
A.
ORACLE
Oracle InfoWatch Traffic Monitor.
:
Oracle (. A.1 . 75).
Oracle (. A.2 . 82).
A.1. Oracle
:
(. A.1.1 . 75).
(. A.1.2 . 75).
(. A.1.3 . 77).
A.1.1.
InfoWatch Traffic Monitor.
Oracle Traffic Monitor Server .
, Oracle, :
( ), -.
,
, , .
A.1.2.
Oracle, .
1.
2.
root
root. :
su root
3.
/etc/hosts
/etc/hosts IP-, ,
Oracle:
IP- __
76
:
10.1.10.120 oracle.company.com oracle
4.
oinstall dba:
/usr/sbin/groupadd oinstall
/usr/sbin/groupadd dba
oracle:
/usr/sbin/useradd -g oinstall -G dba oracle
:
passwd oracle
5.
, Oracle :
mkdir -p /u01/app/oracle/data
chown -R oracle:oinstall /u01/app/oracle/data
chmod -R 775 /u01/app/oracle/data
6.
/etc/sysctl.conf :
kernel.sem = 250 32000 100 128
kernel.shmall = 2097152
kernel.shmmax = :
4294967295
kernel.shmmni = 4096
net.ipv4.ip_local_port_range = 9000 65000
net.core.rmem_default = 262144
net.core.rmem_max = 4194304
net.core.wmem_default = 262144
net.core.wmem_max = 1048576
fs.aio-max-nr = 1048576
fs.file-max = 6815744
!
kernel.shmall kernel.shmmax ;
. - /etc/sysctl.conf , .
, :
/sbin/sysctl p
7.
/etc/security/limits.conf
/etc/security/limits.conf :
oracle
oracle
oracle
oracle
8.
soft
hard
soft
hard
nproc
nproc
nofile
nofile
2047
16384
1024
65536
/etc/pam.d/login
/etc/pam.d/login ( ):
session
required
pam_limits.so
9.
77
/etc/profile
/etc/profile :
if [ $USER = "oracle" ]; then
if [ $SHELL = "/bin/ksh" ]; then
ulimit -p 16384
ulimit -n 65536
else
ulimit -u 16384
ulimit -n 65536
fi
umask 022
fi
10. /home/oracle/.bash_profile
/home/oracle/.bash_profile :
ORACLE_BASE=/u01/app/oracle
export ORACLE_BASE
ORACLE_SID=iwtm
export ORACLE_SID
ORACLE_HOME=/u01/app/oracle/product/11.2.0/db_1
export ORACLE_HOME
PATH=$ORACLE_HOME/bin:$PATH
export PATH
11. /etc/fstab
, /etc/fstab :
tmpfs
/dev/shm
tmpfs
defaults
0 0
/dev/shm
tmpfs
size=4g
0 0
:
reboot
A.1.3.
,
.
1.
oracle
oracle. :
su oracle
2.
78
3.
Oracle, :
1. Configure Security Updates (. . 26), , My Oracle Support: e-mail, My Oracle Support .
26. ( 1 20)
79
27. ( 6 20)
28. ( 7 20)
80
8. Database Edition , :
Oracle base (Oracle base),
, ;
Software location (Oracle home),
, .
9. Select Configuration Type General Purpose / Transaction Processing.
10. Specify Database Identifiers :
Global database name .
Oracle Service Identifier SID
ORACLE_SID /home/oracle/.bash_profile. (. A.1.2 . 75,
10).
11. Specify Configuration Options:
Memory Enable Automatic Memory Management
, Oracle, 80% .
Character Sets Use Unicode (AL32UTF8).
:
AL32UTF8
InfoWatch Traffic Monitor.
Security Assert all new security settings.
12. Specify Management Options , Use Database Control for
database management, , ,
Enable mail notifications .
13. Specify Database Storage Options .
Oracle, File
System ( ). Specify database file locations , 1.
14. Specify Recovery Options Do not enable automated backups.
15. Specify Schema Passwords Use the same password for all accounts
Administrative password, Confirm password Oracle.
, :
,; \.:!~`#$%^*()-_+<'[]{}|>?
, . Oracle
. 15 .
:
B
. 86.
16. Operating System Groups (. A.1.2
. 75, 4):
Database Administrator (OSDBA) Group dba.
Database Operator (OSOPER) Group oinstall.
17. Perform Prerequizite Checks ,
.
81
29. ( 17 20)
18. Summary . ,
, Finish .
19. Install Product . root, .
20. .
, Oracle ,
.
A.1.4.
1.
/etc/oratab
/etc/oratab. Y ( N) :
iwtm:/u01/app/oracle/product/11.2.0/db_1:Y
2.
:
1. Operations Configure Database Options.
2. Database , Oracle Label Security (. A.1.3 . 77, 3, . 8: Software location - Oracle home).
3. Database Content Oracle Label Security.
4. Connection Mode Dedicated Server Mode.
82
5. . , .
6. . No, Database Configuration Assistant.
3.
LBACSYS
LBACSYS :
1. Database Control SYSTEM.
2. Schema.
3. Users and privileges Users.
4. Users LBACSYS Edit.
5. Edit User Status Unlocked.
6. Enter Password LBACSYS Confirm Password.
7. System Privileges.
8. SELECT ANY DICTIONARY.
9. Apply.
4.
PL/SQL sys :
alter
alter
alter
alter
alter
alter
alter
5.
system
system
system
system
system
system
system
set
set
set
set
set
set
set
db_keep_cache_size='200M' scope=spfile
db_files=5000 scope=spfile
RECYCLEBIN='off' scope=spfile
nls_territory = russia scope = spfile
nls_language = russian scope = spfile
audit_trail='none' scope=spfile
processes = 1000 scope=spfile
oracle .
1. :
lsnrctl stop
dbshut
2. :
lsnrctl start
dbstart
A.2. Oracle
Oracle 11g R2
(11.2.0.1.0). :
Oracle Linux (. A.2.1 . 83).
Oracle (. A.2.2 . 85).
Oracle (. A.2.3 . 85).
83
A.2.1. Oracle
Linux
Oracle , Traffic
Monitor Server. Oracle , Red Hat Enterprise Linux Server 5.5 x86-32.
:
(. A.2.1.1 . 83).
(. A.2.1.2 . 84).
A.2.1.1.
1.
root
root. :
su root
2.
/etc/hosts
/etc/hosts IP-, ,
Oracle:
IP- __
3.
oinstall dba:
/usr/sbin/groupadd oinstall
/usr/sbin/groupadd dba
oracle:
/usr/sbin/useradd -g oinstall -G dba oracle
:
passwd oracle
4.
, Oracle (
/u01):
mkdir -p /u01/app
chown -R oracle:oinstall /u01/app
chmod -R 775 /u01/app/
5.
/etc/profile
/etc/profile :
ORACLE_BASE=/u01/app/oracle
export ORACLE_BASE
ORACLE_SID=iwtm
export ORACLE_SID
ORACLE_HOME=/u01/app/oracle/product/11.2.0/client_1
export ORACLE_HOME
PATH=$ORACLE_HOME/bin:$PATH
export PATH
84
6.
X Window
.
X Window. :
startx
, :
1. Oracle X ,
:
xhost IP-__
:
xhost 10.60.0.159
2. DISPLAY:
DISPLAY=__X_:0.0; export DISPLAY
:
DISPLAY=myhost.xzy.com:0.0; export DISPLAY
A.2.1.2.
,
Oracle.
1.
oracle
oracle. :
su oracle
2.
directory_path , Oracle.
Oracle Universal Installer /Disk1.
3.
Oracle :
1. Administrator.
2. ORACLE_HOME ( /etc/profile).
Oracle, .
root, .
4.
:
1. Oracle
tnsnames.ora (. . A.2.2 . 85).
2. Oracle (. . A.2.3 . 85).
85
A.2.2.
Oracle
Oracle ,
Oracle, tnsnames.ora.
:
tnsnames.ora /ORACLE_HOME/network/admin (
/ORACLE_HOME , Oracle).
tnsnames.ora ,
:
IWTM =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = iwtm)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = iwtm)
)
)
A.2.3.
Oracle
Oracle, ,
Oracle, :
Oracle. :
sqlplus db_login/db_password@tns_name
, NETWORK/ADMIN/sqlnet.ora sqlnet.ora
#:
# sqlnet.ora Network Configuration File: C:\Oracle\product\11.2.0\Client_1\network\
admin\sqlnet.ora
B.
1 10 .
, _. .
:
, :
(),;\.:!~`#$%^*-_+ '[]{}|?<>
, .
30 .
: SYS_ ORA_.
Oracle:
ACCESS
IDENTIFIED
PUBLIC
ADD
IMMEDIATE
RAW
ALL
IN
RENAME
ALTER
INCREMENT
RESOURCE
AND
INDEX
REVOKE
ANY
INITIAL
ROW
AS
INSERT
ROWID
ASC
INTEGER
ROWNUM
AUDITBETWEEN
INTERSECT
ROWS
BY
INTO
SELECT
CHAR
IS
SESSION
CHECK
LEVEL
SET
CLUSTER
LIKE
SHARE
COLUMN
LOCK
SIZE
COMMENT
LONG
SMALLINT
COMPRESS
MAXEXTENTS
START
CONNECT
MINUS
SUCCESSFUL
CREATE
MLSLABEL
SYNONYM
CURRENT
MODE
SYSDATE
DATE
MODIFY
TABLE
87
DECIMAL
NOAUDIT
THEN
DEFAULT
NOCOMPRESS
TO
DELETE
NOT
TRIGGER
DESC
NOWAIT
UID
DISTINCT
NULL
UNION
DROP
NUMBER
UNIQUE
ELSE
OF
UPDATE
EXCLUSIVE
OFFLINE
USER
EXISTS
ON
VALIDATE
FILE
ONLINE
VALUES
FLOAT
OPTION
VARCHAR
FOR
OR
VARCHAR2
FROM
ORDER
VIEW
GRANT
PCTFREE
WHENEVER
GROUP
PRIOR
WHERE
HAVING
PRIVILEGES
WITH
: 10 30 .
, .
:
;
( .. );
;
;
, .
C.
:
(. C.1 . 88).
Traffic Monitor Server (. C.2 . 92).
C.1.
, ,
.
Traffic Monitor Create Schema Wizard
. ,
, :
. .
Traffic Monitor Create Schema Wizard SQLPlus
Oracle. :
(/)
.
:
(. 3.1.2 . 30).
(. 4.3.2 . 67).
(. 5.1.2 . 71).
89
ORA-01017
/ /
.
:
/ .
:
(. 4.3.2 . 67).
(. 5.1.2 . 71).
90
ORA-12560 SQL*Plus
(/)
: , / . ORA12560:
SQL*Plus:
(/)
. /
/
.
91
, (, .).
:
(. 3.1.2 . 30).
(. 4.3.2 . 67).
(. 5.1.2 . 71).
ORA-20000 ORA-06512
:
;
, , .
:
(
):
SELECT vers.get_schema_version
FROM dual
, .
:
, , (. 24).
,
. :
.
. 5.1.1 . 70.
92
:
/usr/local/infowatch/tm3/bin/scripts/iw-autorestart.sh
ORACLE_HOME.
ORACLE_HOME, Oracle.
iw_messed, iw_deliverd , Oracle
Traffic Monitor Server.
Traffic Monitor Server ( Traffic Monitor Server) oinstall ( Oracle) (. . 3.2.1 . 40).
Linux
Traffic Monitor Server Linux .
Linux ,
:
1. Traffic Monitor Server, :
service iw-trafmon stop
D.
,
MIT (http://www.opensource.org/licenses/mit-license.html):
Lua http://www.lua.org/license.html
LuaBind http://www.rasterbar.com/products/luabind.html
libxml2 http://www.xmlsoft.org/
:
BSD (http://www.opensource.org/licenses/bsd-license.php):
Stringencoders http://code.google.com/p/stringencoders/
GNU GENERAL PUBLIC LICENSE (http://www.gnu.org/licenses/gpl2.0.html):
Pdftotext http://www.foolabs.com/xpdf/
Tnef http://sourceforge.net/projects/tnef/
Unzip http://www.info-zip.org/UnZip.html
libcole.so arturo@directmail.org; andy.scriven@research.natpower.co.uk
libhtmltree.so pauljlucas@mac.com
HTTP-
, HTTP (POST-, GET- . .).
ICQ-
, ICQ.
InfoWatch Device Monitor
, .
InfoWatch Traffic Monitor Management Console
. InfoWatch Traffic
Monitor ( , , . .).
Management Console
.: InfoWatch Traffic Monitor Management Console
SMTP-
, SMTP.
SPAN
Switched Port Analyzer. , , CISCO
Switched Port Analyzer
. SPAN
Traffic Monitor Server
InfoWatch Traffic Monitor, ,
.
XML-
(, , , ..),
Traffic Monitor Server.
95
. .
(Mail Transfer Agent).
, .
. :
. , .
.
, .
.
InfoWatch Traffic Monitor.
. . DAE .
( ). .
. : , ,
Linux ...................................35
....................................................42
iw_lickey................................................................. 45
.............................61
Postfix ..............................................................42, 43
....................33, 34
Oracle
(Linux) ...........................................................77
IP- ........................................ 41
Oracle
tnsnames.ora .....................................................43
............................................... 42
...................................42
...................................67
............................. 42
.......................................71
.............................................. 42
......................................31
................................65
Oracle ............................................. 42
....................................30
....................................70
............................28
iw_customer.dat ..........................................45, 47
iw_licence.dat ..............................................45, 47
............................................... 28, 37
iw_lickey ............................................................ 45
...........................................................28
root .................................................................... 41
Traffic Monitor Server....................... 41
Oracle ......... 41
.................................................. 29, 36
.................. 29, 38