Discussion on:
View:
Show:
Micrsoft has a free packet capture tool called Network Monitor, current version is 3.4. It filters the Windows Processes automatically in the captures which is nice for troubleshooting. You can get it here: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=4865
Determined that a form data from a POST from the client was fragmenting into several packets, and the client request for an updated page based on the form data was being processed sometimes before all of the data packets.
I know that the limitation with this is that it will only see packets directed to the computer running it. From my understanding of how network switches work, that is a mute point anyway. I believe that even in promiscuous mode, an adapter will not be able to monitor what does not reach it. Any insight anyone has about monitoring traffic between two "other" ethernet devices would be appreciated.
I know that the limitation with this is that it will only see packets directed to the computer running it. From my understanding of how network switches work, that is a mute point anyway. I believe that even in promiscuous mode, an adapter will not be able to monitor what does not reach it. Any insight anyone has about monitoring traffic between two "other" ethernet devices would be appreciated.
If you have managed switches in your network, and the devices of concern are attached to one them, you can use a setting to cause all traffic through a number of ports to be "mirrored" to one port. In effect you put one port on your switch into a sort of selective "reverse promiscuous" mode. Can't remember the commands/settings right now, been a while, and I usually rely on memory getting jogged once I am managing a switch 
. Check your switch documentation (ProCurve use a "mirror" setting option).
. Check your switch documentation (ProCurve use a "mirror" setting option). 
The word you are looking for on Cisco gear is "Span". You can Span a port/s to a single monitoring interface. You can also send span traffic to different ports within the network using RSPAN.
http://en.wikipedia.org/wiki/ARP_spoofing
Make the network think you are the gateway, if you're in a position to do something like that.
Make the network think you are the gateway, if you're in a position to do something like that.
Spiceworks may not be as popular, but we use it every day. It is very powerful and very easy to use. They even have a training section for anyone that truly wants to use it to it's fullest potential. www.spiceworks.com
--James
EDIT: NM. I realize that you were looking for more "network 'analyzing' tools."
-J
--James
EDIT: NM. I realize that you were looking for more "network 'analyzing' tools."
-J
I'm a Network Administrator in an environment of over 1000 devices and nodes. I use a combination of the following to gather live stats and/or info at a glance. I'm a huge command-line geek so mostly I use Powershell, PCATTCP, iperf, nmap, wireshark, fping, nbtscan, net-snmp, just to name a few but I find for the GUI monitoring that a multi-tool approach works best. Sometimes, I want all the details without all the configuration work, and sometimes I want all the info at a glance so I can run reports, check heart-beat health etc. I use Spiceworks (sometimes), Nagios and Groundworks but always on display is Zenoss Core Dashboard, Packettrap Dashboard and Foglight Dashboards. I can quickly assess which nodes are experiencing problems and don't put all my eggs in one basket. Of course I'm an information freak and understand I may be a bit extreme in my approach.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
