A while back, I set up one of my clients with a DSL connection and installed a LinkSys router/switch with a built-in firewall so that all the computers in the small office could safely connect to the Internet. My client was amazed at the speed of the connection and seemed satisfied with the way everything was working.

Then came January 25 when the Slammer worm—also known as Sapphire and SQL Hell—began hammering the Internet with its lightning-fast replication system. The worm doubled in size every 8.5 seconds when it first began making the rounds and spread so fast and furious that within 10 minutes it had infected about 90 percent of the vulnerable computers, which literally brought the entire Internet to a crawl.

Slammer details

If you want to learn more about the Slammer worm’s amazing propagation speed, check out this research paper by a group of leading security researchers on the Cooperative Association for Internet Data Analysis (CAIDA) Web site.

Of course, it was a while before reports of the devastating effects that the worm had on the Internet as a whole hit the news, and most people, including my client, who happened to be using the Internet around that time, simply saw their connection speed drop to a snail’s pace. Thinking something was wrong with his equipment, my client took me up on my “Give me a call anytime…” offer. With my consultant creed—“A happy customer is a paying customer”—echoing in my head, I dutifully went over to the office to investigate the problem.

When I arrived, I began troubleshooting with the simple approach—I checked the cables to make sure they were all still connected. Finding all the cables intact, I accessed the command prompt on his computer and used the ping command to check connections to the ISP’s servers. I got a response and knew that the Internet connection was still working. I then tried to ping a few of the Web sites my client uses. When those attempts failed, I launched the tracert command to see if I could track down where the connection was breaking down. Tracert quickly revealed the magnitude of the problem; it was then that I realized that what was happening was a much bigger crisis and beyond my control.

While I was working the ping and tracert commands, my client was studying my every move. Once we saw the tracert failures, he asked me to explain the findings. As I described the results of this DOS-based tool displayed on a black screen, my client squinted at the command line and asked me why I was using such an ancient tool on his top-of-the-line computer running the powerful Windows XP graphical user interface.

As I was pondering my professional response, I noticed a group of business graphics—pie charts and bar graphs—pinned to the bulletin board. That’s when I realized that my client really needed to see the results of the tracert command and remembered 3d Traceroute. This nifty program performs the same basic function as the Windows built-in tracert tool does, but it runs in the Windows graphical user interface and creates stunning 3D graphs that you can use to visually analyze the resulting information. I’ll introduce you to 3d Traceroute and show you how to take advantage of some of its features.

Downloading 3d Traceroute
You can get your copy of 3d Traceroute by visiting the author’s Web site and scrolling down to the Download section. When you click the download link, you’ll download the program’s executable file, 3dtr.exe, which amazingly is only 973 KB.

Once you download the file, installing it is as simple as copying the executable file to a folder on your hard disk. Since the program creates its own subdirectory and several support files, I suggest that you create a separate folder for it.

Many extra features

Keep in mind that 3d Traceroute is literally packed with extra features, such as a built-in Web browser, a port scanner, an e-mail header analysis tool, and much more. My main focus in this article is the program’s Traceroute feature, so explore on your own to find all the neat stuff packed into this handy program.

Taking a test drive
When you first launch 3d Traceroute, it will display an example graph, as shown in Figure A. To get started, maximize the window so that you can see all the information displayed on the screen. Then, just type a hostname or IP address of the system to which you want to trace the route in the Target text box and click the Trace button. 3d Traceroute will go to work, and in a moment you’ll begin to see a graph appear as the program compiles the data.

Figure A
3d Traceroute displays an example graph on the screen when you launch it.

As you observe 3d Traceroute during this test drive, you’ll immediately notice a big difference from the standard tracert command. While tracert runs the trace one time through, 3d Traceroute runs the trace continuously. As it runs each new trace, the number in the lower left-hand box of the status bar is incremented and the graph is updated with a new row. This provides you with a nice picture of your connection over time. You can stop the program at any time by clicking the Trace button again.

For this test drive, I suggest that you stop the program and then restart it. As soon as the first trace is complete, go ahead and stop the program again. There will be only one row in the diagram, as shown in Figure B, which will make it easy to study the program in more detail.

Figure B
When you stop the program after the first trace is complete, you’ll have only one row in the diagram.

As you look at the x-axis along the bottom of the graph, you’ll see that it starts at 0, which is the example system, and shows each successive hop in the trace. In this case, there are 11 hops between the example system and the TechRepublic site. The y-axis shows the round-trip time, or RTT, in milliseconds for each hop. As you would expect, the graph gradually climbs with each hop as each successive destination is farther from the starting point. Problem areas would be evidenced by huge spikes in the graph. Keep in mind that any RTT value less than 500 ms is acceptable.

At the top of the graph, on the left side of the toolbar, are the Statistic and History check boxes. Selecting either of these opens smaller windows displaying additional graphs that can help you further analyze the data.

By default, 3d Traceroute displays an orthogonal graph that is centered on the screen at a 45-degree angle with a three-dimensional depth of 15 percent. You can change many of the visual settings by selecting icons on the toolbar and then dragging the diagram with your left and right mouse buttons. For example, you can rotate the graph by selecting Rotate, which is represented by the two yellow arrows. Doing so will allow you to study the graph in amazing detail. You can also select the Diagram Control check box, which brings up the Diagram Control dialog box, as shown in Figure C, where you can use the sliders to adjust the diagram.

Figure C
You can use the sliders in the Diagram Control dialog box to adjust the diagram.

While it’s still in the experimental phase, you can give the graph a more solid look, as shown in Figure D, by selecting the View With OpenGL check box. You can click the OpenGL Settings button to tweak the OpenGL configuration. You’ll notice that this screen shot also shows the Statistic and History graphs.

Figure D
OpenGL gives the graph a more solid look and feel.

To help you get your bearings when studying the graph, you can click the As List tab to see a standard Traceroute table. The really neat feature about the 3d Traceroute table display is that you can right-click on any row and use the commands on the shortcut menu to get more details about a site, as shown in Figure E. For example, selecting Whois | Domain Name will allow you to learn who the site is registered to and contact information.

Figure E
In addition to the standard information, the As List view allows you to use other Internet tools to get more details about a site.

Adjusting the settings
If you click the Settings tab, you’ll see the Settings page, as shown in Figure F, where you can fine-tune the way 3d Traceroute works. While the format of this page is a bit nonstandard, once you get used to it, you’ll find that this flowchart diagram makes sense and helps you to understand how the various settings influence one another.

Figure F
The Settings page uses a flowchart diagram to walk you through the configuration procedure.

You can learn more about each setting by hovering your mouse pointer over the control. A pop-up window will appear containing information on how to use the setting. If the pop-up windows aren’t your cup of tea, you can find the same information on the Web site, which you can access from the About tab.

Taking it to the client
As you may remember, once the Slammer worm was contained, things on the Internet returned to normal. My client was back to accessing the Internet at a normal connection speed. Later that week, I dropped in and gave him a demonstration of the 3d Traceroute program. He now regularly runs the program to monitor his DSL Internet connection.

Since the 3d Traceroute executable is so small, it easily fits on a floppy disk, which means that I can take it with me on every consulting job. Not only is it a very helpful tool for quickly troubleshooting connection problems, its graphical display makes it easy for me to explain to clients how their Internet connection works and point out trouble spots that may slow the connection.