Wireshark 2 0 What happened with the Statistics Summary Screen
As I get familiar with Wireshark 2.0, I’m finding that there are subtle differences from the previous version. I found the best way to get used to a new version of an application is to install it and go cold turkey. I mean cold turkey in the sense that I don’t want to have the previous version on my hard drive as a security blanket or fallback.
Then I simply go through the motions and replicate all the daily tasks that I use Wireshark for and figure out if the new version has any drastic differences.
In this video I cover what happened with the Statistics-Summary Screen and how it has been combined with the file comments function. ... https://www.youtube.com/watch?v=qZL8kNj0E-A
nChronos Product Quick Tour
As an independent troubleshooter, I am always interested in tools that are portable and provide instant information.
Many times when I am looking at a customer's problem, I cannot assume that they will graciously give me their SNMP strings, access to their network management system. That being the case, RMON and any other flavor of Flow would also be out of the question. Honestly, I hope a customer wouldn't willingly give out that kind of information or access to anyone.
Since my background is protocol analysis, I tend to gravitate to those tools that work from the packet level. Of course I know this isn't always possible, but I'll take whatever I can get. And as the old saying goes, "Packets don't lie".
In this article I am showing you a quick peek at Colasoft's (www.colasoft.com) nChronos product which basically captures packets and uses a slick GUI to control how you report on what it just captured.
The trick with all packet capture tools revolve around a few critical points:
- Make sure the packet capture tool can handle the flow of traffic it is monitoring. For example, in this video I used a laptop to monitor my internet link because I know it isn't a high speed link. I wouldn't use this laptop to monitor a 100 Mb, or greater, since the packet loss would be high.
- Understand your network topology and pick your monitor points carefully as well as decide how you intend to intercept this data. For example, do you use a tap, mirror/span or hub?
- Pay close attention to what the tool does with all those packets to make post processing easier. I have seen protocol analyzers that can capture 1 GB or data, but struggle to load the same trace file it just created.
I also use this tool to investigate what is causing the 2 Mb/s data stream and why my WiFi performance is subpar.
...
https://www.youtube.com/watch?v=5y2haFycmak
Here’s an updated video of my original Fping Quickstart video to cover a few more tips and tricks.
Every technologist needs to have access to tools that have the features covered in the video.
Sure you can buy software, but I always say that there is point when you graduate from free software to commercial software. I just hope when you move to a commercial product, you do so for a specific reason.
For example, you may want a tool that pings with at an interval better than Microsoft’s 1 second interval. Or maybe you need a tool that can ping and increase the size of its payload to determine when fragmentation.
Enjoy
...
https://www.youtube.com/watch?v=GN-vh_FdpHs
Here I use Wireshark to check if my Linksys WVC54GCA in fact stops sending UPnP packets after I disable it.
...
https://www.youtube.com/watch?v=0dg7bjWSx98
Network Janitor - PC Cleanup
I can’t find the words to describe to you how helpful and important it is to understand the protocols used by your devices, operating system and applications.
When I touch on this topic the network people give me the, “it’s not our problem” response.
I understand that in most cases the network staff are not responsible for desktop configurations. But, since computers are responsible for generating additional traffic and possible issues, I believe networking staff should be familiar with desktop protocols and how to generally optimize them. I also suggest all IT staff become familiar with general protocols and their operation.
I have seen computers setup as DHCP servers, access points, routers, and the list goes on. In this example I’m talking about configurations that cause obvious operational issues, but it doesn’t have to be that dramatic. I love telling crowds about one of my most recent troubleshooting engagements where the X-File performance issues ended up being a misconfigured printer. In summary, the printer was configured as an IPV6 DHCP server and router. So everyone had to route through the printer to get off the network.
In my previous job, I was one of the few who learned about protocols, analyzers and how to tune or optimize configurations. For a while there I thought I was fighting an uphill battle trying to convince people this these ‘baselines’ had value and merit.
... read the rest on network computing
...
https://www.youtube.com/watch?v=Mio-m6t6a6A
As part of my project, I have to ensure that the Ubiquiti router, access points and Cisco switch all work properly together.
The concern that was raised was with respect to ensuring that the Ubiquiti access points’ multiple SSIDS/VLANS work with a Cisco switch. The client was a bit technical and read online that this wasn’t easy and told me that he wouldn’t be surprised if I ran into issues.
The advantage I have with this build is that the client purchased new access points, router and had 2 Cisco spare switches I can use to test with. I picked up all the hardware and preconfigured the equipment in my lab.
I was excited to play with the Ubiquiti router since the software has had considerable changes since I last saw it a few years ago. I liked the router had the wireless controller software built in.
Of course, as soon as I powered up the router and logged in, Ubiquiti had a few upgrades to perform which went well had no issues.
The first test was to directly connect the access point to the router and ensure the router configuration worked well. Then I connected the router and access point to the switch with only one vlan and all went well.
Things got a little bumpy when I configured 3 SSIDs/VLANs on the access point, switch and router but eventually figured it out. I have to confess some of it was self-inflicted with the odd typo and not refencing my notes because I swore, I knew better.
Enjoy the video and let me know if you want to see more posts about my project.
...
https://www.youtube.com/watch?v=wnPbJLVp0ig
Testing POE with Pockethernet
Its important for analysts to have basic tool to test their equipment and cables.
The other day I needed to replace a POE injector on a roof and wanted to make sure that the one I found in my box of goodies actually works.
I’ve been in many situations where the equipment or cables I find in a box is there because it doesn’t work.
So I used me pockethernet (www.pockethernet.com) to test the link, poe and network connectivity and thought I would share.
Enjoy
http://www.pockethernet.com
read more of my articles on http://www.lovemytool.com/blog/tony-fortunato/
...
https://www.youtube.com/watch?v=VkQJlAIDyiU
NOTE: I DO NOT SELL ANY PRODUCTS. Contact the vendor for pricing, etc...
There is nothing more frustrating than picking up a tool only to find that you cant use it, or its not working as expected.
In this day and age, network tools have evolved to basic computers, running an operating system, memory, processor and software.
Not only do you need to ensure that your tools are physically in good shape with no damage to the connectors and the screen, ensure that the software is up to date. Many times these tools will sit in a bag in a closet door or storage room for months before you go pick them up. I can’t tell you how many times I thought I found something weird on the network only to find out it was a bug with the old software in the tool.
I can also tell you that many times when I appear on-site to help a client, we spend way too much time looking for their tools. I can't tell you how many times I am told that the tools have disappeared, so i have gotten in the habit of bringing my own tools even if I'm told not to bother.
I would suggest that you make a reminder in your calendar every three or four months to review all your tools to ensure that all the cables, power supply, documentation, and more importantly, the software is up to date. Once a year would be a good time to check if you are up to date with your support contracts and train/refresh staff on when and how to use the tools.
In this video, I show you how I keep my Profitap IOTA (https://www.profitap.com/iota/) up to date. If you find that your upgrade process is not obvious or straightforward, I would encourage you to create a small write-up on how to do it. In this case, as you can see it’s a fairly straightforward process.
I would also encourage you to double-check that the update was successful and that nothing else breaks during the upgrade process.
for more articles and videos, go to
www.thetechfirm.com
or
http://www.youtube.com/user/thetechfirm
...
https://www.youtube.com/watch?v=zR8Ylia83SI