Loading ...|
Aug
18
|
Some while back one of my US based colleagues passed on some advice about checking out some details on how to get the best out of Wireshark
For anyone interested in getting their feet wet using Wireshark the network protocol analyzer. This knowledge can be useful to have when dealing with network anomalies.
Download the latest 1.2.1
As you may or may not know this was originally called Ethereal, and then morphed in to Wireshark, and has recently had quite a number of improvements and has moved from ver. 0.9 to now 1.2 plus in the last few months. There has been quite a number of additions including the ability to graph throughput etc from within the tool, as well as it now supporting GeoIP DB’s so that you can carry out extensive mapping of where the packets are going to or coming from.
http://wiki.wireshark.org/HowToUseGeoIP
Running Windows 7?
If you are running Windows 7 – then do be aware that the WinPcap driver (the component that does the sniffing) will fail to install by default – but if you modify the executable to run in Vista SP1 compatability mode then all should be fine – as detailed below:
I’ve just downloaded WinPcap 4.1 beta5 from here: WinPcap, the Packet Capture and Network Monitoring Library for Windows Set the compatibility mode to Windows Vista (right click on the installer executable then select Properties; on the Compatibility tab, check "Run this program in compatibility mode for", select Windows Vista SP1 from the dropdown list, then finally click OK =)) and it will install as it should.
For me it worked flawlessly so far.
Further reading
I then followed this up a bit further and noted that after a recent Sharkfest event there were a number of presentations made by a chap called Ray Tompkins (CEO of Gearbit) and these are available at:
At Sharkfest 2009 gearbit presented 3 sessions::
Finding the Latency:
How Protocols Work:
Wireshark Charts & IO Graphs:
OSTU – Wireshark IO Graph for Response Time Analysis:
Understanding the Need for Protocol Analysis: HYPERLINK
OSTU – Wireshark Case Study: Benchmark Test
OSTU – Wireshark TCP Stream Graphs
OSTU – Wireshark Capture Filters
OSTU – Wireshark Display Filters
OSTU – Identifying Zero Window with Wireshark
If you do find that you have to dig in on a Customers Site to start doing some serious troubleshooting around Networks then I would seriously recommend the first two presentations in PDF format as they do appear to explain things in a very simple and matter of fact way.
Wireless Issues:
Now this should in no way be any sort of substitute for a proper Wireless Survey, but when you find that you are up against some issues then try using inSSIDer as a very good starting point? And it works on Windows 7 straight out of the box 
2 Pings to “I have been chasing Network issues lately and have come across these very useful *FREE* Tools that both work under Windows 7”
20 Responses to “I have been chasing Network issues lately and have come across these very useful *FREE* Tools that both work under Windows 7”
-
1. Bunker Says:
August 19th, 2009 at 11:08 amVery interesting and amusing subject. I read with great pleasure.
-
2. Cornelius Says:
August 21st, 2009 at 5:39 amValuable thoughts and advices. I read your topic with great interest.
-
3. Swingdown Bike Rack Says:
August 21st, 2009 at 7:51 pmI had wanted to learn more about this. Thanks for the info!
-
4. Spider Says:
August 22nd, 2009 at 4:57 amIt is surprising but true. Your life is expensive. At least, at its auction it could sell for good money..
-
5. Maggy Says:
August 22nd, 2009 at 5:56 amThank you, very interesting article..
-
6. Mackeran Says:
August 22nd, 2009 at 6:17 amThank you! You often write very interesting articles. You improved my mood.
-
7. John Says:
August 22nd, 2009 at 7:20 amInteresting. We are waiting for new messages on the same topic:).
-
8. Ventego Says:
August 23rd, 2009 at 7:33 pmI read a few topics. I respect your work and added blog to favorites.
-
9. Javier Says:
August 24th, 2009 at 2:17 amGreat site you have – are you having fun with it? Keep up the good work and good luck with your site!
-
10. Alex Says:
August 24th, 2009 at 4:22 amFascinating. We would have to hear the views of experts on this subject:).
-
11. Suzan Says:
August 24th, 2009 at 11:40 pmThe theme of your pretty complicated for a beginner..
-
12. Malcom Says:
August 26th, 2009 at 2:58 amThe author, and you do not accidentally from Moscow?.
-
13. Alex Says:
August 27th, 2009 at 4:23 pmYour blog is familiar in the ICQ link threw. It turned out that not in vain. Now I will read regularly.
-
14. Julia Says:
August 28th, 2009 at 5:47 pmexcellent example of standing material. Fortunately, the author simply genius.
-
15. Anonyme Says:
August 28th, 2009 at 6:46 pmMaterial for five and a plus. But there are negative! My internet speed 56kb/sek. Page loaded about 40 seconds..
-
16. Webmaster Says:
August 30th, 2009 at 3:00 amFully agree with you, about a week ago, wrote about etozhe on your blog!.
-
17. X-man Says:
August 30th, 2009 at 8:39 amYes, all clear Spasibochki for the post..
-
18. X-man Says:
August 30th, 2009 at 4:54 pmRead, of course, far from my topic. But still, you can cooperate with you. How do you treat yourself to a trust management?.
-
19. Joe Says:
November 11th, 2009 at 12:43 pmI have found Inssider not to show any higher singal than -50 when used with Windows 7.
-
20. ???? ??????? Says:
January 15th, 2010 at 3:07 pm???…
?? ?? ????? ??? ??? ??? ????? ? ?????? ??????
August 18th, 2009 at 1:52 pm
[...] Read more: I have been chasing Network issues lately and have come across these very useful *FREE* Tools that b… [...]
August 19th, 2009 at 9:02 pm
[...] I have been chasing Network issues lately and have come across these very useful *FREE* Tools that b… wireshark and inSSIDer (tags: network wireless) AKPC_IDS += "861,"; [...]