Biztalk Server 2000: Developer's Guide for .Net

Biztalk Server 2000: Developer's Guide for .Net

by Scott Roberts, Chris Farmer, Robert Shimonski, Milton Todd
The BizTalk 2000 Developer's Guide is written for developers who are responsible for installing, configuring, and deploying the BizTalk Server in their organizations IT infrastructure. The opening chapters of the book discuss the benefits of seamless business-to-business application integration, summarize the features and enhancements of BizTalk Server 2000<


The BizTalk 2000 Developer's Guide is written for developers who are responsible for installing, configuring, and deploying the BizTalk Server in their organizations IT infrastructure. The opening chapters of the book discuss the benefits of seamless business-to-business application integration, summarize the features and enhancements of BizTalk Server 2000, and offer an introduction to XML - the driving force behind BizTalk. The next chapters explore the multiple tools that are incorporated into BizTalk that will transform the way in which information is created, transmitted and maintained in the server environment. Other chapters include complete coverage of the security considerations for BizTalk, and an examination of the various third-party plug-ins for enhancing BizTalk Server 2000. The book also includes a companion CD with demo software plug-ins from the BizTalk Developer’s Organization, and the complete ready-to-use source code from the book.

About the Authors: Scott Roberts (MCSE+I 4.0, MCSE 2000, MSF, MCDBA, MCT, MCP + Site Building) was one of the first 1600 MCPs in the world. He has a long history with Microsoft products and technology and is currently employed as a Senior Consultant within the Microsoft Consulting Services, Platform Consulting Organization. This group develops and deploys solutions for Enterprise customers focused on the .NET Server platform. Prior to joining Microsoft, Scott was the President/CEO of Enterprise Technology Group Inc., a Windows 2000 and e-commerce development, consulting, and training company. He has also been a featured conference speaker on messaging and e-commerce topics throughout the country.

ChrisFarmer (Ph.D., MCSD) is a consultant at SciTegic in San Diego, CA where he specializes in integration of scientific applications for pharmaceutical and biotech companies using SOAP and other XML-based technologies. Chris’s recent background includes design and development of .NET-based Web applications and extensive e-commerce database development and integration with legacy systems using XML with IT-Age Corporation in Atlanta, GA. Chris holds a bachelor’s degree from the University of Virginia and a Ph.D. from the University of Georgia. Chris currently lives in sunny San Diego, CA with his wife, Michelle.

Robert J. Shimonski (CCDP, CCNP, NNCSS, MCSE, MCP+I, Master CNE, CIP, CIBS, CWP, CIW, GSEC, GCIH, Server+, Network+, Inet+, A+) is a Lead Network and Security Engineer for Thomson Industries Inc. Thomson Industries is the leading manufacturer and provider of linear motion products and engineering. Robert’s specialties include: network infrastructure design with the Cisco and Nortel product line; network security design and management with CiscoSecure and PIX Firewalls; network management and troubleshooting with CiscoWorks and Sniffer-based technologies; systems engineering and administration with Microsoft NT/2000/XP, UNIX, Linux, Apple, and Novell Netware technologies; and developing a host of Web-based solutions for companies securing their market on the Web. He has also contributed to hundreds of articles, study guides, and certification preparation software for Web sites and organizations worldwide, including and SANS.Org. Robert’s background includes positions as a Network Architect at Avis and Cendant Information Technology. Robert holds a bachelor’s degree from SUNY, NY and is a part-time Licensed Technical Instructor for Computer Career Center in Garden City, NY teaching Windows-based and networking technologies. Robert has previously contributed to the Syngress Publishing title, Configuring and Troubleshooting Windows XP Professional (ISBN: 1-928994-80-6), and is the Technical Editor of the forthcoming Sniffer Network Optimization and Troubleshooting Guide (ISBN: 1-931836-57-4).

Milton Todd is a software engineer at InterKnowlogy, LLC in Carlsbad, CA. InterKnowlogy is a consulting firm and Microsoft partner providing custom software and infrastructure solutions for secure and effective use over the Internet. Milton has focused the last year on developing BizTalk solutions, primarily to the insurance industry. Previously, he developed front- and back-end applications in the e-commerce and manufacturing industries, depending heavily on Microsoft technologies. Milton holds a bachelor’s of science in Mechanical Engineering and spent several years in the design and construction field, experience that has provided a firm grounding in practical problem solving and the design process. When possible, he continues to teach mathematics. Milton currently resides in Diamond Bar, CA with his wife, Lida.

Product Details

Syngress Publishing
Publication date:
Edition description:
Product dimensions:
7.42(w) x 9.20(h) x 1.39(d)

Related Subjects

Read an Excerpt

Capturing TrafficAs you already know, Sniffer Pro is a great tool to help you capture traffic. Network problems are not a rare thing for a network administrator to experience. Unfortunately, broadcast storms, slow responses, or network attacks happen quite frequently. You have to choose the best way to identify each problem, analyze it, and sort it out. Using Sniffer Pro to capture traffic is one of the fastest ways to obtain a complete picture of what is happening on your network, analyze captured information, and resolve the issue. It is also possible to capture traffic and to experiment with it, to analyze in a test environment the ways your network would react to specific groups of data.

When you use Sniffer Pro, all captured traffic goes straight to the capture buffer. Captured data can be saved on a hard drive to be used for future reference and review.

You can also send the captures to your colleagues to share some ideas, or you can open captures made by somebody else for you. In some cases, you might also want to use captured data for baselining purposes. Besides the ability to capture all the data that is flowing on your network, Sniffer Pro has broad filtering capabilities that greatly facilitate troubleshooting on highly loaded networks. You can perform filtering by station addresses, data pattern, or different protocols. You will learn more about filtering in Chapter 8.

How to Capture Traffic

When you capture traffic, it is important for you to make up your mind whether you want to capture all the packets Sniffer Pro can see and select interesting ones using display filters, or whether you want to define a capture filter beforehand and capture only the packets that are related to the problem you are exploring. Both methods have their advantages and disadvantages.

In the first case, when you capture all the traffic, you have more flexibility afterward because you have a full snapshot of your network’s traffic. There is one drawback here: Thousands of packets per second can flow through your network, carrying many megabytes of data. Regardless of how big your hard drive, you probably do not want to store gigabytes of almost useless information on it. This does not mean capturing all the data is a completely ineffective choice. Capturing all the data on the network without a filter applied allows you to see all the traffic passed over the transmission media, thus giving you a very clear picture of exactly what is there. It allows you to “feel” the customer’s network and, in some cases, even resolve the problem that the customer is complaining about, without using sophisticated filtering and troubleshooting techniques.


You can always apply a filter to a capture buffer after you’ve stopped the capture process to filter out data that is relevant to the problem you are working on. You can even apply another filter to the data you to which have already applied a filter, to get more granular information. We discuss how to do this later in this chapter.

After you have taken a snapshot of your customer’s network, you might want to get a more precise picture and start capturing only the data related to the problem you are troubleshooting. In this case, you can then define a specific capture filter so that you can find particular things you are looking for, making the capture considerably shorter. This also means that you won’t have to worry about your PC resources. Keep in mind the main disadvantage of this process: You might miss something very important if you define an incorrect filter.

Taking Captures from the Menu and the Toolbar

There are a few different ways of taking captures:

By choosing Capture | Start from the main menu

By pressing the F10 key

By pressing the Start button on the main toolbar (it looks like the Play button on your VCR)

You must understand how to use a number of other buttons on the main toolbar and Capture menu as well (see Figure 6.1). The first four buttons along the top are the familiar buttons to open, save, print, and stop printing. The functions of the next eight buttons are described in Table 6.1.

Figure 6.1 The Main Menu and the Toolbar

Table 6.1 The Main Toolbar and Capture Menu Buttons

Button Function

Start capture By pressing this icon, you can start the capturing process. You can also start the capturing process by pressing the F10 key.

Pause capture By pressing this icon, you can stop the capturing process at any time and resume it later.

Stop capture Terminates the capturing process. You can stop the process to view the information or save it to a file. You can also stop capturing by pressing the F10 key.

Stop and Display Stops capturing and displays the frames captured. You can do the same thing by pressing the F9 key.

Display Displays a stopped capture. You can get the same result by pressing the F5 key.

Define filter Defines the filter used to capture the frames. Although

Chapter 8 is dedicated to the detailed discussion of filters, we define a few simple filters in this chapter.

Select filter Chooses a filter from the list of filters you have defined.

Capture Panel Brings up the Capture Panel, which we discuss in greater detail later in this chapter.

Address Book Lets you to assign recognized names for your network nodes.

Pulling Up the Capture Panel

The Capture Panel is at the center of your capturing process. It gives you all the information about the capturing process, such as how many packets have been captured, how much space is left in your buffer, and much, much more.

To pull up the Capture Panel, you can either go to the Capture menu and select Capture Panel or click the Capture Panel button in the main toolbar. The Capture Panel is very important because it is used to view the status of the capture process. At the bottom of the panel are two tabs: Gauge (see Figure 6.2) and Detail (see Figure 6.3). On the Gauge tab, you can see two gauges that show the following:

The number of packets captured

How full the buffer is

Figure 6.2 The Capture Panel’s Gauge Tab

Figure 6.3 The Capture Panel’s Detail Tab

Note that when the buffer is 100-percent full, the packets can be dropped or the capturing process can cease, depending on the settings, which we discuss a little later in the chapter. The Detail tab shows you additional details:

# Seen The number of frames Sniffer Pro sees.

# Dropped The number of frames dropped due to the lack of performance of the computer on which you are running Sniffer Pro. Packets are often dropped during periods of high network activity.

# Accepted Shows the number of frames that were put into the capturing buffer.

# Rejected Indicates how many frames did not satisfy the filtering rules you have defined. Frames can also be rejected if your buffer is 100-percent full.

Buffer size The size of the capturing buffer you have defined. We discuss the process of buffer definition in the following section.

Buffer Action Indicates the status of the buffer. Wrap means that the buffer will wrap as soon at it becomes full. Wrapped means that the buffer has wrapped. Stop means that the capture process will stop as soon as the buffer becomes full. Stopped means that the capture has stopped because the buffer is full.

Saved file # Shows to which file the capturing is being saved.

Slice size Shows whether Sniffer Pro captures the whole frame or just a part of it.

Elapsed time Indicates how long ago Sniffer Pro was started.

File wrap Wrap indicates that the files have been overwritten as the number of saved files has been reached. We talk about this option in the following section.


Please pay attention to the fact that the Capture Panel we have just discussed is not the same as the Sniffer Pro Dashboard, although their gauge tabs look alike. To access the Capture Panel, select Capture | Capture Panel. To access the Dashboard, select Monitor | Dashboard.

As a Sniffer Pro expert, you should understand that the Capture Panel can be quite useful. You can use it to easily see how many packets have traversed your network since you have started capturing, how many frames were filtered out (rejected), and how many frames Sniffer Pro dropped because your computer did not have enough resources to capture them.

Saving and Using Captures

It is very important to know how to save the information you have captured, because you will definitely need to open these captures later for future analysis. As a network analyst, you can spend hours looking into the data that took you only a few minutes or even seconds to capture! Sometimes you might decide to send the capture to your colleagues to get a second opinion on a problem you are investigating.

Throughout Sniffer Pro’s evolution, a variety of captured files formats have been used. Some of them could support compression; others could not. In addition to the file formats used to save captures, Sniffer Pro uses some other file formats for additional information. Table 6.2 lists all these formats.

Table 6.2 Sniffer Pro File Extensions

Extension Description

.cap Uncompressed capture files

.caz Compresses capture files; Sniffer automatically compresses data if you select this format

.enc Original format for Ethernet traces

.trc Original format for Token Ring traces

.fdc Original format for FDDI traces

.etm Broadcast and functional addresses

.trm Broadcast and functional addresses

.hst Saved history samples

.csv Saved history samples

.btr Token Ring Sniffer Pro table of assigned manufacturer IDs

.bet Ethernet Sniffer Pro table of assigned manufacturer IDs

In addition to understanding various Sniffer Pro formats, you should be able to distinguish among them and use the formats of other packet analyzers so that you can open files captured using other tools. We discuss all these processes in detail in the following sections.

Saving Captures

Now that you know why it is important to save captured data, you need to understand how to save this data for future analysis. When using Sniffer Pro, you could come across a troubleshooting scenario in which you need to remotely capture data from multiple locations. If this is the case, the versions of Sniffer Pro covered in this book (versions 3 and 4) will not allow you to natively perform this task. You can't capture traffic on different remote segments with this product, so if you need to do that, you might need to purchase an enhanced version of Sniffer Pro called Sniffer Distributed. This product will allow you to capture traffic on all key segments of your network using Sniffer Distributed agents. Is there a way you can circumvent this issue for now and capture the remote traffic? Yes, there is a way, but the logistics of doing so could become quite a hassle. You can always ask someone to capture that data for you (or you can do that with a remotely controlled workstation). Once the data is captured, you can upload the capture files and analyze the captures from the comfort of your own machine.

After you or somebody else has captured the traffic, you need to be able to save it for future analysis. There are two ways of saving data captures:

Manual saving

Automatic saving when the capturing buffer is full

Manual saving is very popular because you can view the data you have captured and save it only if you find it necessary to do so. To perform manual saving, you must stop capturing and display the capture buffer (select Capture | Stop and Display or simply press the F9 button). Then you can actually save the data in your capture buffer. To do so, from the main menu, choose File | Save or Save As. Another alternative is to click the Floppy icon in the main toolbar (refer back to Figure 6.1). A standard Windows Save As dialog window appears on your screen. From here you can select the directory into which you want to save your capture, the filename, and the extension or type of file. (Refer back to Table 6.2 for the list of known extensions.)

Automatic capture is useful if you want to capture a great deal of data, such as a volume that would not fit into your computer’s memory. Automatic capture is also helpful if you definitely know that the data you are capturing is required for future analysis and you want to save it on your hard drive right away, without going through the manual-saving process. Before you begin capturing, you must define a special filter profile (although no actual filtering is done here; you save all the packets you have received). The filter profile allows Sniffer Pro to save the buffer content to a file.


It is usually not a good idea to modify a Default profile because it is used as a starting point for any new profile you create on your computer. For that reason, you should always create a new profile for new filters.

Let’s create a new a new capture profile by following these steps (see Figure 6.4):

1. Select Define Filter from the Capture menu.

2. In the Define Filter window that appears on your screen, press the Profiles button.

3. In the Capture Profiles window, press the New button.

4. Choose an appropriate name for your profile (for example, LightPave), and select OK.

5. Press Done to close the Capture Profiles window.

Figure 6.4 Creating a New Capture Profile

Now you are ready to modify the new profile you have just created. Switch to the Buffer tab. The Buffer tab window is divided into four main areas (see

Figure 6.5):

Buffer size

Packet size

When buffer is full

Capture buffer

Let’s take a close look at each of these sections.

Figure 6.5 The Buffer Tab in the Define Filter Window

Buffer size allows you to select how much memory on your computer is actually used for the capture buffer. If your computer has a very limited amount of memory and you overset the buffer size, you can crash your computer or freeze Sniffer Pro. To avoid this situation, you should decrease the size of the buffer and use the Save to File option we discuss shortly. Note that the capture buffer’s default size is 8MB. You can manually modify the buffer size in a range from 256KB to 40MB. The available buffer sizes are:













You can check how much memory is available for a buffer on your computer by executing Task Manager on Windows 2000/NT or System Monitor on Windows 98/95. Make sure that the buffer size you have configured does not exceed available memory on your computer. We also recommend you close background applications (such as ICQ, Office Panel, or Real Player) to maximize the memory available for Sniffer Pro. Disabling unnecessary Sniffer Pro Expert Objects also allows you to optimize memory usage.

For example, if you have a notebook with 96MB of RAM, your Windows 2000 can use approximately 46MB of the available memory and Sniffer Pro can use approximately 30MB, so your buffer size can be anywhere between 256KB and 20MB. The standard 8MB buffer size looks like a good choice in this case. The Packet size option allows you to choose if the whole packet should be captured (the default option) or only some part of it (between 32 bytes and 18,432 bytes).

The When buffer is full option allows you to modify Sniffer Pro’s behavior in the event that the capture buffer becomes full. The program can either Stop capture or Wrap buffer and keep capturing data.

To enable automatic saving, choose the Save to File option and specify the filename prefix as well as the number of files you want to be created on your hard drive. Indicate the directory to which you want the files to be saved.

Other options you should specify to complete your setup are as follows:

Filename prefix Defines a common prefix of saved capture files.

Unique names This option specifies whether the analyzer must use a unique filename for each saved file. Sniffer Pro will make sure that the filenames are unique by assigning three random letters prior to the extension, as shown see in the following example. This option can be useful if you want to be sure that you don’t overwrite the files you have previously captured. Check to make sure that you have enough space on your hard drive to accommodate all the files.

Number of files This option sets the maximum number of files Sniffer Pro will create on the hard drive.

Wrap filenames This option specifies whether the files for this capture can be overwritten as soon as the number of saved files has been reached. Disabling of this option tells Sniffer Pro that it should stop capturing as soon as it fills its buffer and saves the number of files you have specified.

To better understand what these options actually do, perform the following exercise. Modify the new profile you have just created using these options:

1. Type LightPave as the filename prefix.

2. Select 3 as the number of files.

3. Enable the Unique Names option. Do not enable the Wrap filenames option, so Sniffer Pro will stop after the files become full.

4. Specify C:\Capture as the capture buffer directory.

5. Start the capturing process by pressing the F10 key. Sniffer Pro will automatically stop capturing as soon as three files are filled.

Now if you look into the C:\Capture directory to which you saved the captures, you will see three files that will look like the following:




LightPave here is the file prefix you chose; 001, 002, and 003 are the file numbers; and ajr is the randomly generated unique file identifier, so it can be different if you repeat this exercise.

File Types

Table 6.2 summarized different file types used by Sniffer Pro. Now let’s talk about the file types that are directly related to saving captured data—the ones you can select while saving your captured data on a hard drive.

When Sniffer Pro was introduced, capture files had extensions that depended on the type of network adapter used. Ethernet files had an extension *.ENC, Token Ring files had *.TRC, and FDDI files had *.FDC.

With the release of the Windows version of Sniffer Pro, new file formats were invented. Now Sniffer Pro uses the same *.CAP format for all types of interfaces. Sniffer Pro saves files in a unified uncompressed format, so the files can grow dramatically if you capture too much data. To prevent this situation, you can save your captures with the *.CAZ extension. In this case, Sniffer Pro automatically compresses your data. In the majority of cases, this extension will significantly reduce the drive space needed to save your captures.


For backward compatibility with other versions, Sniffer Pro permits you to save captures in the original Sniffer formats (*.ENC, *.TRC, and *.FDC).

Meet the Author

Customer Reviews

Average Review:

Write a Review

and post it to your social network


Most Helpful Customer Reviews

See all customer reviews >