Network Monitoring and Analysis: A Protocol Approach to Troubleshooting

Network Monitoring and Analysis: A Protocol Approach to Troubleshooting

by Ed Wilson
     
 

ISBN-10: 0130264954

ISBN-13: 9780130264954

Pub. Date: 12/30/1999

Publisher: Prentice Hall

TCODE = 2649E-2

  • Windows NT® network troubleshooting, from the ground up!
  • Real-world scenarios, easy examples, and plenty of illustrations
  • Proactive solutions for improving performance and supporting new applications
  • CD-ROM: Sample network traces, custom filters, batch files, and other great tools

Overview

TCODE = 2649E-2

  • Windows NT® network troubleshooting, from the ground up!
  • Real-world scenarios, easy examples, and plenty of illustrations
  • Proactive solutions for improving performance and supporting new applications
  • CD-ROM: Sample network traces, custom filters, batch files, and other great tools

Make your Windows-based networks faster, smarter, and more reliable - step by step!

Ever wonder what's actually happening inside your network? Why multi-tier applications suddenly slow down, print jobs fail, network elements suddenly disappear? The truth is in there-if you have the network monitoring and protocol analysis skills you need to unearth it! That's where Ed Wilson's Network Monitoring and Analysis comes in. It's your complete, hands-on guide to monitoring and analyzing Windows NT-based networks-and using the information to maximize performance, plan for growth-even identify intruders! Coverage includes all this and more:

  • TCP/IP, IPX/SPX, Ethernet, and Samba: protocol basics for effective monitoring and analysis
  • Understanding network traffic from every perspective: client, server, application, and service
  • DHCP, Internet email, and Microsoft® Exchange: unique characteristics and issues
  • Using Microsoft's Network Monitor (Netmon)
  • In-depth, step-by-step troubleshooting: connectivity problems, faulty applications, defective hardware, and compromised security

There's nothing mysterious about network monitoring and analysis-and for Windows network and system administrators, there's no skill more valuable! If you want maximum performance and maximum reliability, Network Monitoring and Analysis shows you how to get it-step by step, start to finish!

Product Details

ISBN-13:
9780130264954
Publisher:
Prentice Hall
Publication date:
12/30/1999
Edition description:
BK&CD ROM
Pages:
360
Product dimensions:
7.00(w) x 9.00(h) x 1.00(d)

Table of Contents

I. PROTOCOL ANALYSIS: A LOOK AT THE PLAYERS.

1. Basic Network Models.

The OSI Model.Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer. The IEEE 802 Project. Enhancements Made to the OSI Model. Logical Link Control Layer (LLC). Media Access Control Layer (MAC). A Look at How Data Makes it Onto the Wire. The Packet Creation Process. Ethernet Communication Specifics. What Is the Role of Protocols in All This? Protocol Stack. A Layered Approach. So How Do I Tie All This Together? Application Protocols. Transport Protocols. Network Protocols. Connection-Oriented Network Service. Connectionless Network Service. Data Link Layer Addresses. Network Layer Addresses. Data Encapsulation. IP over LAN Technologies. Flow Control. Internetworking Functions of the OSI Network Layer. WAN Services. Chapter Review. In the Next Chapter.

2. The TCP/IP Protocol Suite.

Transmission Control Protocol. A Look at the TCP Header. A Look at the Three-Way Handshake. The TCP Quiet Time Concept. Half-Open Connections and Other Anomalies. Reset Generation. Reset Processing. Scenario 1: Local User Initiates the Close. Scenario 2: TCP Receives a FIN from the Network. Scenario 3: Both Users Close Simultaneously. The Communication of Urgent Information. Managing the Window. User/TCP Interface. TCP User Commands. Send. Receive. Close. Status Abort. TCP/Lower-Level Interface. Events That Occur: User Calls. LISTEN STATE. SEND Call. Internet Protocol. The IP Header. Chapter Review. In the Next Chapter.

3. The SPX/IPX Protocol.

SPX Protocol. SPX Header. IPX Protocol. Connectionless Protocol. Operates at the OSI Network Layer. Packet Structure. IPX Addressing. Network Number. Reserved Network Numbers. Internal Network Number. Node Number. Socket Number. How IPX Routing Works. Session and Datagram Interfaces. Message Header Structures. Chapter Review. In the Next Chapter.

4. Server Message Blocks.

SMB Operation Overview. Server Name Determination. Server Name Resolution. Message Transport. Sample Message Flow. Dialect Negotiation. Connection Establishment. Backwards Compatibility. Session Setup. Connection Management. SMB Signing. Opportunistic Locks. Exclusive Oplocks. Batch Oplocks. Level II Oplocks. Security Model. Resource Share/Access Example. Authentication. Distributed File System (DFS) Support. SMB Header. TID Field. UID Field. PID Field. MID Field. Flags field. Flags2 Field. Status Field. Timeouts. Data Buffer (BUFFER) and String Formats. Access Mode Encoding. Open Function Encoding. Open Action Encoding. File Attribute Encoding. Extended File Attribute Encoding. Batching Requests ("AndX" Messages). Chapter Review. In the Next Chapter.

II. NETWORK TRAFFIC ANALYSIS AND OPTIMIZATION: A LOOK AT THE ISSUES

5. A LOOK AT CLIENT TRAFFIC.

CLIENT INITIALIZATION DHCP traffic. WINS Client Traffic. Name Registration and Renewal. Logon Traffic. Finding a Logon Server. Netlogon Optimization. Browsing. Browser Host Announcements. Where Are the Backup Browsers? Browser Traffic Optimization. Chapter Review. In the Next Chapter.

6. A Look at Server Traffic.

DNS Resolving an Address. Recursive Look-ups. Integration with WINS. DNS Optimization. BDC Initialization. Where Is the PDC? Updates to the Database. Optimizing Account Sync Traffic. NetLogon Service. Chapter Review. In the Next Chapter.

7. A Look at Application Traffic

File and Print WINS Request 194Broadcast. ARP. Three-Way Handshake. NetBIOS Session. SMB Dialect Negotiation. Internet Browsing. Web Pages. Secure Sockets. Optimizing Intranet Browser Traffic. Chapter Review. In the Next Chapter.

8. Exchange and Internet Mail.

Exchange Opening and Closing the Session. Exchange Server in Action. POP3 Protocol. Exchange Server to Server. Chapter Review. In the Next Chapter.

III. COMMON NETWORK MONITORS: A LOOK AT THE TOOLS.

9. Microsoft's Network Monitor Family.

Network Monitor Making the Capture. Manually Capturing Traffic. Viewing the Capture. Saving the Capture. Filtering the Capture. Analyzing the Capture. Network Monitor Security. Password Protection. Network Monitor Installations: Detecting Others. Systems Management Server. Network Monitor. Additional Features. Connecting to Remote Agents. The Wizards. Configuring Triggers. Network Monitor 2.0. The Cool New Features. Things That Don't Work. Additional Security Features. Chapter Review. In the Next Chapter.

IV. TROUBLESHOOTING SCENARIOS: A LOOK AT COMMON PROBLEMS.

10. Troubleshooting Issues Workstation Cannot Logon Can We Ping the Server?

Workstation Cannot Logon Can We Ping the Server? Now We Have a Case for a Laptop! Workstation Cannot Obtain DHCP Lease. Look at the Conversation. Analyze What Is Missing. Workstation Is Slow. Can You Define Slow? What Is the Source of Your Discontent? Logon Problems. I Am Trying to Authenticate, but Where? Strange Event Log Errors. A Method for Looking at Server Problems. Running Unattended. Excessive Broadcasts. Who Is Doing It? Why Are They Doing It? Chapter Review. In the Next Chapter.

11. Security Issues

Rogue DHCP Servers.Have I Got an Address for You? Well, Where Are You? Unauthorized Sniffing. First, You Have to Find Them. Then You Give Their Sniffer a Sinus Problem! Chapter Review.

Appendix A: A List of Well-Known TCP and UDP Port Numbers

Appendix B: Command Line Utilities

Appendix C: Common NCPs

Appendix D: Troubleshooting Common Network Errors.

Runt/Long Frames. CRC or FCS Errors. Collisions. Late Collisions.

Appendix E: NetBIOS Suffixes.

Appendix F: Domain Controller Startup.

Appendix G: Opening a Web Page.

Glossary.

Index.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >