ASK THE EXPERTS
Expert response: The network analysis and diagnostics space is a big one. If you're looking for a general network layer sniffer, consider products from Network General (Distributed Sniffer) and Netscouts (nGenius line) …
How can I make better use of my protocol analyzer when analyzing TCP?
Expert response: When analyzing packet traces, I like to view as much as possible in the one-line summary display, drilling down into the decodes only when necessary. For example …
What's the difference between packet "sniffers" and protocol analyzers?
Expert response: Sniffer is the original trademark from the "old" Network General that dates back to their DOS-based protocol analyzer (Network General has been recently re-born as …
What is difference between a network analyzer and a protocol analyzer?
Expert response: here really isn't a difference between network analyzers and protocol analyzers. These names are used interchangeably within the industry …
Protocol analysis timestamps
The three timestamp displays and how to use them to diagnose network issues.
Network fault analysis: Putting the guru in the analyzer
Today's TCP/IP networks require packet-level analyzers for proper troubleshooting, just as older networks did, but these analyzers must be smarter and more efficient than ever.
Basic packet filtering
Laura Chappell discusses the basics of address filters, protocol filters, and data set filters.
Advanced packet filtering
In this article, Laura Chappell shows you the steps required to build an advanced filter using the Sniffer Pro.
Onsite network analysis
If you're looking to provide your company with an in depth look at your network performance and health -- let this be your guide.
Using Sniffer Pro Dashboard for proactive management
This tip discusses proactive network performance baselining with the Sniffer Pro protocol and network analysis tool.
Etherpeek NX: Managing traffic in real time
In this tip, we will look at the Etherpeek NX product, what it does and how you can use it for network management.
Looking for trouble: ICMP and IP statistics to watch
EtherPeek's Summary Statistics window lets you easily identify network scans (ping, ARP, TCP, and UDP) and OS fingerprinting.
Ports to watch
The following provides a list of some port numbers that you should watch carefully. They are often associated with lax security and security breaches.
Calculate the cost of downtime (ROI calculator)
This excel spreadsheet created by Chappell provides you with the tools to determine and document the ROI for analyzing a network at packet-level and fixing network problems in a timely manner.
Read more protocol analysis-related tips here.
This was first published in January 2006