Solved

Protocol Analayzer Understanding..

Posted on 2006-07-18
5
234 Views
Last Modified: 2010-03-05
Ok so i am new to using protocol analayzer i ahve a couple questsions for those that are expertise in it..

On which layer will will i be using to find whether information is being retransmitted ?

and

Which layer will i look to determine whether there is a routing problem ??

reason i ask this, is because i am trying to troubleshoot my network problem... between my current work area and our headquaters in a different city.. The data being transmitted from each other is taking twice as long as it usually did a week ago ? i was told to use a protocol analyzer to help further find the problem... well i am new to using analyzer so if anyone could help me answer these questions, would be greatly appreciated thanks..
0
Comment
Question by:Coupee36
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 17135673
Data retransmission can take place at many layers so the answer there is "It depends."

For routing problems, you don't need a protocol analyzer, you just need the ability to do traceroute (tracert in Windows) from source PC and the target PC.

What you want to look for in the the trace is the general packet flow between the two hosts.  You also need to know what protocol/application is being used to transmit the data.  Is it ftp, sftp, ftps, or SCP?

Even more generally typically you should see data going from the source to the target and ACK's everynow and then from the target to the source.  You want to look for delay's between the data and the ACK's.

0
 

Accepted Solution

by:
vodkamilkshake earned 63 total points
ID: 17152531
You should use Ethereal, its a free network analyzer. It can detect and display many anomalies regarding TCP traffic and it shows pretty user friendly messages too. As far as which layer to look at is concerned, pay attention to source and destination addresseses in physical layer, and the same in tcp layer. Just go around with it a little bit and you will find alot of useful information.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 62 total points
ID: 17153468
Are you already using a analyzer?  If so which one?  If not you can use Ethereal as vodkamilkshake or its "replacement" Wireshark (http://www.wireshark.org)

0

Featured Post

Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Suggested Courses

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question