Solved

How to know if network traffic is OK or not ?

Posted on 2007-03-30
5
151 Views
Last Modified: 2010-03-18
Hi, now I'm in charge of the LAN where I work.... I know a little bit about protocols and packets, layers, etc... but we want to know if there is over-traffic on the network or lost packets... well i'm not sure, everything that is wrong.

I have read that I can do this with Ethereal.... and I downloaded it, but I have no idea what to do with the information that it captures.

Could you help me ? or at least give me some URLs to read about this.

Thanks!
0
Comment
Question by:blueshaolin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 200 total points
ID: 18823425
Since you are not sure what you are looking for rather than creating filters you might be best to just make a capture and one by one remove the traffic you know is OK, then analyze what is left. To do so right click on a line with a known protocol, such as SMTP and choose "apply as a filter" and then "not selected".

There is a problem with using Ethereal. If you are connected to a switch, you will only see the traffic between you and the switch. If you have a managed switch you can mirror a selected port, or you can install an old basic hub between the switch and source (such as Internet) and plug into that. Hubs broadcast all traffic to all ports.
0
 
LVL 26

Assisted Solution

by:Fred Marshall
Fred Marshall earned 200 total points
ID: 18823456
Without doing a big study project, you might consider getting some empirical experience.
Hook up a couple of computers on a hub (a hub, not a switch, just to make sure you see all the traffic).  Run Ethereal on one of them and see what happens when you PING and so forth....
Try it with compatible IP addresses.  Try it with incompatible IP addresses.

If you see something you don't understand then direct a bit of research to that topic - like ARP perhaps.

You say "everything that is wrong" .... is there a specific problem?

One manifestation of over-traffic would be lots of messages coming out from a single source and with no apparent reason.  That might suggest a parasite.  Certainly if the messages are running through all likely IP addresses one after another!
0
 
LVL 22

Assisted Solution

by:Rick Hobbs
Rick Hobbs earned 100 total points
ID: 18825072
Before you start looking at the traffic I would recommend looking at the systems on the network.  Make sure you have a good Antivirus and Anti-spyware software package in place (like Symantec Antivirus Corporate V10.1.5.5000) and run a full scan on the servers and workstations.  Generally eliminating all viruses, spyware, and adware is a major benefit and eliminates excessive traffic.   Also, a Software Restriction Policy (SRP) can help eliminate traffics from games, streaming media and the like.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 19276041
Thanks blueshaolin.
Cheers !
--Rob
0
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 19278700
Thanks!.  Hope I was of some help.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Boot Camp 3 59
Password recovery 2950 is Deleting configuration Why 8 39
ASA NAT rule change 3 26
X2 to x0 on sonicwall tz200 1 19
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question