Solved

Free network analysis software

Posted on 2011-03-09
16
410 Views
Last Modified: 2012-06-27
Hi

I have a large customer who has problems with his Network. They called us and told some of the computers are losing connection to the domain server (maintained by the network company) and internet many times a day. We checked and came to the result that they have network problems (maybe switch, router etc.).

The problem is they have another company to look after their network (and server as I told). We don’t have any access to this router’s and switches’. So our network team can’t analyze this problem. That company specialized on Network tells me, all there switches and routers are working fine and if something  is not working they will get an alarm. They told me to test the network with Wireshark or other Tool. How can I test the Server and client with Wireshark? Is there any other better Tool?

Thanks
Leonie
0
Comment
Question by:hopeleonie
  • 8
  • 5
  • 3
16 Comments
 
LVL 9

Expert Comment

by:ks_admin
ID: 35088004
Wireshark would be my recommendation also.  Is there a specific reason you don't like Wireshark?  It's top notch and free.  :)

ks_admin
0
 
LVL 25

Assisted Solution

by:Fred Marshall
Fred Marshall earned 333 total points
ID: 35089961
How can I test the Server and client with Wireshark? Is there any other better Tool?

Wireshark is a "packet sniffer".  So it will show you the packets that are visible wherever you "connect" it.  It could well be good enough to install it on one of the computers that's seeing the trouble.  Then you can monitor all of the packet traffic, filter it out to get better focus on your interests, etc.

Presumably you've run traceroutes?  What do they tell you?  
I recently wrote a little script that pings another device and, if 3 pings are missed in a row, it runs a traceroute then back to pinging.  Keeps logs of what happens so you can see outages and get a good idea of how long they last and where they occurred if the traceroute gives reasonable results - which it may.

0
 
LVL 18

Author Comment

by:hopeleonie
ID: 35099647
@ks_admin
I love Wireshark but how to work with this Tool? Is there no other Tool to send some data to the Server and reverse and check whether it fails?

@fmarshall
can i have your script?
0
 
LVL 9

Accepted Solution

by:
ks_admin earned 167 total points
ID: 35099672
There are some really good tutorials out there..  but you're right it's fairly complex.  That's what makes it so good.  :)  But don't feel bad, I have to google about every filter I want to use, and go from there.

http://openmaniak.com/wireshark_filters.php


0
 
LVL 25

Assisted Solution

by:Fred Marshall
Fred Marshall earned 333 total points
ID: 35100196
Here's the script.  You'll need to change the file extension to .bat and run it from a command line.
I'm not saying it's great at all - but it did work reasonably well for me the other day.
Use at your own convenience / inconvenience and risk.

The command line startup has a couple of useful arguments:

C:\> pinglog3 [ip address to ping and traceroute]  [path for log and temp files]

Otherwise the defaults are:
192.168.1.1 and %userprofile% in a Windows environment.

Have you run any traceroutes to see if they're useful?
pinglog3.txt
0
 
LVL 18

Author Comment

by:hopeleonie
ID: 35110286
On Monday I will go to this customer and try a traceroute and give you both points.
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35110744
In your role, don't you have remote access?  That saves a lot of time / particularly calendar time.
0
 
LVL 18

Author Comment

by:hopeleonie
ID: 35121545
hi fmarshall

no we are freelancers. we don't have remote access to this company.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 18

Author Comment

by:hopeleonie
ID: 35138593
@fmarshall
traceroutes looks fine. any idea?
0
 
LVL 9

Expert Comment

by:ks_admin
ID: 35138638
How long did you analyze for?  If there is no interruption during your testing, then maybe everything is fine at the TCP level.  Is it an application going idle, or do you have more specifics on what they're "losing" ?

ks_admin
0
 
LVL 18

Author Comment

by:hopeleonie
ID: 35140530
Hi ks_admin

we are still analyzing. the network team has switched all alarms on.
i will let you both know.
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35143974
Re traceroutes:
"Fine" in this context... ?  Fine would be that you can see some individual nodes along the path.  Then, when there's a dropout you'll be able to tell which node is the last one that works in the chain.  If there aren't any hops in the traceroute then it will be much less useful.

0
 
LVL 18

Author Comment

by:hopeleonie
ID: 35151993
hi you both

is this traceroute ok?
info.pdf
0
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 35152776
You blocked out all the interesting addresses so I can't tell really.  All I see are public addresses.  But at least there are lots of hops so if the network fails at one of them then you should have an idea where the failure occurred - one hop beyond.
0
 
LVL 18

Assisted Solution

by:hopeleonie
hopeleonie earned 0 total points
ID: 35167782
The problem was found on a Router by the Network Company. I hope they saw this because of our intensive testing’s.
0
 
LVL 18

Author Closing Comment

by:hopeleonie
ID: 35196700
Thanks
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now