Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).

Share tech news, updates, or what's on your mind.

Sign up to Post

what is the difference between state full inspection and deep packet inspection ?


thanks !!!
0
OWASP: Avoiding Hacker Tricks
LVL 12
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

I have a user who when tries to restore a Quickbooks database that is 100M stored on the server over the network takes hours.  When he copies the db from the server to his desktop which takes a few seconds then tries to restore it the process takes less then a min.  I would like to use wireshark to possibly identify the issue.

Questions
  1. Do i need to run Wireshark on his computer or on any computer to see if there are any issues?
  2. What should i be looking for?
  3. Should i attach a capture file or is that not secure?
0
hosting a Fortnite competition on ipads - what can i do to remove lagging/ latency issues

everyone will be on ipads and my bandwidth is 200 MB dedicated, its a small competition in our company, is there a QOS setting i can apply or any other suggestions

maybe there is a gaming port i need to open on the firewall
0
I had this question after viewing Stuck in INIT/DROTHER.

I have the same problem? OSPF INIT/Drother between Cisco Switch L3 and Cisco Firewall ASA?
I checked everything all the configuration.It looks good however it doesn’t work? I don’t really understand why?
0
Meaning of TTL in PING Reply

I have pingged 2 devices that have the same number of Hops away.
One shows TTL:124
the other shows TTL:250

I wonder how is the TTL calculated in this case .

Thank you
0
Hi guys,

When I am at my parents house,, streaming stuff is so slow. When running a speedtest it shows speeds of 25MBs download, 5mbs upload. It is 'fibre' internet that they have.

However, I am wondering how one can determine if the slowness is our side or the sender who we are viewing from. How does one determine whether it is our side? What tools can I run? Wireshark?

Thanks for helping
Yashy
0
Hi

I'm moving layer 3 routing from an old core switch to a new core stack we've just purchased.

The stack has been configured with trunks and has access to the network.

The old core will not be removed just the routing will be removed from it.

At the moment the old core has links to different sites

My question is when the routing has been moved over, will I need to move cables over from the old core to the new?

Thanks
0
I have a network that has been getting user reports that "the internet is slow".  Plenty of users....
I can see slowness in web browsing but:
- speed tests look fine
- DNS response times look fine
- internal and internet traffic levels look fine
- I've rebooted the main firewall and don't see any issues there - no recent changes.

I'm using PRTG for network monitoring and network traffic levels appear to be reasonable.

I rather suspect DNS issues but can't pinpoint any.

I'd really like to have a nice tool that would help with this.
And, suggestions about how to approach this would help.
0
picI have router on a stick fa0/0.10 10.10.10.1/30 on R1 and an IP address assigned to R2 f0/0 10.10.10.2/30. I am trying to understand why I cannot ping R2 from R1?

pic
R1 config:
interface FastEthernet0/0
 no ip address
 duplex full
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 10.10.10.1 255.255.255.252
!

Open in new window


R2 config:
interface FastEthernet0/0
 ip address 10.10.10.2 255.255.255.252

Open in new window

0
I have 14 windows 7 PCs that are used as internet cafe access points. I'm looking for a way to collect data as to how much they are utilised. I am trying to ascertain if amount of PCs available meets the demand we have. For example: PC 7 is used for 4 hours per day, where as PC 6 is only used for 30 minutes a day or maybe a graph that shows usage for all PCs throughout the day, where I can see how many computers where in use at any one time. The internet connection for these machines goes via a Win Server 2016 gateway running hotspot software. The hotspot software doesn't have this kind of data collection. The network switches are only "web managed". Of course, i'm looking for a free, or cheap solution.
0
Fundamentals of JavaScript
LVL 12
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

Hi guys

As we have multiple offices at our work place, we constantly have users leaving and new ones beginning. We want to keep a floor map of PC names, their locations along with the users.

This is so that when we want to do things like apply updates and they fail to a PC, we can allocate where they physically are and access that machine or even request the user to do the necessary from their end.

Does anybody use any applications to manage this?

Thank you
Yash
0
Dear Experts,

I am a new starter to a job, and have been given an initial project to work on that I'm hoping that you can help with.

The customer has an ageing archiving solution with SAN storage that archives email from their MS Exchange platform. There is a separate project that is almost complete that will replace the solution.

I have been given the task of overseeing the decommissioning of the SAN storage.

The customer believes that the only solution using the SAN storage was the legacy email archiver, but cannot be 100% sure that other applications haven't developed dependencies on the SAN storage during it's lifespan, and I've been asked to perform some due dilligence on the SAN to try an identify any unexpected connectivity.

My initial thoughts are to run something like WireShark on that network segement to identify any traffic with the SAN IP as a destination.

Is that the right approach?

If not, what do you recommend?

If it is, could you give me some guidance on how what config I should put into Wireshark to help me see the right results?

Many thanks in advance.
0
I am sysadmin..I want to know

I want to reach the server, to check the connectivity thru specific port.
This is just to varify whether the required firewall rule defined properly or not.
0
Consider the below scenario

userPC---- firewall --- Destination-server
                         10.1.1.1


I have installed some software on the server, the service  of that software is using port # 301.

1) Scenario...
      Firewall defined
      server#  service UP
        userPC# telnet 10.1.1.1 301  --> user get reply

2)Scenario...
      Firewall defined
      server# service DOWN

is there any command/3rdparty-tools available to just varify, pockets from userPC able to reach on the server through port#301

==
This I asked just to segregate if there any issue, problem from firewall side (or) destination server side.
0
What does this mean?

Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client2
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients\client1
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_PATH_NOT _FOUND
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
Trans2 Response QUERY_PATH_INFO, Error: STATUS_OBJECT_NAME_NOT _FOUND
NT Create AndX Request, FID: 0x4014, Path: \clients
Trans2 Request, QUERY_PATH_INFO, Query File Basic Info, Path: \clients
445 > 2161 [ACK] Seq=171 Ack=576 Win=17138 Len=0
0
ac
in the topology above , I have 2 routers with 2 loopbacks.
on R2 I configured an access list to permit only 192.168.12.0 which is the link between R1 and R2, for some reason I cannot ping loopback 1.1.1.1 of R1 which makes sense,  but I can ping from R1 to loopback of R2.  I thought both loopbacks cannot be ping because of the access list:

configuration below:

R1:
R1#sh run 
Building configuration...

Current configuration : 1792 bytes
!
! Last configuration change at 16:05:15 CET Sat Aug 18 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
! 
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
!
interface Ethernet0/1
 no ip address
 shutdown
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown
!
interface Ethernet1/0
 no ip address
 shutdown
!
interface Ethernet1/1
 no ip address
 shutdown
!
interface Ethernet1/2
 no ip address
 shutdown
!
interface Ethernet1/3
 no ip address
 shutdown
!
interface Serial2/0
 no ip address

Open in new window

0
Hi.. This is regarding networking port no. 2829, 2832, 2831 and 2830. According to IANA website, this is something silkp1, silkp2, silkp3 and silkp4. Can anyone tell me what is this silkp ?
0
Don't have much documentation at my new place and I wanted to know where to begin to understand our DR/BDR information.  I specifically wanted to know what it costs the company to be down for an hour or a day and so forth.  Since we don't have much documentation, it is really hard to understand or where to begin.
0
I want to sniff network traffic from my firewall to our SIP Cloud provider.  I have not used wireshark much.  Can someone give me simple rundown of how to do this?

I just downloaded the lates version of wireshark.
0
Why Diversity in Tech Matters
LVL 12
Why Diversity in Tech Matters

Kesha Williams, certified professional and software developer, explores the imbalance of diversity in the world of technology -- especially when it comes to hiring women. She showcases ways she's making a difference through the Colors of STEM program.

Hi guys ,

I have a domain controller in amazon , connected to 2 other dcs . The AD traffic is good . I asked the cloud provider to update the ldap lookup on their fortinet edge device for the vpn AD authentication. They are unable to connect . All rules and routes are good . I did a wireshark capture of the traffic from my dc ( 172.31.33.10) to the their edge device ( 172.16.250.69) . Can someone chec and advise pls, there is a RST on the handshae , my network analysis is rusty . Which side is dropping ? See attach
ldapRST.pcapng
0
Have anyone used multi-mode to single mode fiber converters?  Are they reliable?  
I need to run 40G optics between the floors in the three building floors (floors 1,2,and3).  MM fiber is already in place.  To support 40G between these three floors we need single mode duplex LC fiber.  
Instead of doing new SM runs, can we install converters to achieve that?  Would that work reliably?
0
I have installed IP Cameras on 5 different locations in the US and I want to watch all those IP cameras in India, but the Ping Test gives me this result after having a 100 Mbps connection -> bytes= 32 time= 579 TTL=117. Because of which I am unable to watch the live view smoothly. It gets freeze after every other 2 Seconds.
0
Dear Experts

We have been asked to deploy on premise mail server for which we are planning to go for zimbra network but before to that we have to design the network,  though this email server will be working for internal within main office and branch office as it is connected in mpls network but we also would like to send and receive mails to external domains following measures to be taken
1. if our server or internet goes down the sender mail should not get lost for us once the server or internet gets restored the mails should be delivered to our emails accounts.
2. our domain and ip reputation should be always good so that our messages gets delivered to the inbox on the recipient email
please suggest on how our email server to be configured have internal dns server and make it work as normal email server and for external we have to avail SMTP RELAY service with some service provider please suggest is this correct if not please suggest what service we have to avail for external email delivery with email security will be taken care.
0
Using Wireshark I want to check if the traffic is going through an upstream firewall device ,how can I do that ?
0
Experts,

I could be logged into my system and looking at real time logs of our active directory logs from our Splunk system.
Not touching my keyboard I see event ID 4624 trickle in for me. It's almost like it's every 7-8 minutes.  What's the reason
AD would constantly report 4624 on a user when they are not doing any logging in? It makes making sense of the logs useless when you
want to identify how many times a user logs into their computer in a day.
0

Network Analysis

9K

Solutions

12K

Contributors

Network analysis is the process of identifying and remediating the processes and systems within a network, including performance, connectivity and security. The process is performed through the use of tools developed for monitoring and analyzing network activity. Network problems that involve finding an optimal way of doing something are studied under the name combinatorial optimization. Examples include network flow, shortest path problem, transport problem, transshipment problem, location problem, matching problem, assignment problem, packing problem, routing problem, Critical Path Analysis and PERT (Program Evaluation & Review Technique).