Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword or section
Like this

Table Of Contents

Packets Per Second
Utilization (Percentage)
Packet Size Distribution - Size Does Matter!
Alarms and Alerts
Watch the Default Alarm Settings
Setting Your Own Alarm Thresholds
False Positives
False Negatives
Using Alarms as Triggers
Notification Options
Short-Term Trends
Long-Term Trends
Exporting Graphics Into a Report
Request - Reply, Request - Reply (Commands)
Request - Reply, Request - Reply (Slow File Transfer)
Request - Request - Reply (Weird Problem)
Relative Timestamps
Delta (Interpacket) Timestamps
Absolute Timestamps
Chapter Quiz
CHAPTER 2 Capture and Display Filtering
Filtering Overview
Capture Filters
Display Filters
Address Filters
Sample Address Filtering Process
Complex Address Filter Techniques
Subnet Address Filters
Protocol Filters
TCP/IP Protocol Filters
IPX Protocol Filters and Definitions
Miscellaneous Protocol Filters and Definitions
Data Pattern Filters (Advanced Filters)
The 5-Step Data Pattern Filtering Process
Step 1: Determine what you are interested in
Step 2: Find out the field value
Step 3: Find the offset value
Step 5: Input the value you want to filter on
Filtering on a Single Bit Value
Complex Boolean Data Pattern Filter Techniques
AND (Catching Port Unreachables)
OR (Catching Non-Standard FTP Operations)
OR (Catching Subnet Traffic - Bidirectionally)
AND NOT (Catching All Fragmented Packets)
CHAPTER 3 Application Analysis
Why Analyze an Application
Big Money Applications
Applications From Hell
Management From Hell
When to Perform a Complete Application Analysis
Application Analysis Procedures
1Outline the application functions you want to analyze
Step 1: Outline the application functions you want to analyze
Step 2: Prepare the Application Analysis Form
Step 3: Launch your analyzer with a filter on the test station
1. Build a test station filter
2. Set up the appropriate buffer size
3. Test your filter
Step 4: Record starting packet count
Step 5: Launch the application
Step 6: Record packet count (when it stops incrementing)
Step 7: Execute command #1
Step 8: Record packet count (when it stops incrementing)
Step 9: Execute command #2 and other commands in the test
Sample Application Analysis: FTP File Transfer
Sample Application Analysis: HTTP Web Browsing Test
Chapter Three Quiz
CHAPTER 4 Manual Decoding
When the Decodes End
Understanding Raw Packet Formats
Decoding the MAC Header
Decoding the IP and UDP Headers
Bit-Level Decode of the DNS Flags Field
Chapter 4 Quiz
CHAPTER 5 The Master Analyst’s Toolkit
Hex Editor
Sanitizing Trace Files
Searching for Text Strings
Converting Hex to Decimal to Binary
Packet Sanitizer
General Route Tracing Tool
All Purpose TCP/IP Utilities
APPENDIX A Answers to Quizzes
Chapter One Answers
Chapter Two Answers
Chapter Three Answers
Chapter Four Answers
APPENDIX B Switched LAN Analysis
The Problem with Switches
Hubbing Out
Port Redirection
Static Spanning - Single Port
Static Spanning - Multiple Ports
Remote Spans
VLAN Spans
Choosing a Hot Port
Spanning a Server Port
Spanning a Client Port
Spanning Router and Firewall Ports
RMON (Remote Monitoring)
Overloading an Analyzer
APPENDIX C Resources for Analysts
Network Analysis Articles
Recommended Books and Periodicals
Web Sites
Protocol/Network Analysis
APPENDIX D Application Analysis Form
0 of .
Results for:
No results containing your search query
P. 1
Advanced Network Analysis Technique

Advanced Network Analysis Technique

Ratings: (0)|Views: 38|Likes:
Published by Syahrial Putra
Network Analysis
Network Analysis

More info:

Categories:Book Excerpts
Published by: Syahrial Putra on Sep 11, 2013
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 5 to 18 are not shown in this preview.
You're Reading a Free Preview
Pages 23 to 49 are not shown in this preview.
You're Reading a Free Preview
Pages 54 to 119 are not shown in this preview.
You're Reading a Free Preview
Pages 124 to 138 are not shown in this preview.
You're Reading a Free Preview
Pages 143 to 222 are not shown in this preview.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->