November 13, 2005

Use the SANS Internet Storm Center to research "weird" ports!

Network General's Sniffer User Summit was this week in Miami Beach, and it was great to discuss tips and tricks with Sniffer users from all over the world. Although I was a bit under-the-weather, I was able to compile a... Read more...
Posted by james_messer at 01:10 PM | Comments (0)

March 12, 2005

Filtering ASCII text on a Sniffer Distributed s6040

The Sniffer Distributed s6040 is a powerful chassis-based analyzer that's designed for core networks. One of the more advanced features of the s6040 is its ability to filter on specific data patterns during capture, regardless of the data's offset. This capture-in-hardware capability adds a new level of filtering, especially on networks with high utilizations.

Read more...
Posted by james_messer at 06:57 PM | Comments (0)

October 07, 2001

Questions, Questions!

Is your network analyzer asking questions?

Read more...
Posted by james_messer at 11:38 PM | Comments (0)

August 01, 2001

Traffic Jams

Use your Traffic Generator for good, not evil!

Read more...
Posted by james_messer at 11:33 PM | Comments (0)

July 01, 2001

Multi-Segment Network Analysis

Use your analyzer on more than one network!

Read more...
Posted by james_messer at 11:23 PM | Comments (0)

June 01, 2001

Multiple Filtering Multiple Filtering

Use more than one filter!

Read more...
Posted by james_messer at 11:21 PM | Comments (0)

April 16, 2001

Tracking IP Protocols

There's TCP and UDP, but what's in there?

Read more...
Posted by james_messer at 11:18 PM | Comments (0)

March 18, 2001

Finding CRC Errrors in a TCP Header

Is there an easy way to find these protocol needles in your decode haystack? Of course there is!

Read more...
Posted by james_messer at 11:11 PM | Comments (0)

February 16, 2001

Network Analyzer Tune-Up

Many people and organizations have protocol analyzers, but are they ready to use at the drop of a hat? This Tip of the Moment gives some advice for keeping your analyzer in top working condition!

Read more...
Posted by james_messer at 09:20 PM | Comments (0)

February 15, 2001

Understanding Trace File Formats

What's a .CAP, .CAZ, or .ENC? We'll tell you!

Read more...
Posted by james_messer at 12:19 AM | Comments (0)

January 15, 2001

Fast Ethernet Collisions

Things have changed from the 10 megabit days! What are all those 434343's?

Read more...
Posted by james_messer at 11:00 PM | Comments (0)

September 15, 2000

User-Initiated Packet Capture

When the network begins to slow down, have your end-users start their own packet capture!

Read more...
Posted by james_messer at 10:46 PM | Comments (0)

May 15, 2000

Make Your Point With Cumulative Time Stamps

Find out how cumulative time-stamps can assist your network analysis!

Read more...
Posted by james_messer at 11:36 PM | Comments (0)

May 01, 2000

Finding the Right Network Interface Card

Why do we need special network cards for network analysis?

Read more...
Posted by james_messer at 11:17 PM | Comments (0)

April 15, 2000

An Expert Subnet Mask

Set the Subnet Mask, or your Expert won't be very smart!

Read more...
Posted by james_messer at 02:34 PM | Comments (0)

April 01, 2000

Is Your Network Hot?

Find out how to combat an overheating network!

Read more...
Posted by james_messer at 04:38 PM | Comments (0)

March 15, 2000

Shining the Lights on Broadcast Storms

Don't have a network analysis tool? Use the lights on your switch to help diagnose broadcast storms.

Read more...
Posted by james_messer at 11:22 AM | Comments (0)

March 01, 2000

Taking a Network Snapshot

What's the best way to quickly analyze a new network segment? Take a snapshot!

Read more...
Posted by james_messer at 10:27 AM | Comments (0)