My Photo
Subscribe to this blog's feed




Recent Comments

LMT Authors

Recent Posts

April 29, 2013

Moving beyond "It's not the network" (by Chris Greer)

Network slow

Ok, we get it. It's not the network.

Over the past few years, network engineers have slowly been winning the battle of blame. Even though most people still say "The network is slow" when there is a performance problem, many engineers now have the tools to prove otherwise. Whether they use SNMP to check their infrastructure devices, flow tools to watch for utilization spikes, packet analysis engines to watch-dog applications, or automated performance analyzers with built in alarms, most environments have some type of monitoring in place to help the engineer prove his case.

However, the problem now becomes - what next?

Continue reading "Moving beyond "It's not the network" (by Chris Greer)" »

Posted in Chris Greer | | Comments (3) | TrackBack (0)

| |

April 28, 2013

Sunday Buzz: Size Matters (by Denny K Miu)


Size_matters2


I recently came back from a seven-week trip to Asia, visiting Japan, Hong Kong and China. I always make a point of taking inventory of the electronic gadgets that I packed when I travelled. It is a nostalgic measure of how technology has evolved, constantly improving my personal and professional life over the years.

This time I carried an iPhone 5, an iPhone 4, a Kindle, a Nexus 7 and a Macbook Air.

Throughout the entire trip, my iPhone 5 was my camera-of-choice and my "Star Trek" communicator (whenever I had Internet connection). With Photo Stream and iMessage, I was able to stay in constant contact and share real time experience with my family at home (who are almost all Apple users).


Continue reading "Sunday Buzz: Size Matters (by Denny K Miu)" »

Posted in Sunday Buzz | | Comments (4) | TrackBack (0)

| |

April 25, 2013

Rocks, Hard Places and Everything In-Between (by Paul W. Smith)

044-Man-Rock 1

 

In the opening scene of “My Favorite Martian”, the technical mojo of Caltech/JPL/NASA comes mano a mano with the ultimate objective, Martian rock One-One-Niner.  After conquering 352 million miles of space, the fictional Mars lander runs out of power just as it rolls up to its target.  As the scene wraps, the voice of Mission Control is heard rationalizing the 5 years and $3 trillion dollars that were spent.  We saw lots of nice little rocks along the way, the voice intones, so what does it matter if we came up short of the big one.  The titles roll, the camera pans upward, and a bustling Martian metropolis comes into view.

Rocks like One-One-Niner are a lot more interesting than you might think, even if you are not geologically inclined.  Rocks have been part of life, both metaphorically and concretely, for a very long time.   Clement of Alexandria wrote of a fellow named Simon, born around 1 B.C.  It seems that Simon was hanging out with a Jewish carpenter who decided to change this humble fisherman’s name to Peter.  Wisely, Simon went along with it.  The name comes from the Greek “petra”, meaning “rock”.  Simon, aka St. Peter, went on to become a legendary example of leadership and devotion. 

Since those days there have been many noteworthy rocks, including a wrestler/movie star (Dwayne “The Rock” Johnson), a movie about a prison (“The Rock”, starring Sean Connery and Nicholas Cage) and even a household pet.  There are numerous versions of “Rock of Ages” , including a movie (which Tom Cruise should be ashamed of), and a song title for both a Christian hymn (1775 by Reverend Augustus Toplady) and a rock and roll song (1983 by Def Leppard).  Without rock there would be no rock and roll, and Freddie Mercury would have nothing to do to you. 

Continue reading "Rocks, Hard Places and Everything In-Between (by Paul W. Smith)" »

Posted in Paul W. Smith, Technology and Society | | Comments (0) | TrackBack (0)

| |

April 24, 2013

Hunting For Devices With ARPS And Wireshark (By Tony Fortunato)

It always gives me sense of satisfaction when I have a challenge and can leverage some knowledge to figure out.

Today I was in the lab and was powering on two Cisco switches when I noticed that they weren’t labeled with their IP addresses.  I’m not sure why I did not label them, but now I have to pay for it.

For those of you who have not been in this situation before I will explain.  My switches have a DB9 serial connection and of course good luck finding a computer with a serial port. So now I have to rummage through the box of wires to find the serial to USB adapter.  I have had to buy a second one in 2 years since my original does not have a Windows 7 driver, but I digress. After I find the cable, I have to find the installation disk because last week I migrated to a new laptop….  I’m sure you get the picture.

On to plan B.  I know the switches have IP addresses since I hard code IP addresses on all of my switches. 

Continue reading "Hunting For Devices With ARPS And Wireshark (By Tony Fortunato)" »

Posted in Test & Measurement, Tony Fortunato | | Comments (0) | TrackBack (0)

| |

April 21, 2013

Protecting the Data Evidence (by Casey Mullis)

If an item is to be used in the court of law in the United States, it has to be preserved to the best of your ability. If you want to use data evidence you have to protect it as if it were a murder scene or any other type of crime scene. Most do not understand the process or the amount of data that could potentially be located in a device.

This moves us into the question “How do I preserve data evidence to be used in a court of law?” The answer we are going to talk about is a “Hardware Write Blocker”. There are more types of write blockers but we are going to look at the hardware type at this time and to be more specific we will be looking at CRU, Inc write blockers. You can see some videos of their products here VIDEOS.

Wiebetech2

Continue reading "Protecting the Data Evidence (by Casey Mullis)" »

Posted in Casey Mullis, Cyber Crime, Data Seizure Tools | | Comments (0) | TrackBack (0)

| |

April 17, 2013

How to Capture Every Packet and Why it Matters (by Chris Greer)

When analyzing an application problem, it is critical to capture traffic in the right location, with the right method (SPAN or TAP), on the right server, using the right analyzer – one that won't drop traffic.

If the stars somehow align and this is all possible, the final piece of the 'capture' puzzle is collecting traffic at the right time. The problem needs to be in progress while the capture is running. This may be the most difficult part of the process, since many application problems are intermittent, and cannot be reproduced on-demand.

To address this problem, many engineers choose to use a Network Recorder to collect every packet on a connection over a long period of time, allowing them to analyze problems that have occurred in the past. However, this analysis tool can only capture traffic that has been properly sent to it. As has been repeatedly discussed on this site, a packet can be captured in three basic ways – using a SPAN/Mirror port on a switch or a network tap. The SPAN/Mirror port or tap must be able to handle the traffic stream being monitored, which can be tricky in a high-throughput environment.

When capturing, make sure that the traffic level is well under the threshold for the capture method, and that a capture device such as the Network Time Machine is used, which can capture at line-rate in high-traffic environments, 24/7.

If a packet is lost by the capture method, meaning the SPAN or Tap, this will appear as packet loss to the analyzer. Time may be spent chasing a false alarm such as packet loss, when the issue all along was with packets not making it to the analyzer. Considering these things ahead of time and taking appropriate action will save tons of time when an application problem strikes.

Capture once. Capture smart!

Chris_greerPacket Pioneer Logo Author Profile - Chris Greer is a Network Analyst for Packet Pioneer. Chris has many years of experience in analyzing and troubleshooting networks. He regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark and ClearSight Analyzer. Chris also delivers training and develops technical content for several analysis vendors. He can be contacted at chris (at) packetpioneer (dot) com.

Posted in Chris Greer, Deep Packet Inspection, Protocol Analysis | | Comments (0) | TrackBack (0)

| |

April 16, 2013

Tell Us About Your Network and Receive a Free IP Poster (by Steve Brown)



What are your priorities and challenges in 2013? The “State of the Network” survey is underway and we want to hear from you! Take three minutes to complete our survey and receive the newly designed Network Instruments' Protocol Poster. The survey will close in two weeks, be sure to complete it today and receive a free copy of the research upon its publication. Thanks.

Posted in Network Instruments Inc. | | Comments (0) | TrackBack (0)

| |

April 14, 2013

Troubleshooting WiFi Issues with Wireshark (by Tony Fortunato)

A customer called me and wanted some help troubleshooting some wireless problems. Their users have been reporting intermittent wireless performance issues and getting ‘dropped’. To top it all off their WLAN controller has also been reporting ‘containment’ error messages that weren’t to descriptive or helpful.

I showed up on site and did all the basic RF checks with my AirMagnet Spectrum XT to make sure there wasn’t an RF issue like an interferer or channel planning issues. Like I always say, “Start at Layer 1”.

Then I moved up a layer using my Fluke Networks AirCheck and AirMagnet WiFi Analyzer. Everything looked pretty quiet and nothing jumped up at me, so I saved some trace files to review later.

Then I thought I would take the trace file and open it with Wireshark since I have more experience with packet analysis than I do using the AirMagnet/AirCheck tools.

Continue reading "Troubleshooting WiFi Issues with Wireshark (by Tony Fortunato)" »

Posted in Test & Measurement, Tony Fortunato | | Comments (8) | TrackBack (0)

| |

April 10, 2013

Fluke Network AirMagnet Spectrum XT SNMP Traps (by Tony Fortunato)

I was working on a wireless interference problem at a client site when they asked if there was a way to get an alert if the interference appeared.

Problems such as this one where the issue is intermittent and random, I’m always looking for tools that will keep an eye out for me and ideally, notify me when a problem occurs. Wireless issues are especially tough since it can be anywhere or transmit anytime.  Short of pitching a tent and waiting for a while, this is where a tool with some kind of notification is a real benefit.

In this specific case I used AirMagnet Spectrum XT to send a SNMP trap to a SNMP trap listener.  If you aren’t familiar with the terminology, a SNMP trap listener is just software that listens for other devices to send a SNMP message, or trap. A more advanced listener will send an email when the trap arrives.

Continue reading "Fluke Network AirMagnet Spectrum XT SNMP Traps (by Tony Fortunato)" »

Posted in Test & Measurement, Tony Fortunato | | Comments (0) | TrackBack (0)

| |

April 08, 2013

Analyze VoFi With WildPackets (by Jay Botelho)



With all the hype around gigabit wireless - 802.11ac (scheduled for ratification in early 2014) and 802.11ad (ratified December 2012), the delivery of new services like Voice over Wireless (VoFi) is sure to grow in popularity, not only for consumers, but in the enterprise as well. Handing a few simultaneous calls on a home network is not much of a challenge, but handling 10 – 50 simultaneous calls per AP in an enterprise setting, all while continuing to deliver wireless data feeding ever-more-demanding applications, is most certainly a challenge, hence the limited deployment so far. But with much faster wireless network speeds just around the corner, services like VoFi are ready for primetime.

VoFi can provide a real benefit in the workplace, especially in highly mobile environments buried deep inside buildings, like hospitals, warehouses, and customer service in large box stores. To serve mobile workers today, these industries often use cellular technology, but coverage issues within these facilities significantly reduce call quality, not to mention the cost of service for each cell phone. With VoFi, APs can be placed to ensure optimum call quality throughout the facility, reducing dropped calls and significantly increasing customer satisfaction. And all this for a fixed cost, just the handsets and the APs, with no additional monthly charges.

Whether or not your organization has picked up on the VoFi trend yet, gigabit wireless will be the enabler for many organizations to jump on board. Below are suggested steps for network monitoring and analysis with VoFi, so you can be ready when the time comes.


Continue reading "Analyze VoFi With WildPackets (by Jay Botelho)" »

Posted in Application Performance, Test & Measurement, VoIP Monitoring, WildPackets | | Comments (1) | TrackBack (0)

| |

« Previous | Next »

LMT Advertisers


LMT Sponsors

News From LMT Sponsors

  • Endace

  • Datacom

  • NetScout

  • WildPackets

  • Sharkfest

  • Anue Systems

  • National Instruments

  • Riverbed

  • Net Optics
  • Garland