Network Monitoring and Analysis

Network Monitoring and Analysis : A Protocol Approach to Troubleshooting

4 (6 ratings by Goodreads)
By (author) 

List price: US$56.67

Currently unavailable

We can notify you when this item is back in stock

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks


Ever wonder what in the world is happening "under the hood" of your network? Why things suddenly slow down, print jobs fail? Network monitoring is the least understood aspect of network administration -- and one of the most important. In this book, a leading networking expert shows you exactly how to monitor and analyze your Windows-based network -- and how to use the information to maximize performance, reduce congestion, plan for growth -- even identify intrusions! Start by reviewing the TCP/IP, IPX/SPX, Ethernet, and Samba protocol basics you need in order to monitor and analyze networks effectively. Inspect network traffic from four different perspectives: client traffic, server traffic, application traffic, and service traffic. Next, learn how to use each version of Microsoft's Network Monitor (Netmon) -- and compare commercial network monitoring tools, discovering when to use each. Finally, review four of the most important networking troubleshooting scenarios, in-depth: connectivity problems, faulty applications, hardware problems, and compromised security -- walking through the process of identifying, analyzing, and solving the problem, step-by-step. For all network and Windows system administrators seeking to improve the performance of their networks.
show more

Product details

  • Mixed media product | 350 pages
  • 180.34 x 233.68 x 17.78mm | 544.31g
  • Prentice Hall
  • Upper Saddle River, United States
  • English
  • w. figs.
  • 0130264954
  • 9780130264954

Back cover copy

TCODE = 2649E-2 Windows NT(R) network troubleshooting, from the ground up! Real-world scenarios, easy examples, and plenty of illustrations Proactive solutions for improving performance and supporting new applications CD-ROM: Sample network traces, custom filters, batch files, and other great tools

Make your Windows-based networks faster, smarter, and more reliable - step by step!

Ever wonder what's actually happening inside your network? Why multi-tier applications suddenly slow down, print jobs fail, network elements suddenly disappear? The truth is in there-if you have the network monitoring and protocol analysis skills you need to unearth it! That's where Ed Wilson's Network Monitoring and Analysis comes in. It's your complete, hands-on guide to monitoring and analyzing Windows NT-based networks-and using the information to maximize performance, plan for growth-even identify intruders! Coverage includes all this and more:

TCP/IP, IPX/SPX, Ethernet, and Samba: protocol basics for effective monitoring and analysis Understanding network traffic from every perspective: client, server, application, and service DHCP, Internet email, and Microsoft(R) Exchange: unique characteristics and issues Using Microsoft's Network Monitor (Netmon) In-depth, step-by-step troubleshooting: connectivity problems, faulty applications, defective hardware, and compromised security

There's nothing mysterious about network monitoring and analysis-and for Windows network and system administrators, there's no skill more valuable! If you want maximum performance and maximum reliability, Network Monitoring and Analysis shows you how to get it-step by step, start to finish!
show more

Table of contents


1. Basic Network Models.

The OSI Model.Application Layer. Presentation Layer. Session Layer. Transport Layer. Network Layer. Data Link Layer. Physical Layer. The IEEE 802 Project. Enhancements Made to the OSI Model. Logical Link Control Layer (LLC). Media Access Control Layer (MAC). A Look at How Data Makes it Onto the Wire. The Packet Creation Process. Ethernet Communication Specifics. What Is the Role of Protocols in All This? Protocol Stack. A Layered Approach. So How Do I Tie All This Together? Application Protocols. Transport Protocols. Network Protocols. Connection-Oriented Network Service. Connectionless Network Service. Data Link Layer Addresses. Network Layer Addresses. Data Encapsulation. IP over LAN Technologies. Flow Control. Internetworking Functions of the OSI Network Layer. WAN Services. Chapter Review. In the Next Chapter.

2. The TCP/IP Protocol Suite.

Transmission Control Protocol. A Look at the TCP Header. A Look at the Three-Way Handshake. The TCP Quiet Time Concept. Half-Open Connections and Other Anomalies. Reset Generation. Reset Processing. Scenario 1: Local User Initiates the Close. Scenario 2: TCP Receives a FIN from the Network. Scenario 3: Both Users Close Simultaneously. The Communication of Urgent Information. Managing the Window. User/TCP Interface. TCP User Commands. Send. Receive. Close. Status Abort. TCP/Lower-Level Interface. Events That Occur: User Calls. LISTEN STATE. SEND Call. Internet Protocol. The IP Header. Chapter Review. In the Next Chapter.

3. The SPX/IPX Protocol.

SPX Protocol. SPX Header. IPX Protocol. Connectionless Protocol. Operates at the OSI Network Layer. Packet Structure. IPX Addressing. Network Number. Reserved Network Numbers. Internal Network Number. Node Number. Socket Number. How IPX Routing Works. Session and Datagram Interfaces. Message Header Structures. Chapter Review. In the Next Chapter.

4. Server Message Blocks.

SMB Operation Overview. Server Name Determination. Server Name Resolution. Message Transport. Sample Message Flow. Dialect Negotiation. Connection Establishment. Backwards Compatibility. Session Setup. Connection Management. SMB Signing. Opportunistic Locks. Exclusive Oplocks. Batch Oplocks. Level II Oplocks. Security Model. Resource Share/Access Example. Authentication. Distributed File System (DFS) Support. SMB Header. TID Field. UID Field. PID Field. MID Field. Flags field. Flags2 Field. Status Field. Timeouts. Data Buffer (BUFFER) and String Formats. Access Mode Encoding. Open Function Encoding. Open Action Encoding. File Attribute Encoding. Extended File Attribute Encoding. Batching Requests ("AndX" Messages). Chapter Review. In the Next Chapter.



CLIENT INITIALIZATION DHCP traffic. WINS Client Traffic. Name Registration and Renewal. Logon Traffic. Finding a Logon Server. Netlogon Optimization. Browsing. Browser Host Announcements. Where Are the Backup Browsers? Browser Traffic Optimization. Chapter Review. In the Next Chapter.

6. A Look at Server Traffic.

DNS Resolving an Address. Recursive Look-ups. Integration with WINS. DNS Optimization. BDC Initialization. Where Is the PDC? Updates to the Database. Optimizing Account Sync Traffic. NetLogon Service. Chapter Review. In the Next Chapter.

7. A Look at Application Traffic

File and Print WINS Request 194Broadcast. ARP. Three-Way Handshake. NetBIOS Session. SMB Dialect Negotiation. Internet Browsing. Web Pages. Secure Sockets. Optimizing Intranet Browser Traffic. Chapter Review. In the Next Chapter.

8. Exchange and Internet Mail.

Exchange Opening and Closing the Session. Exchange Server in Action. POP3 Protocol. Exchange Server to Server. Chapter Review. In the Next Chapter.


9. Microsoft's Network Monitor Family.

Network Monitor Making the Capture. Manually Capturing Traffic. Viewing the Capture. Saving the Capture. Filtering the Capture. Analyzing the Capture. Network Monitor Security. Password Protection. Network Monitor Installations: Detecting Others. Systems Management Server. Network Monitor. Additional Features. Connecting to Remote Agents. The Wizards. Configuring Triggers. Network Monitor 2.0. The Cool New Features. Things That Don't Work. Additional Security Features. Chapter Review. In the Next Chapter.


10. Troubleshooting Issues Workstation Cannot Logon Can We Ping the Server?

Workstation Cannot Logon Can We Ping the Server? Now We Have a Case for a Laptop! Workstation Cannot Obtain DHCP Lease. Look at the Conversation. Analyze What Is Missing. Workstation Is Slow. Can You Define Slow? What Is the Source of Your Discontent? Logon Problems. I Am Trying to Authenticate, but Where? Strange Event Log Errors. A Method for Looking at Server Problems. Running Unattended. Excessive Broadcasts. Who Is Doing It? Why Are They Doing It? Chapter Review. In the Next Chapter.

11. Security Issues

Rogue DHCP Servers.Have I Got an Address for You? Well, Where Are You? Unauthorized Sniffing. First, You Have to Find Them. Then You Give Their Sniffer a Sinus Problem! Chapter Review.

Appendix A: A List of Well-Known TCP and UDP Port Numbers
Appendix B: Command Line Utilities
Appendix C: Common NCPs
Appendix D: Troubleshooting Common Network Errors.

Runt/Long Frames. CRC or FCS Errors. Collisions. Late Collisions.

Appendix E: NetBIOS Suffixes.
Appendix F: Domain Controller Startup.
Appendix G: Opening a Web Page.
show more

About Ed Wilson

ED WILSON (MCSE, MCT, Master ASE, CCNA) is a Senior Networking Specialist with Full Service Networking, a Microsoft Solution Provider Partner in Cincinnati, OH. He is the co-author of several networking books.
show more

Rating details

6 ratings
4 out of 5 stars
5 0% (0)
4 100% (6)
3 0% (0)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X