Oct 15 2009   6:44PM GMT

Free Training - Laura Chappell presents: Wireshark 201 Jumpstart - Filtering on the Good, the Bad, the Ugly

Posted by: Troy Tate
network analysis, protocol analysis, packet analysis, packet capture, training, education, wireshark, ethereal, tcp/ip, trace files, Networking, tools, Monitoring, reporting, IT education, performance monitoring, troubleshooting, howto, Metrics, analysis, Laura Chappell

Laura Chappel, the BitGirl, is at it again with another in her series of Wireshark Jumpstart webinars. The next one is called Wireshark Jumpstart 201: Filtering on the Good, the Bad, the Ugly. It will be held on October 27 - 10:00am-11:00am PDT (GMT-7). If you manage networks or want to manage a network, a good understanding of protocol and packet analysis will help you immensely with your career.

Some things you will learn in this webinar:

• Using the Default Capture and Display Filters
• Creating a Few Hot Capture Filters
• Filtering Tips and Tricks for Troubleshooting
• Filtering Tips and Tricks for Security

Even if you are very familiar with Wireshark or other packet capture and protocol decode tools, Laura’s seminars are well worth attending. You might even find out a little tidbit here or there because Repetition is one of the keys of learning. Unfortunately I will not be able to attend this webinar since I will be on a golf vacation in North Carolina. So, if you attend this event, please come back and share with me and other IT Trenches readers what you learned and how valuable the webinar was for you.

Thanks for reading and let’s continue to be good network citizens!

Sep 16 2009   7:00PM GMT

Monitoring Windows Server CPU performance

Posted by: Troy Tate
Performance, performance monitoring, perfmon, server monitoring, cpu, hardware, performance management

I didn’t realize how much I really didn’t know about CPU performance monitoring until I read this Microsoft Technet blog on Interpreting CPU Utilization for Performance Analysis. As the article says: If you rely on CPU utilization as a crucial performance metric, you could be making some big mistakes interpreting the data.

Take some time and review this recent (August 2009) posting on this issue. If you manage/monitor Windows servers and watch server performance, this article will give you a better understanding of the ins/outs of interpreting CPU utilization.

Here’s 4 of the top 9 takeaways that you will learn by reading this article:

Summary of Key Takeaways

Key takeaway #1: Processor of type A @ 100% utilization IS NOT EQUAL TO Processor of type B @ 100% utilization

Key takeaway #2: 2 HW threads on the same package @ 100% utilization IS NOT EQUAL TO 2 HW threads on different packages @ 100% utilization (for better or worse)

Key takeaway #3: 2 HW threads on the same logical core @ 100% utilization IS NOT EQUAL TO 2 HW threads on different logical cores @ 100% utilization (for better or worse)

Key takeaway #4: 2 HW threads on the same NUMA node @ 100% utilization IS NOT EQUAL TO 2 HW threads on different NUMA nodes @ 100% utilization (for better or worse)

Thanks for reading and let’s continue to be good network citizens!

Jul 20 2009   6:36PM GMT

Wireshark quickstart tutorial - learn to capture network traffic

Posted by: Troy Tate
network analysis, protocol analysis, packet analysis, packet capture, training, education, wireshark, ethereal, tcp/ip, trace files, Networking, tools, Monitoring, reporting, IT education, performance monitoring, troubleshooting, howto, Metrics, analysis, Laura Chappell

There are more upcoming sessions in the Laura Chappell seminar series called Wireshark 101Jumpstart tutorials. Check out the schedule at Chappell University website. Some of the things you will learn include:

• Wireshark elements and capabilities
  
• Tapping into the wired or wireless network
  
• Capturing and filtering basics
  
• Graphing basics

If you cannot attend the seminar, you can still register and download the seminar notes and gain access to the trace files used in the session. If you manage a network, you should learn this stuff! Be sure to register and attend early. The sessions are limited to 1000 viewers and these fill up FAST!

See my entry

Repetition is one of the keys of learning

for a how attending one of these seminars helped address an issue I was having with using Wireshark.

Thanks for reading and lets continue to be good network citizens!

May 26 2009   7:34PM GMT

Repetition is one of the keys of learning

Posted by: Troy Tate
network analysis, protocol analysis, packet analysis, packet capture, training, education, wireshark, ethereal, tcp/ip, trace files, Networking, tools, Monitoring, reporting, IT education, performance monitoring, troubleshooting, howto, Metrics, analysis, Laura Chappell

I recently posted an update about Laura Chappell’s Chappell University Online seminars. I attended one of these seminars today. What a great experience! I always try to attend Laura’s events and always pickup a tidbit that makes my life as a network manager easier. She gives you information about tools you can use to fight the battle of “the network is down”. Most of the time the network is behaving as designed. It’s poorly written applications or too high user expectations that create issues. So, if you want be the expert on fighting the network is “bad” syndrome - check out Laura’s presentations - I did and I learned something new… Continued »

May 21 2009   12:57PM GMT

Master key tasks for network troubleshooting - Chappell University Online Seminars

Posted by: Troy Tate
network analysis, protocol analysis, packet analysis, packet capture, training, education, wireshark, ethereal, tcp/ip, trace files, Networking, tools, Monitoring, reporting, IT education, performance monitoring, troubleshooting, howto, Metrics, analysis

I’m a huge fan of Laura Chappell. She has a great sense of humor and is a great educator about all things packet oriented. Previous posts about Laura have included:

Is protocol analysis or network management your thing?

ARP as a network auditing tool

Did you see this? - Latest Laura Chappell Newsletter

Did you see this? - the viral bitgirl

She has now started a new online seminar series. Some of the presentation are free and others are accessible for a fee of $99. If you cannot get away for education, then this is an excellent alternative and you can gain a great amount of knowledge from this packet analysis expert. I recommend that you visit Chappell Online University and sign up for the free Wireshark Jumpstart: Master Key Tasks for Network Troubleshooting seminar to get a feel for the seminars.

Thanks for reading and let’s continue to be good network citizens!

Apr 29 2009   12:25PM GMT

Did you see this? - Free Wireless LAN planning, deployment and management tools

Posted by: Troy Tate
tools, toolkit, wi-fi tools, network analysis, performance analysis, performance monitoring, wlan, 802.11, free, throughput, network throughput, throughput testing

Xirrus is a WLAN equipment manufacturer. They have some very cool products and if you have not checked them out and are looking for installing, adding or replacing any WLAN network gear, then I suggest you take a look at their offerings before making a decision.

Xirrus has a page on their website where they offer some cool free tools for planning, deploying and managing wireless networks. The tools will work on any 802.11 wireless network as well as on wired networks. Some of the tools available include:

Xirrus Wi-Fi Inspector
The Xirrus Wi-Fi Inspector is a powerful tool for managing and troubleshooting the Wi-Fi on a Windows XP or Vista laptop. Built in tests enable you to characterize the integrity and performance of your Wi-Fi connection.

Xirrus Wi-Fi Monitor Gadgets/Widgets
The Xirrus Wi-Fi Monitor allows you to monitor your Wi-Fi environment and connection in real time from your desktop in an easy-to-use mini-application. Nine different color skins allow you customize the Wi-Fi Monitor to your desktop

Iperf
Iperf is an easy to use and very popular tool that every IT professional should have that measures maximum throughput. Iperf provides you the data to tune TCP and UDP characteristics. Iperf reports throughput, delay jitter, and datagram loss in easy to understand tables and graphs. You can run Iperf from and command line or a GUI interface.

Qcheck
Qcheck is a must have and handy tool for any IT professional. It does much more than the traditional “ping” command

Other tools are available on this excellent website. I recommend that you take a few minutes, review the offerings and add to your toolbox those tools of value to you.

Thanks for reading and let’s continue to be good network citizens.

Apr 27 2009   1:29PM GMT

Simple is not always easy - SNMP for network management

Posted by: Troy Tate
snmp, mib, Monitoring, performance monitoring, trend analysis, tools, netadmin, sysadmin, protocol, rfc

SNMP - Simple Network Management Protocol has been around since the late 1980’s (RFC 1065, 1066, 1067). It has moved from SNMPv1 to the current SNMPv3 (RFC 3411 - 3418). Older versions are considered obsolete or historical.

SNMP is available on almost every network device such as switches, routers, servers, desktops and laptops. It is a feature provided by the operating system on these devices. Since it is so prevalent and across so many platforms, it is a significant risk to an environment if the SNMP configuration is enabled and the defaults are not changed, a malicious hacker could gain a lot of information and possibly control an organization’s infrastructure with little or no notice by the affected organization.

It is critical that each sysadmin and netadmin understand this service/protocol. It is not something to be taken lightly. Device configurations can be changed using SNMP. Data can be sniffed, redirected and decoded using SNMP. The upside of SNMP is it can be used effectively as a warning system of system/network issues. Thresholds can be monitored and notifications sent before the users detect any issues. Trend analysis can be performed based on historical data.

Here’s a sampling of some SNMP resources to help you gain a better understanding of this protocol/service that is likely already running on your network but not being monitored.

SNMP Link Org - a portal to all things SNMP; has news, software, appliance information and other SNMP related resources.

SNMP Wikipedia article - a great page with links to many SNMP resources

GetIF - a nice free SNMP tool that I use occasionally to quickly watch some SNMP MIBs on devices

What SNMP tools do you like that are easy to use and available for other administrators to use?

Thanks for reading & let’s continue to be good network citizens.

Feb 27 2009   7:41PM GMT

Did you see this? - Internet Measurement Testing tools

Posted by: Troy Tate
network testing, network, testing, toolkit, research, throughput, analysis, Performance, performance monitoring

There will always be some user saying “the internet is slow”. There are many resources out there to test internet connections. The Measurement Lab is one I came across the other day. There are several useful tools under this page. Some of the tools and descriptions are listed below. Maybe one of these will be useful to you or your users some day. Just remember you heard about it on IT-Trenches! Thanks for reading and let’s continue to be good network citizens.

• Network Diagnostic Tool

  Test your connection speed and receive sophisticated diagnosis of problems limiting speed.

• Glasnost

  Test whether BitTorrent is being blocked or throttled.

• Network Path and Application Diagnosis

  Diagnose common problems that impact last-mile broadband networks.

• DiffProbe (coming soon)

  Determine whether an ISP is giving some traffic a lower priority than other traffic.

• NANO (coming soon)

  Determine whether an ISP is degrading the performance of a certain subset of users, applications, or destinations.

Dec 22 2008   7:20PM GMT

Improving yourself in 2009 - part 2

Posted by: Troy Tate
administration, planning, tools, reporting, CIO, performance monitoring, Performance, howto, Metrics, blog, education, toolkit, professional

Maybe Bubbletimer mentioned in part 1 is not something that will help improve your professional value in 2009. How about the Printable CEO series then? The tools David Seah offers on his blog seem like great resources to track your goals, tasks and time. Sometimes those we work for wonder what all we do in our positions. We sometimes have to prove our worth to the organizations who pay us. The When is something worth doing? tool that David outlines may help you improve your decision making and therefore your professional value.

What other professional development and/or tracking tools do you use in your job?  Please leave some feedback and let me know what you use or if this Printable CEO made a difference in your job.

Dec 10 2008   1:33PM GMT

Did you see this? - Latest Laura Chappell Newsletter

Posted by: Troy Tate
Networking, tools, Monitoring, reporting, IT education, performance monitoring, troubleshooting, howto, network analysis, Metrics, wireshark, packet capture, education, analysis

Newsletter 120908

Discount Codes - Nmap Book – Wireshark Certification Status – Global Knowledge – Movie Update - Virtual Conference Survey

 

Holiday/End-of-Year Specials at www.wiresharkU.com

• 25% off on Wireshark University Self-Paced Courseware (code WSU1208)
• $500 off already discounted price on Laura Chappell Master Library (code LCML1208)

Hot Links

• Summit 09 Notification
• Wireshark University Discounts - See above
• Fyodor Releases Nmap Network Scanning Book!
• Virtual Conference Survey - Should we or shouldn’t we?
• Pesky Pike: Dead Rocker - D’Ambrosia/Teves, see “Hollywood” item below
• Wireshark Training Video: Customized Columns (YouTube)

 

Fyodor Releases Nmap Book

Gordon “Fyodor” Lyon, the creator of the must-have tool, Nmap, has released the long-awaited title “Nmap Network Scanning”. This 468-page book  nmap.org) is a required reading for anyone securing a network. I was thankful that Fyodor sent me a pre-release copy of the book, which was a blessing since the content was more in-depth than I’d hoped for. Chapters define scan variations, OS fingerprinting techniques, tips and tricks and the newly-developed ZenMap, the graphic front end for Nmap. “Nmap Network Scanning” should be front and center on your desk for months and years to come! Thanks, Fyodor!

Wireshark Certification Status

Final beta tests are underway for a planned January 2009 release of the long-awaited Wireshark Certification test. The Wireshark Certification Information Packet (WCIP) should be out at the beginning of the year (sign up to receive the document at www.wiresharktraining.com/certification).I know you’ve waited a long time for the certification and I appreciate your patience - it took me a lot longer to get the questions together and ensure we could deliver via the Internet.

Global Knowledge Signed as Wireshark Authorized Training Partner

We are thrilled to sign on Global Knowledge as our North American Wireshark University Authorized Training Partner. In Q1 2009, two new Wireshark courses release – the first course focuses on Wireshark basic through advanced functionality and in-depth review of TCP/IP communication patterns (CORE 1). The second course delves into troubleshooting and network forensics with the Wireshark Certification Vouchers included in the course price (CORE 2). More course information will be put on www.wiresharkU.com before end of year.Read the press release.

The Only Thing Slower than This Network is Hollywood!

Well, folks… after hearing about the ‘movie’ project for a few years now, you’re probably thinking the darn thing isn’t going to make it out there. You’re probably right, but one more step was checked off last week – the script was finalized. The writers, Joe D’Ambrosia and Tom Teves (Murray Hill 5 Productions) gave me the near-shocking news on Friday. If you don’t know these guys, check out the “Dead Rocker” (appropriate for kids) at www.youtube.com/watch?v=I5aD00UeE9g. I kinda figured out who the murderer was (at least I knew what the main clue was) after watching a second time. Can you/your kids figure it out?

Happy Holidays to All! [Oh... and if you checked out the movie link...no, I'm not a spy and no, my kids don't play soccer.]

Laura Chappell