Network Troubleshooting Products
Network Troubleshooting Products
There are several graphical troubleshooting tools that can be used with a Microsoft Windows network. Some of these are, Nmap (zenmap), inSSider, pathping, Route, Wireshark/tcpdump, PTRG Network Monitor, ipconfig/ifconfig and Tracert/traceroute. The three being focused upon here are Nmap (zenmap), Wireshark/tcpdump and Pathping. These are the most commonly used network troubleshooting tools.
Network Mapper Nmap (zenmap) is a free open source utility that acts as a security scanner (Lyon, 2008). Its main objective is port scaning though it performs other functions such as, operating software scanning and detection, ping sweeps and version detection. This is useful for auditing purposes as it searches an entire network. Other capabilities are managing service upgrade schedules and carrying out inventory on the network. The service uptime is also managed by the Network Mapper. This is achieved by sending packets to the network target hosts which are analyzed before creating a ‘map’. It is through this map that the tool is able to scan the network and dectect possible vulnerability points before returning the feedback. Advantages of Nmap are; flexibility: this implies that it is suited to support several network mapping techniques that range from conducting ping sweeps, to taking advantage of both UDP and TCP port scanning methods (Held, 2013). Nmap is easy to use as it has both command lines and graphical user interface versions. It is a free utility available to all users. One limitation to the Nmap utility tool is that the fingerprinting method it uses is slowly being outdated by SinFP tools.
Wireshark is an open source networking tool used to develop protocol communication in the network. It does troubleshooting by analyzing the captured packets and filtering some of the communications. This packet scanner analyzes the network traffic through the use of network interface controllers. All traffic is not able to be captured through the network switch therefore, other tools are used with it in promiscuous mode. This poses as one of the limitations. Another limitation is that it not able to capture data between frames. This is because it is centered on packets and not data. This implies that one cannot obtain 100% of the data line. It is also difficult to find errors because there are possible gaps between frames. In instances of large network file capture, it is limited because its performance cannot be increased. It is still a powerful tool as seen when used with the display filters available to it. Deep protocol inspection is possible as it has decryption support for several protocols.
Pathping combines the functionality of both ping and those of tracert (Morimoto 2008) with a route tracing tool that neither of them has independently. It is path-centric; therefore, each router receives packets over time which is used to determine the feedback results. Ping usually tests the connectivity between the requesting host and the destination host. An echo packet is what is transmitted between the two hosts. If here is a to and fro communication, then the host is reachable. The tracect is used to give more detailed information between the two hosts and the route that was used by the packets. It also gives the response time of the communication done between the hosts. Problems within the networks can easily establish as the links and the routers show the degree of packet loss. Its major advantage is troubleshoots faster than other tools as it uses a single command thus saving time.
Held, G. (2013). Windows networking tools: The complete guide to management, troubleshooting, and security. Boca Raton, FL: CRC Press.
Lyon, G. F. (2008). Nmap network scanning: Official Nmap project guide to network discovery and security scanning. Sunnyvale, CA: Insecure.Com, LLC.
Morimoto, R. (2008). Windows Server 2008: Unleashed. Indianapolis, Ind: Sams.