Jump to 0 top | 1 navigation | 2 content | 3 extra information (sidebar) | 4 footer | 5 toolbar

Content

How to detect the network malfunction via the end-point view...

Brief introduction about the Endpoint view in Colasoft Packet Sniffer

It is divided into Mac endpoint and IP endpoint in Colasoft 6.9. Users can detect the IP/Mac endpoint in the largest traffic in a short time by the endpoint analytics. And also, The system supply clear statistics of traffic ranking(Top 5 IP endpoint under HTTP protocol).

In the Endpoint view, we can see the specific traffic situation clearly of all the hosts(Including a network segment, a Mac address, and a IP address) in the currently network. Like the hosts with the largest total traffic, hosts that send/receive the largest traffic, hosts that send/receive the most packets, etc.

According to this information, we can confirm that if there are Broadcast / multicast storm, and help users detecting the network malfunctions about network slow, network disconnect, worm attack, DOS attack, and all the malfunctions besides.

Application case study Once we meet the network malfunction or attack, what the most important thing we should pay attention to, is the currently total network traffic, sent/received traffic, network connection etc, to get a clear direction to find the problem. And, all of this information are included in the endpoint view in Colasoft Packet Sniffer 6.9(figure 1):



In figure 1 we can make a compositor on the total traffic, network connection and other related information, to find and locate the host with largest traffic or most connections in the network. For example, at present, the host with the largest network connection is , we can locate the host, then check the related connection information(figure 2):

The connection information shown as the figure 2, we can know that has set up a large amount of TCP connection with other hosts, and the destination address and destination endpoint are indefinite, and Many of the state is to connect client requests synchronization. 

Next, check the TCP packets, we can check them out in Summary and Graphic as follows:



In the TCP packets information, we found has sent TCP synchronization packet, and the TCP FIN packets and TCP Reset packets are, this is deviant in the network.

Please go to the Colasoft Official FAQ page for more "How-tos"

posted by packetsniffer on Jun 10, 2009 7:34 PM | 1 comment
Tags: , , , , , ,

  • No ratings
  • No ratings
  • No ratings
  • No ratings
  • No ratings
  • 0 ratings

Business IM: Risks and Resolutions

Do your users use IM in your network? If I ask this questions, I believe above 95% network administrators will answer: Yes, of course. MSN, Yahoo IM, Aol IM, Google Talk etc,with the rapid development of instant messaging tools,which are not just used for personal entertainment, but for workplace tools. However,according to a survey on the internet, most IM users are ignorant of its risks that may cause to the organization. Here we list the main Business IM Risks and Resolutons :

? Information leaks – Confidential materials, intellectual property, or proprietary information can be revealed, either intentionally or accidentally,through IM sessions or file transfers.

? Worms, viruses, etc. – Numerous malware programs target public IM systems and allow them to bypass standard firewalls and mail server antivirus systems.Colasoft network analyzer

? Network hacks and intrusions – Hackers use IM operating ports to bypass other security barriers and enter the corporate network unimpeded.

? Compliance, regulatory, or legal violations – Organizations subject to government oversight and compliance mandates may find themselves creating legal issues by failing to properly monitor, log, and regulate IM sessions and content.

? Productivity loss – Idle chat can disrupt employee productivity.

So many risks IM has, does it mean that we have to prohibit Instant Messaging in workplace, of course not, IM has its irreplaceable benifits other than other communication methods,as email, phone call, SMS. but we have some good suggestions to decrease the IM risks.

  • Deploy network analysis tools like Colasoft Network Analyzer in your computer, to detect network intrusion attempts, monitor network usage, gain information for effecting a network intrusion.
  • Regularly remind your users to update or upgrade their antivirus software
  • Create written policies – Clearly and explicitly define acceptable and unacceptable use of instant messaging within the business environment.

    • posted by packetsniffer on Jun 8, 2009 5:12 PM | 1 comment
    Tags: , , , , , , ,

    • No ratings
    • No ratings
    • No ratings
    • No ratings
    • No ratings
    • 0 ratings

    Ten Reasons Make Packet Sniffers an Essential Network Tool

    colasoft packet sniffer No matter whether you are network administrators or IT managers, you should not be unfamiliar to the network analysis tool - packet sniffer , also known as a network analyzer, protocol analyzer or sniffer ) which has been widely used by kinds of organizations, schools, enterprises, government institutions etc.

    Maybe you are yet supirsed at why more and more enterprises, like IBM, Intel, Epson, Airbus, Ericsson etc, love to deploy packet sniffer to their company's network? OK, take a fresh coffee now, then look at the following problems, and ask yourself, as a network administrator or IT manager , if these issues are just what you have met?

    Rushing from one network problem to another every day? Have no way to judge if your network has been intruded? Helpless collecting convincing information to submit your boss even if you have realized that your network system has been intruded. No idea if current network usage is equal to actual need? Know nothing of how many staffs are not killing their time by chatting with friends, browsing irrelevant webpage etc, but focusing on their job?

    Yes, every question listed above has puzzled many network administrators, but no worry, packet sniffer can easily help you out with its strong functions, here are ten reasons make packet sniffers an essential network tools.

    * Analyze network problems
    * Detect network intrusion attempts
    * Gain information for effecting a network intrusion
    * Monitor network usage
    * Gather and report network statistics
    * Filter suspect content from     network traffic
    * Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use)
    * Reverse engineer proprietary protocols used over the network
    * Debug client/server communications
    * Debug network protocol implementations

    Currently, there are dozens of packet sniffers in the market, some are very complex to use like wireshark, you must be versed in networking,; some are designed for common network administrators, such as Colasoft Network Analyzer , all-in-one & easy-to-use , which are more and more accepted and welcome.

    posted by packetsniffer on May 13, 2009 10:06 PM | 1 comment
    Tags: , , , , ,

    • 1 rating

    What Can Hackers Do with Packet Sniffer

    What Can Hackers Do with a Packet Sniffer?

    A packet sniffer in the wrong hands is a deadly weapon. A packet sniffer is a real danger because it is a very powerful and difficult to detect tool colasoft packet sniffer Security breaches of all kinds are reported all the time. Everyday we hear of hackers who managed to steal sensitive data, of people who become victims of identity theft, etc. Very often the breaches are so incredible that you wonder if hackers have supernatural powers. Well, hackers hardly have supernatural powers but they don't need them –supernatural powers are not necessary when a networklacks security and one has the right tools to break in.

    Hackers Can Monitor Networks With a Packet Sniffer

    The tools hackers use to break into networks are more or les s the same tools network admins use to monitor and maintain their network with . For example, packet sniffers are among the tools hackers love most. A packet sniffer captures packets and shows you their contents.This means that with the help of a packet sniffer running somewhere into the network, hackers can monitor all the unencrypted traffic to and from this network.

    This is really scary – just imagine a malicious hacker who knows all the secrets of your company. It gets even more dangerous for networks, where hubs (and not switches) are used because in this case a packet sniffer can be installed on any computer and the hacker will monitor all the traffic in that segment, not only the traffic to and from the host. The good news is that hubs are almost out of use today and because of that hackers can do less damage with a packet sniffer.

    Hackers Can Obtain Passwords and Credit Card Numbers With a Packet Sniffer

    When a hacker uses a packet sniffer to monitor your network, this is not nice but when he or she steals passwords, credit card numbers and other types of sensitive data, this is a real danger. Unencrypted passwords, credit card numbers and other sensitive data are an easy target for a hacker with a packet sniffer.

    In many of the cases of mass theft of credit card numbers and passwords happen because hackers use a packet sniffer on an unencrypted network. For truth's sake, it is important to mention that even if all the traffic is encrypted, there are still many other ways to obtain sensitive data. But when the traffic over a network is not encrypted and nobody monitors the network for unauthorized packet sniffers, sooner or later data will be stolen.

    One of the greatest achievements for hackers with a packet sniffer is to capture the administrator's password. When the administrator's password is transmitted over the network in an unencrypted form, this is an easy target for hackers. If hackers manage to intercept the admin password, they have the power to do everything they want to on your network – delete data, modify data, etc. So, do you see why hackers don't need supernatural powers but only the admin password?

    About Colasoft
    Ever since 2001, Colasoft has been an innovative provider of all-in-one and easy-to-use network analyzer software for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – Capsa as their network monitoring and troubleshooting solution. Colasoft also offers four free network utilities : Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit http://www.colasoft.com/.

    posted by packetsniffer on Apr 22, 2009 8:06 PM | 0 comments
    Tags: , , , ,

    • No ratings
    • No ratings
    • No ratings
    • No ratings
    • No ratings
    • 0 ratings

    Top 5 Items IT Department Must Do

    Even though it is a basic economic fact that recessions happen once or twice in a decade, when the economy is in a good shape, like it was a couple of years ago, people, including IT managers, tend to forget that the summer will be over and hard times will come soon. On the other hand, recessions might be bad but the current one is certainly worse than many of the ones before. Actually, this is the worst recession since the Great Depression in the 1930s and even the most optimistically-minded managers have really serious reasons to fear and be cautious.

    We can't say that the recession took us by surprise but certainly we didn't expect it to be that fierce. However, recession or no recession, life must go on and if a company wants to make it, there are many things which can't be skipped. So, no matter that IT budgets are tight, there are items a company can't save on. Here are the top 5 items our IT department will not sacrifice:

    1, Network security and security in general . Being in the network security business themselves, we know that network security and security in general is paramount and no matter how hard the economic situation might be, this is not an item to save on because the price is too high. Certainly, we are not buying the most expensive solutions, even though they are incredibly great but we also do not make compromises with the quality either.

    2, Going green. Going green is also an item we can't skip. Green technology saves money and now this benefit is more important than ever. So, if we buy new IT stuff, we definitely go for the green items.

    3, Compliance. Regulations compliance is another item we can't afford to skip, unless we really want to go out of business (and we don't). So, when there are steps in this direction to be taken, we do them – no way!

    4, Training. Training is also important and even though our training budget has shrunk, we still try to keep our staff qualified.

    5, Outsourcing. Outsourcing has been a successful strategy for our company at all times and now, when money issues start to surface, we are happy that outsourcing helps us cut cost with no sacrifice of quality.

    Kevin Chou is Author of this article from www.Colasoft.com .

    About Colasoft Co., Ltd. Ever since 2001, Colasoft has been dedicated in providing all-in-one and easy-to-use Packet Sniffer software for network administrators and IT managers to monitor network activities, analyze network performance, enhance network security, and troubleshoot network problems. Up to now, more than 5000 customers in over 70 countries trust the flagship product – Colasoft Packet Sniffer as their network monitoring and troubleshooting solution. Colasoft also offers four free network utilities: Colasoft Packet Builder, Colasoft Packet Player, Colasoft MAC Scanner, and Colasoft Ping Tool. Learn more about Colasoft and its solutions, please visit http://www.colasoft.com/ .

    posted by packetsniffer on Apr 19, 2009 6:40 PM | 0 comments
    Tags: , , ,

    • No ratings
    • No ratings
    • No ratings
    • No ratings
    • No ratings
    • 0 ratings
    Pages: 1 (1 - 5 / 5)

    » Next Space