You are previewing Network Troubleshooting Tools.
O'Reilly logo
Network Troubleshooting Tools

Book Description

Over the years, thousands of tools have been developed for debugging TCP/IP networks. They range from very specialized tools that do one particular task, to generalized suites that do just about everything except replace bad Ethernet cables. Even better, many of them are absolutely free. There's only one problem: who has time to track them all down, sort through them for the best ones for a particular purpose, or figure out how to use them? Network Troubleshooting Tools does the work for you--by describing the best of the freely available tools for debugging and troubleshooting. You can start with a lesser-known version of ping that diagnoses connectivity problems, or take on a much more comprehensive program like MRTG for graphing traffic through network interfaces. There's tkined for mapping and automatically monitoring networks, and Ethereal for capturing packets and debugging low-level problems. This book isn't just about the tools available for troubleshooting common network problems. It also outlines a systematic approach to network troubleshooting: how to document your network so you know how it behaves under normal conditions, and how to think about problems when they arise, so you can solve them more effectively. The topics covered in this book include:

  • Understanding your network

  • Connectivity testing

  • Evaluating the path between two network nodes

  • Tools for capturing packets

  • Tools for network discovery and mapping

  • Tools for working with SNMP

  • Performance monitoring

  • Testing application layer protocols

  • Software sources

If you're involved with network operations, this book will save you time, money, and needless experimentation.

Table of Contents

  1. Network Troubleshooting Tools
    1. SPECIAL OFFER: Upgrade this ebook with O’Reilly
    2. Preface
      1. Audience
      2. Organization
      3. Conventions
      4. Acknowledgments
    3. 1. Network Management and Troubleshooting
      1. 1.1. General Approaches to Troubleshooting
      2. 1.2. Need for Troubleshooting Tools
      3. 1.3. Troubleshooting and Management
        1. 1.3.1. Documentation
        2. 1.3.2. Management Practices
          1. 1.3.2.1. Professionalism
          2. 1.3.2.2. Ego management
          3. 1.3.2.3. Legal and ethical considerations
          4. 1.3.2.4. Economic considerations
    4. 2. Host Configurations
      1. 2.1. Utilities
        1. 2.1.1. ps
        2. 2.1.2. top
        3. 2.1.3. netstat
        4. 2.1.4. lsof
        5. 2.1.5. ifconfig
        6. 2.1.6. arp
        7. 2.1.7. Scanning Tools
      2. 2.2. System Configuration Files
        1. 2.2.1. Basic Configuration Files
        2. 2.2.2. Configuration Programs
        3. 2.2.3. Kernel
        4. 2.2.4. Startup Files and Scripts
        5. 2.2.5. Other Files
          1. 2.2.5.1. Application files
          2. 2.2.5.2. Security files
          3. 2.2.5.3. Log files
      3. 2.3. Microsoft Windows
    5. 3. Connectivity Testing
      1. 3.1. Cabling
        1. 3.1.1. Installing New Cabling
        2. 3.1.2. Maintaining Existing Cabling
        3. 3.1.3. Testing Cabling
          1. 3.1.3.1. Link lights
          2. 3.1.3.2. Cable testers
          3. 3.1.3.3. Other cable tests
      2. 3.2. Testing Adapters
      3. 3.3. Software Testing with ping
        1. 3.3.1. ping
        2. 3.3.2. How ping Works
          1. 3.3.2.1. Simple examples
          2. 3.3.2.2. Interpreting results
          3. 3.3.2.3. Options
          4. 3.3.2.4. Using ping
        3. 3.3.3. Problems with ping
          1. 3.3.3.1. Security and ICMP
          2. 3.3.3.2. Smurf Attacks
          3. 3.3.3.3. Ping of Death
          4. 3.3.3.4. Other problems
        4. 3.3.4. Alternatives to ping
          1. 3.3.4.1. fping
          2. 3.3.4.2. echoping
          3. 3.3.4.3. arping
          4. 3.3.4.4. Other programs
      4. 3.4. Microsoft Windows
    6. 4. Path Characteristics
      1. 4.1. Path Discovery with traceroute
        1. 4.1.1. Options
        2. 4.1.2. Complications with traceroute
      2. 4.2. Path Performance
        1. 4.2.1. Performance Measurements
        2. 4.2.2. Bandwidth Measurements
          1. 4.2.2.1. ping revisited
          2. 4.2.2.2. pathchar
          3. 4.2.2.3. bing
          4. 4.2.2.4. Packet pair software
        3. 4.2.3. Throughput Measurements
          1. 4.2.3.1. ttcp
          2. 4.2.3.2. netperf
          3. 4.2.3.3. iperf
          4. 4.2.3.4. Other related tools
        4. 4.2.4. Traffic Measurements with netstat
      3. 4.3. Microsoft Windows
    7. 5. Packet Capture
      1. 5.1. Traffic Capture Tools
      2. 5.2. Access to Traffic
      3. 5.3. Capturing Data
      4. 5.4. tcpdump
        1. 5.4.1. Using tcpdump
        2. 5.4.2. tcpdump Options
          1. 5.4.2.1. Controlling program behavior
          2. 5.4.2.2. Controlling how information is displayed
          3. 5.4.2.3. Controlling what's displayed
          4. 5.4.2.4. Filtering
            1. 5.4.2.4.1. Address filtering.
            2. 5.4.2.4.2. Protocol and port filtering.
            3. 5.4.2.4.3. Packet characteristics.
            4. 5.4.2.4.4. Compound filters.
      5. 5.5. Analysis Tools
        1. 5.5.1. sanitize
        2. 5.5.2. tcpdpriv
        3. 5.5.3. tcpflow
        4. 5.5.4. tcp-reduce
        5. 5.5.5. tcpshow
        6. 5.5.6. tcpslice
        7. 5.5.7. tcptrace
        8. 5.5.8. trafshow
        9. 5.5.9. xplot
        10. 5.5.10. Other Packet Capture Programs
      6. 5.6. Packet Analyzers
        1. 5.6.1. ethereal
          1. 5.6.1.1. Using ethereal
          2. 5.6.1.2. Display filters
      7. 5.7. Dark Side of Packet Capture
        1. 5.7.1. Switch Security
        2. 5.7.2. Protecting Yourself
      8. 5.8. Microsoft Windows
    8. 6. Device Discovery and Mapping
      1. 6.1. Troubleshooting Versus Management
        1. 6.1.1. Characteristics of Management Software
        2. 6.1.2. Discovery and Mapping Tools
        3. 6.1.3. Selecting a Product
      2. 6.2. Device Discovery
        1. 6.2.1. IP Address Management
        2. 6.2.2. nmap
        3. 6.2.3. arpwatch
      3. 6.3. Device Identification
        1. 6.3.1. Stack Fingerprinting
        2. 6.3.2. queso
        3. 6.3.3. nmap Revisited
      4. 6.4. Scripts
        1. 6.4.1. Tcl/Tk and scotty
      5. 6.5. Mapping or Diagramming
        1. 6.5.1. tkined
          1. 6.5.1.1. Drawing maps with tkined
          2. 6.5.1.2. Autodiscovery with tkined
      6. 6.6. Politics and Security
      7. 6.7. Microsoft Windows
        1. 6.7.1. Cyberkit
        2. 6.7.2. Other Tools for Windows
    9. 7. Device Monitoring with SNMP
      1. 7.1. Overview of SNMP
      2. 7.2. SNMP-Based Management Tools
        1. 7.2.1. NET SNMP (UCD SNMP)
          1. 7.2.1.1. snmpget
          2. 7.2.1.2. Configuration and options
          3. 7.2.1.3. snmpgetnext, snmpwalk, and snmptable
          4. 7.2.1.4. snmpset
          5. 7.2.1.5. snmptranslate
          6. 7.2.1.6. snmpnetstat
          7. 7.2.1.7. snmpstatus
          8. 7.2.1.8. Agents and traps
        2. 7.2.2. scotty
        3. 7.2.3. tkined
          1. 7.2.3.1. ICMP monitoring
          2. 7.2.3.2. SNMP traps
          3. 7.2.3.3. Examining MIBs
          4. 7.2.3.4. Monitoring SNMP objects
          5. 7.2.3.5. Other commands
          6. 7.2.3.6. Caveats
      3. 7.3. Non-SNMP Approaches
      4. 7.4. Microsoft Windows
        1. 7.4.1. Windows SNMP Setup
        2. 7.4.2. SNMP Tools
        3. 7.4.3. Other Options
    10. 8. Performance Measurement Tools
      1. 8.1. What, When, and Where
      2. 8.2. Host-Monitoring Tools
      3. 8.3. Point-Monitoring Tools
        1. 8.3.1. ntop
          1. 8.3.1.1. Interactive mode
          2. 8.3.1.2. Web mode
      4. 8.4. Network-Monitoring Tools
        1. 8.4.1. mrtg
          1. 8.4.1.1. mrtg configuration file
        2. 8.4.2. rrd and the Future of mrtg
        3. 8.4.3. cricket
      5. 8.5. RMON
      6. 8.6. Microsoft Windows
        1. 8.6.1. ntop, mrtg, and cricket on Windows
        2. 8.6.2. getif revisited
    11. 9. Testing Connectivity Protocols
      1. 9.1. Packet Injection Tools
        1. 9.1.1. Custom Packets Generators
          1. 9.1.1.1. hping
          2. 9.1.1.2. nemesis
          3. 9.1.1.3. Other tools
        2. 9.1.2. Load Generators
          1. 9.1.2.1. spray
          2. 9.1.2.2. MGEN
      2. 9.2. Network Emulators and Simulators
        1. 9.2.1. NISTNet
        2. 9.2.2. ns and nam
      3. 9.3. Microsoft Windows
    12. 10. Application-Level Tools
      1. 10.1. Application-Protocols Tools
        1. 10.1.1. Email
        2. 10.1.2. HTTP
        3. 10.1.3. FTP and TFTP
        4. 10.1.4. Name Services
          1. 10.1.4.1. nslookup and dig
          2. 10.1.4.2. doc, dnswalk, and lamers
          3. 10.1.4.3. Other tools
          4. 10.1.4.4. NIS and NIS+
        5. 10.1.5. Routing
        6. 10.1.6. NFS
      2. 10.2. Microsoft Windows
    13. 11. Miscellaneous Tools
      1. 11.1. Communications Tools
        1. 11.1.1. Automating Documentation
        2. 11.1.2. vnc
        3. 11.1.3. ssh
      2. 11.2. Log Files and Auditing
        1. 11.2.1. syslog
          1. 11.2.1.1. Configuring syslog
          2. 11.2.1.2. Remote logging
        2. 11.2.2. Log File Management
        3. 11.2.3. Other Approaches to Logging
          1. 11.2.3.1. tcpwrappers
      3. 11.3. NTP
      4. 11.4. Security Tools
        1. 11.4.1. tripwire
      5. 11.5. Microsoft Windows
    14. 12. Troubleshooting Strategies
      1. 12.1. Generic Troubleshooting
      2. 12.2. Task-Specific Troubleshooting
        1. 12.2.1. Installation Testing
          1. 12.2.1.1. Firewall testing
        2. 12.2.2. Performance Analysis and Monitoring
          1. 12.2.2.1. General steps
          2. 12.2.2.2. Bottleneck analysis
          3. 12.2.2.3. Capacity planning
    15. A. Software Sources
      1. A.1. Installing Software
        1. A.1.1. Generic Installs
        2. A.1.2. Solaris Packages
        3. A.1.3. Red Hat Package Manager
        4. A.1.4. FreeBSD Ports
      2. A.2. Generic Sources
      3. A.3. Licenses
      4. A.4. Sources for Tools
    16. B. Resources and References
      1. B.1. Sources of Information
      2. B.2. References by Topic
        1. B.2.1. System Management
        2. B.2.2. TCP/IP
        3. B.2.3. Specific Protocols
        4. B.2.4. Performance
        5. B.2.5. Troubleshooting
        6. B.2.6. Wiring
        7. B.2.7. Security
        8. B.2.8. Scripting
        9. B.2.9. Microsoft Windows
      3. B.3. References
    17. Index
    18. Colophon
    19. SPECIAL OFFER: Upgrade this ebook with O’Reilly