If you want to keep your network running efficiently, you’ll often use a common set of software tools. In this video, you’ll learn about protocol analyzers, port scanners, speed test sites, and more.
<< Previous Video: Hardware Tools Next: Command Line Tools >>
If you need to troubleshoot network slowdowns or application traffic flows, then you need to use a protocol analyzer. This will be able to capture every frame that’s going back and forth between devices across the network, or capture traffic as it’s going through your wireless networks. These protocol analyzers can be separate pieces of software that you would run on your computer, or this packet capture function may be built into the routers, switches, and other devices in your network. Using these protocol decodes, we can see a frame-by-frame representation of exactly what’s gone through the network. We can see the hexadecimal breakdown of the data within those frames, and we can get a protocol decode that gives us a plain English explanation of exactly what’s inside of that frame. These protocol analyzers are not only good for providing information about network troubleshooting, but if you’re storing large amounts of these packets, you can also find security issues that may be hiding in those frames.
Another good software tool for any network administrator is a good port scanner. This will be able to scan IP addresses or a range of IP addresses, and find all of the open ports that may be available on those devices. More advanced port scanners can also tell you information about what operating system happens to be on that device and what type of services are running on that device. You can pick a range of addresses to see who might respond to the scans that you’re running, and some of these port scanners can build graphical representations of the results and now we can visually see exactly what the port scanners found. These port scanners are very good at finding and querying devices. So if you’re concerned that there may be a rogue device on the network, these port scanners are very good at locating it. One of the most popular port scanners in the world is Nmap and the graphical Zenmap that works along with it, or you can also download other port scanners like Angry IP scanner, to find all of these different devices, operating systems, and services on your network.
Troubleshooting a wireless network can be a challenge. Obviously, wireless is going to be sending signal to whoever might be in the vicinity. Any device that wants to listen in to your network is able to do that because everything is going through the air. If you’re going to use software that’s listening in to this network, then that software needs to disable the transmission function of your wireless card because if you’re transmitting, you won’t be able to hear anything else on the wireless network. You also want to be sure you have the right kind of wireless interface card that’s able to perform these analysis functions you may need a specific adapter card or wireless chipset to be able to put the card into this wireless analysis mode. But once you have the right adapter card, you’re able to gather a lot of wireless-specific data. Not only can you see the IP traffic going across the wireless network, you can see the wireless protocols, the signal-to-noise ratio, channel information, and other wireless details. Using Wireshark on a wireless network can provide much of this information, and a number of third party tools can also gather these details from a wireless network.
Many of us are already familiar with the speed test sites that are available on the internet, and they’re a great resource if you need to quickly perform some bandwidth testing. These sites work by transferring a file and then determining how long it took for that file to be transferred. Many of them will perform download and upload tests, and they’ll use different size files to be able to test different amounts of throughput.
These can also be used if you’re making any change to the network. You might want to run a speed test before you install a new firewall, and then run the speed test after you’ve installed the new firewall to see if there was any impact to the overall throughput. You might also want to try running speed tests at different times of the day. As the amount of utilization on the network changes, you’ll be able to see the impact to the overall throughput to the internet. You might want to try different speed test sites, as well. Not every speed test site is built exactly the same. They might have a different number of servers, they might have more or less bandwidth, depending on what point of presence is being used, and the testing methodology may change depending on what service you’re using.
Some very common third party test sites are SpeedOf.Me, speedtest.net, and testmy.net. If you’re on an ISP, they may ask you to perform speed tests on their local network. So if you’re on Comcast, you may be using speedtest.comcast.net, and AT&T has att.com/speedtest.
I’m on Comcast network, so I’ll get a speedtest.comcast.net, which has redirected me to speedtest.xfinity.com. So let’s click start test to test our internet speed. The first phase will be a download test. So it will run traffic from their servers through the Comcast network down to my computer. Once the download test is complete, it shifts gears and performs an upload test. And finally, it shows me what the speed results were for the download and upload from my network connection.