05.06.19 Sniffer Network Optimization and Troubleshooting Handbook学习笔记(一)
Imagine it is 4:00 P.M. and you are sitting at your desk with three books spread across your lap.You are hard at work trying to figure out why performance on your company’s file server has dropped sharply over the past eight hours. Of the 200 users in your company, nearly 100 of them have called to complain about slow connection times and hung sessions.You are highly stressed because one of the callers today was the CEO.The company’s main file server (a NetWare 5 server) performed without issue for the past year.This box never gave you a problem.You examine the system monitor, CPU utilization, and cache buffers and determine that all three are within their normal limits.You even run brandnew virus updates and signatures on the box, just to be sure.You have now resorted to cracking open all the reference books you shelved a year ago. Blowing the dust off them, you dig in, ready for a long night trying to figure out the source of this dilemma.话说在下午四点中的时候,你坐在办公桌前,上面铺开了三本书,你必须簋努力去找到在这过去的8个小时里,你公司文件服务器性能急剧下降的原因。你公司有200个人,而几乎有100人都在抱怨。你压力簋大,因为今天那老不死的CEO还为这事专门给你挂了个电话。这个文件服务器(NetWare 5server)稳定运行一年多了,以前从没有过什么问题。你检查了CPU利用率,系统缓存大小和测定等,都挺正常的。你确定你也升级了病毒库及特征码。没招了,你现在不得不打开在书架上搁置了一年多的以之相关的书。吹掉上面的灰尘,准备在慢慢长夜中,去寻找这个问题的根原。
What if figuring out this problem were as easy as popping open a laptop and running an application to look at the connection between your server and the switch port? What if you saw from your analysis that the network interface card has a problem because it is old and is now chattering or malfunctioning, which in turn is inhibiting connections? You might even be surprised to know that someone on your internal network “could” be sending your server a Ping of Death or some other type of Denial of Service (DoS) attack. How in the world could you even figure that out? Quite easily, it turns out—with the Network Associates Sniffer Pro product, that’s how.
解决这个问题的时候,如果可以查看服务器与交换机端口这间的联接,并且像玩游戏一样简单,只要在笔记本上运行一个应用程序即可。那不是爽死了?如果能从你的分析中发现网卡的问题,比如网卡老化或故障导致连接变慢,那不爽死了?或许你还可以惊奇的发现,在互联网上有人正想ping死你的服务器,或对你发起DOS攻击。真的可以这样吗?!!!当然可以,只要你打开sniffer pro 的产品,那么,一确都将变的可能!
Sniffer pro ,让你的网管生活更轻松!请认准了,sniffer pro,全国各大商场有售!^_^
[[i] Last edited by jingshne on 2005-6-19 at 14:48 [/i]]
Understanding Network Analysis(理解网络分析)
Electronic distribution of information is becoming increasingly important, and the complexity of the data exchanged between systems is increasing at a rapid pace. Computer networks today carry all kinds of data, voice, and video traffic. Network applications require full availability without interruption or congestion.随着系统之间数据高速交换的不断增长,电子信息的传输变的日益重要和复杂。现今的计算机网络可以传输语音及视频等各种类型的数据。网络应用需要不间断或无拥塞的全面利用。
As the information systems in a company grow and develop, more networking devices are deployed, resulting in large physical ranges covered by the networked system. It is crucial that this networked system operate as effectively as possible, because downtime is both costly and an inefficient use of available resources.
信息系统在公司里不断成长和发展,会让企业采购和配置更多的网络设备,导致在一个网络系统里包含了大量的物理设备。有效的运转网络系统将会变的至关重要,因为网络的中断会导致企业资源及工作效率低下,其代价是非常昂贵的。
Network analysis is a range of techniques that network engineers and designers employ to study the properties of networks, including connectivity, capacity, and performance. Network analysis can be used to estimate the capacity of an existing network, look at performance characteristics, or plan for future applications and upgrades.
学习和使用网络分析工具,是网络工程师和网络设计师技术的延伸,网络分析包括网络的连通性,容量,及性能的分析。网络分析可以用来评估现有网络的容量,查看网络性能的特征或为未来网络应用的需要进行计划和升级。
One of the best tools for performing network analysis is a network analyzer such as Sniffer Pro. A network analyzer is a device that gives you a very good idea of what is happening on a network by allowing you to look at the actual data that travels over it, packet by packet. A typical network analyzer understands many protocols, which enables it to display conversations taking place between hosts on a network.
网络分析需要用网络分析器来做,而Sniffer Pro是最好用的工具之一。网络分析器在网络中发生什么事情的时候,可以给你非常好的排错思路,也充许你查看真实的数据,数据包。一个典型的网络分析器还要懂得更多的协议,这样它可以显示出网络中两主机之间发生的会话。
Network analyzers typically provide the following capabilities:
典弄的网络分析器可提供如下功能:
■ Capture and decode data on a network
捕获和解码网络中的数据
■ Analyze network activity involving specific protocols
分析网络中活动和定义的协议
■ Generate and display statistics about the network activity
产生和显示网络中活跃的充计数据
■ Perform pattern analysis of the network activity
对网络中活跃的数据进行图样分析
[[i] Last edited by jingshne on 2005-6-19 at 14:47 [/i]]
Network Analysis Fundamentals(网络分析基础)
How many times has a customer come to you and said that the network is slow? Or has a programmer claimed that there is a network problem? Even if it is not a network problem, how do you prove it’s not? This is where the art of network analysis comes in.许多客户可能会找到你说,他们那的网络怎么会簋慢?或者程序员会说那是一个网络问题?也许那不是一个网络问题,可是你又如何去证明呢?嘿,这个时候,用网络分析将可以非常完美的解决你的问题。
A network analyzer is a troubleshooting tool that is used to find and solve network communication problems, plan network capacity, and perform network optimization. Network analyzers can capture all the traffic that is going across your network and interpret the captured traffic to decode and interpret the different protocols in use.The decoded data is shown in a format that makes it easy to understand. A network analyzer can also capture only traffic that matches only the selection criteria as defined by a filter.This allows a technician to capture only traffic that is relevant to the problem at hand. A typical network analyzer displays the decoded data in three panes:
网络分析器是一个排错的工具,它可以找到和解决网络通讯中存在的问题,计划网络容量和对网络进行优化。网络分析器可以捕获在你的网络中传输的数据,并且可以对数据进行解码及对使用的协议进行解析,而解码出后显示出来的格式将可以让你很容易的去看懂它。网络分析器还可以跟据标准及你自个定义过滤器来捕获相匹配传输数据,这样便可以让你仅仅去捕获与问题有关的而不用对众多的数据麻头。一个典型的网络分析器所显示出来的解码内容有三块:
■ Summary Displays a one-line summary of the highest-layer protocol contained in the frame, as well as the time of the capture and the source and destination addresses.
摘要:显示一行最高层协议的摘要,包括格式,捕获时间,源地址和目的地址。
■ Detail Provides details on all the layers inside the frame.
细节:提供数据帧里所有协议层的详细信息
■ Hex Displays the raw captured data in hexadecimal format.
十六进制:显示捕获数据的原始十六进制格式
A network professional can easily use this type of interface to analyze this data.
一个网络专业人士,可以很容易地从这种类型的介面里分析数据。
Network analyzers further provide the ability to create display filters so that a network professional can quickly find what he or she is looking for.
网络分析器可以更进一步的,利用创建显示过滤器的功能,为网络专业人士快速找到他或她所想要看的东东。
Advanced network analyzers provide pattern analysis capabilities.This feature
allows the network analyzer to go through thousands of packets and identify
problems.The network analyzer can also provide possible causes for these problems and hints on how to resolve them.
高级的网络分析器还提供图样分析能力,这个功能充许分析者非常直观的查看数千的数据包和定位问题。这种分析器还能提供这些问题产生的原因及如何去解决它们的提示。(这便就是sniffer所津津乐首的图样分析和专家分析系统)
十分精彩,十分好
能够作到如此通畅、易于理解,简直就是科普作家 建议学习一下别的论坛,大家合力翻译一份出来! [quote]Originally posted by [i]icefired[/i] at 2005-6-20 16:22:建议学习一下别的论坛,大家合力翻译一份出来! [/quote]
这个建议不错.可以将坛子里面的SNIFFER PRO相关英文原版文档翻译成中文.;)
楼主翻译的不错...这本中译本偶已经上当了...:( 找到免费网上翻译了!以后看不懂的E文就抛在这了。HOHO! 不错。。不错!
强烈支持小J把这本书翻译出来 最近都挺忙的,这个章节原本打算译到“排错方法论”的,
结果一忙给搁下了。
倒是支持谁有空的话,不妨接着译一些。
:) [quote]Originally posted by [i]jingshne[/i] at 2005-6-28 02:49 PM:
最近都挺忙的,这个章节原本打算译到“排错方法论”的,
结果一忙给搁下了。
倒是支持谁有空的话,不妨接着译一些。
:) [/quote]
J兄,铁定了支持你将此书的翻译进行下去,偶在不知几千里外给你声援:P
英汉对照的形式太好,偶打算全部打印出来当教材类。
坛子里的高人们也可以尽展身手,英语东东资源版一大把类,可以考虑把翻译精品加精置顶以为netexpert出品永久保存嘛。效果一定好,人气和流量绝对旺盛
技术文档的翻译是大功一件!英汉分段对照的方式实在是太好。 [quote]Originally posted by [i]蠕虫[/i] at 2005-6-28 09:48 PM:
J兄,铁定了支持你将此书的翻译进行下去,偶在不知几千里外给你声援:P
英汉对照的形式太好,偶打算全部打印出来当教材类。
坛子里的高人们也可以尽展身手,英语东东资源版一大把类,可以考虑把翻译精品加精 ... [/quote]
大家都来支持一下撒,这是多么舍己为人得好事阿,建议有能力得人都来出把力阿 英语很牛啊,佩服,能不能贴一下高手的成长过程,让我们这些后来者,借鉴学习一下 支持翻译成中文。 太精彩了,能不能再把一些具体如何对捕的包进行分析也说说啊 j老大,真的很行阿,继续努力阿 最近一直都没时间继续看下去呀~~~
另外,俺觉得应该纠正一个错误:分析器,应该改为分析仪更为恰当些~
[[i] Last edited by jingshne on 2005-8-3 at 11:12 [/i]] 呵呵,不错呀,翻译的很好呀!!!! pf pf ~~~~ 哎,看着楼主的译文,我想起了我的E文。。。。。。 强烈支持把这本书翻译出来 能不能搞个全译本!!! 有对照好学E文,支持继续!! 支持啦! 由 中文的啊?兄弟。。 强烈支持把这本书翻译出来
恳请更新一下英文版的最新download地址!
各位大哥,小弟看了一下download的地址,基本上均是无法连接呀,可否给个最新的可以download的地址??[email]jack_hsia@yahoo.com.cn[/email]
Thanks in advance.
页:
[1]