Techie Blogger

Welcome Visitor #

Thanks

Follow My Blog

Email subscription

Your email Please :

Welcome To All My Visitors

Dear Visitor,

This Blog is designed for reflect all my IT Security Experience & The Management Skills in all their fields , I Share it with everybody, I will try to share all my knowledge with you , in a best way I can to give you the best benefit.

Also I will share with you all the Security Articles that I like it to share the benefits with you also,

If you are looking for :

  • Security Basics, Security Solutions, Security hotfix info, Security Advices, Ethical Hacking, Pen-Test, Certifications, Work & Job Skills, Proposal Writing, Security Info, Management Skills, Short Online Training, ArcSight Knowledge Base

So you are in the right blog place.

Please see the Blog Categories to browse my blogs it will make you reach to the needed information fast.

Also don't forget to send me your feedback about the Blog, this will give me the chance to enhance it.

PS: to follow all the new posts that I add it in the near future , just register as follower or in the e-mails subscriptions.


Good Luck Regards
Ramy Al Damaty
Riyadh, Saudi Arabia (GMT +3)

Tuesday, July 13, 2010

postheadericon Review a checklist of analysis tasks

2:38 PM | Posted by Ramy

Review a checklist of analysis tasks


Analysis tasks can be considered preventive or reactive. Preventive methods include base-lining network communications to learn the current status of the network and application performance. Preventive analysis can also be used to spot network problems before they are felt by the network users. For example, identifying the cause of packet loss before it becomes excessive and affects network communications helps avoid problems before they are even noticed.



Reactive analysis techniques are employed after a complaint about network performance has been reported or when network problems are suspected. Sadly, reactive analysis is more common.




The following are some of the analysis tasks that can be performed using Wireshark:

• Find the top talkers on the network.

• Identify the protocols and applications in use.

• Determine the average packets per second rate and bytes per second rate of an application or all network traffic on a link.

• List all hosts communicating.

• Learn the packet lengths used by a data transfer application.

• Recognize the most common connection problems.

• Spot delays between client requests due to slow processing.

• Locate misconfigured hosts.

• Detect network or host congestion that is slowing down file transfers.

• Identify asynchronous traffic prioritization.

• Graph HTTP flows to examine website referral rates.

• Identify unusual scanning traffic on the network.

• Quickly identify HTTP error responses indicating client and server problems.

• Quickly identify VoIP error responses indicating client, server or global errors.

• Build graphs to compare traffic behavior.

• Graph application throughput and compare with overall link traffic seen.

• Identify applications that do not encrypt traffic.

• Play back VoIP conversations to hear the effects of various network problems on network traffic.

• Perform passive operating system and application use detection.

• Spot unusual protocols and unrecognized port number usage on the network.

• Examine the start-up process of hosts and applications on the network.

• Identify average and unacceptable service response times (SRT).

• Graph intervals of periodic packet generation applications or protocols.

Networks vary greatly in the traffic they see. The number and type of network analysis tasks you can perform depends on your network traffic characteristics.

Labels:

Blog Archive

All The Rights are Reserved Only to Ramy A. Al Damati.