using a network tap
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: using a network tap

  1. #1
    Junior Member
    Join Date
    Sep 2006
    Posts
    5

    using a network tap

    I would like to use a network tap and some type of packet capture utility to analyze the traffic between my customers PC and their satelite modem. Can anyone give me a quick explaination of what to do?

    Here is my problem. I install satellite internet access systems and sometimes the customers connection is slow. The system will work fine while connected to my laptop, but when I connect the system to my customers PC it is noticable slower. So then the customer gets upset and does not want to pay me for the install. I am trying to find a way to show the customer what is going on.

  2. #2
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    I would like to use a network tap and some type of packet capture utility to analyze the traffic between my customers PC and their satelite modem.
    I like etherape (Linux) for that kind of job. It gives you (and your clients) a visual of network traffic. I can't say I know of an equivalent app for Windows.

    You might also consider some kind of clause or warning in your contract(s) that performance results may vary depending on the software installed on a client's PC. Many (if not most) Windows-based PC's are going to be infected with some kind of spyware or virus and these can easily inhibit network performance. Even regular apps can slow a PC.

    I'm guessing you're in a rural or semi-rural area where folks are jumping from dial-up to satellite. The PC's I see still on a dial-up are typically badly-infected and without updates. An infected PC is going to be slow on a dial-up, and it's still going to be relatively slow on broadband.

    If you're familiar with "msconfig", run that on a client's PC just to show them what's slowing things. Or try hijackthis. You might also consider a sideline cleaning up infected PC's.

    Good luck...
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  3. #3
    Junior Member
    Join Date
    Sep 2006
    Posts
    5
    Thanks for suggesting etherape. I am not well versed in Linux so I would like to find a windows app.

    You described my situation perfectly. And the condition of my customers PC's. I dread call backs and learned early on that it is my best interest to never touch the customers PC. That way I don't get blamed for "doing something to their computer." I would rather just put the dish on the pole and leave.

  4. #4
    Blast From the Past
    Join Date
    Jan 2003
    Posts
    729
    always cover your a$$ man

    ive learned working for geeksquad unless you are perfectly clear on what you are doing, what can happen, and what should happen...

    being a PC tech, or a tech at all has a learning curve on how to handle the work enviornment
    work it harder, make it better, do it faster, makes us stronger

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    You could use Ethereal.


    Its got a windows version to it. Just download it..let it install, make sure you let it install WinPCap as well...then fire it up, select your ethernet adapter, and it will capture all packets being sent to and from that specific PC.

    http://www.ethereal.com/
    =

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    sort of old news.. Ethreal is now known as WireShark

    http://www.wireshark.org/


    Sniffing Problems A Mile Away
    Same developers, same code, different name. The Ethereal network protocol analyzer has changed its name to Wireshark.

    Wireshark's powerful features make it the tool of choice for network troubleshooting, protocol development, and education worldwide.

    Wireshark was written by an international group of networking experts, and is an example of the power of open source. It runs on Windows, Linux, UNIX, and other platforms.
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  7. #7
    Senior Member
    Join Date
    Feb 2003
    Location
    Memphis, TN
    Posts
    3,747
    Guess I'm a little behind on that news. lol
    =

  8. #8
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    I didn't think about it when I posted earlier, but linux is gonna be tough to config on a satellite connection. I worked on one once and it was pretty complicated on the PC/Windows side: an app for pulling data down from the satellite, a dialup internet connection for pushing data up onto the net. It wasn't very cut-n-dry as I recall.

    You might put together a brochure or fact sheet explaining what goes on with PC's that don't get updated or scanned for viruses (and that you're not responsible for that). Maybe point customers to apps like Spybot and Ad-Aware. Earlier this year, I had a site contact ask me to come out to her house 40 miles out of town to fix her family's PC. I begged off because of the distance and the fact she was on a dialup connection (I didn't tell her the latter). Just told her to download Spybot, install and run it ("you can do it"), letting it remove EVERYTHING it finds. She called me back to say the computer was running much better.

    You gotta tell people: maintaining PC's are a lot of work. Just for kicks, take a look at some folks' startups in msconfig sometime. It can be a nightmare.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  9. #9
    Junior Member
    Join Date
    Sep 2006
    Posts
    5
    The PC to satellite connection is much easier now. Once apon a time, there was some compression algorithms in the PC that combined the all the packets into one big satellite ready packet and transmitted it to the modem. Now it is just TCP/IP between the PC and modem and the packet conversion take place in the modem. The dial up part is long gone.

  10. #10
    Junior Member
    Join Date
    Sep 2006
    Posts
    5
    I got a quote from netoptics for one of their 10/100 aggregator taps and it was around $1000. Too much. The non-aggregator tap was only $390 and the home brew tap that snork details is almost free. No big deal. I can add another NIC to the laptop.

    Can wireshark and/or ethereal deal with data from two NIC's or do I have to combine the packets before?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •