- Posts: 227
- Thank you received: 0
network simulation:create & troubleshoot
19 years 8 months ago #7529
by apit
network simulation:create & troubleshoot was created by apit
hi there..
i have a keen interest learning networking tools such as ethereal , nmap, mrtg etc but from reading is just wasting my time...
so i decide to buld a simulation..
my network have 4 workstations
1 pc is infected with virus
1 pc has a faulty network card
2 pc are in good condition...
so i want to use ethereal to check any broadcast from the network..
from there i can learned how to tackle the problem and how to solve it
i want opinion from expert out there, is this method praktical to impliment?
or do you have any praktical method?
tq
i have a keen interest learning networking tools such as ethereal , nmap, mrtg etc but from reading is just wasting my time...
so i decide to buld a simulation..
my network have 4 workstations
1 pc is infected with virus
1 pc has a faulty network card
2 pc are in good condition...
so i want to use ethereal to check any broadcast from the network..
from there i can learned how to tackle the problem and how to solve it
i want opinion from expert out there, is this method praktical to impliment?
or do you have any praktical method?
tq
- LooseCannon
- Offline
- Junior Member
Less
More
- Posts: 64
- Thank you received: 0
19 years 8 months ago #7534
by LooseCannon
Replied by LooseCannon on topic Re: network simulation:create & troubleshoot
In regards to the virus part of your scenario I would suggest a more practical implementation would be a firewall (i.e. Pix) on your simulated network that logs any suspicious port activity, whether it be incoming or outgoing. Once you have the port and the offending IP it is simply a matter of going to the computer and, if it is running Windows XP, do a "netstat -no" or even a "netstat -b" and that will let you see which application/virus is responsible.
That is how it is done where I work, which is a network of all the hospitals in my city with about 5000 workstations, 8000 IP phones, 250 switches, etc. Sniffer Pro is usually only used for troubleshooting complex connection problems, and that is only after logging on to the switch and looking for duplex/speed mismatches and the error counters.
That is how it is done where I work, which is a network of all the hospitals in my city with about 5000 workstations, 8000 IP phones, 250 switches, etc. Sniffer Pro is usually only used for troubleshooting complex connection problems, and that is only after logging on to the switch and looking for duplex/speed mismatches and the error counters.
Time to create page: 0.111 seconds