Hood Work

2011/09/29 § Leave a comment

It usually starts with your telephone ringing. Some disgruntled user is complaining they’ve been “having problems for a very long time.” If you’re an old hand at this, you know what to expect next: it’s very likely the user’s only noticed the problem recently, but their rationalization hamster is working that wheel.

Nevertheless, you take a deep sigh, reconfigure your frame of mind and get ready to evaluate their “problem.” If you’re lucky, it’s something simple. If you’re not, it’s resolution is going to entail a flight cross-country, several meetings with sour-faced people, and maybe a donkey ride or two. If you’re really unlucky, it’s your mom calling.

Whatever the case, you’re doing yourself a great disservice if you don’t go ‘under the hood,’ by which I mean, if you’ll pardon the lumbering metaphor: network sniffers. If you go to a mechanic because you’re like me, a total car noob and complain about the engine’s performance or whatnot, it’s usually the first step that the guy or gal will pop your hood to “take a look” while dollar signs rotate into view in their eyes.

Point is, that hood’s coming up and things get fixed and that’s how you should approach your work. Almost no one uses their computer disconnected from anything so if the problem falls into the category of slow access to some remote resource, one of the first stops on the troubleshooting trail is whipping out the network sniffer.

I’ve been a Windows sysadmin for quite a while. In that small insignificant corner of the the computing universe, there are two pieces of (free) software that should be part of your kit:

Wireshark is the ne plus ultra of the free network monitoring and analysis packages. There are a few others, but I don’t care. You have these two, and you’re fine.

If you’re a big spender, shot-caller, well then your chariot awaits good sir: WildPackets OmniPeek (and I’m not giving you a link to it, big boy. You can do your own searching. Maybe if you buy me a copy …)

And learn how to use them. Laura Chappelle’s written some excellent stuff. And I’ll let you in on a secret: if you apply for a job at my company and you tell me you can analyze TCP/IP packets, you’ll jump to the top of my list immediately. Almost no one in the Windows world knows how to perform this rudimentary task. It’s a sure in, so take the time to take a look under the hood.

Where Am I?

You are currently browsing the Tools category at /var/log.