Network Monitoring Software

[Vladislav S. Davidzon]

As I promised, the following are the replies I got to my question
regarding network monitoring software, in case anyone needs this
information. Thanks to everyone who responded.  We now know that the
problems were apparently coming from our ISP. 

Again, thanks to everyone who responded!

-vsd

----

NT 4.0 has a network monitor service but it only captures packets
to/from the server.  To get the full version you have to buy System
Management Server.  I suspect there are some basic free/shareware
utilities that will get the job done but haven't really investigated the
matter.

Take a look at Observer from Network Instruments http://www.netinst.com.  It will allow you to (among other things) capture packets to or from any IP host.  It also decodes the headers so you don't have to count byte offsets and all that.  You can also fi
lter packets using a number of preset or custom filters so you only capture the packets you are interested in.


It is not cheap, about $700.  The demo version on their web site is just that.  It is not the real product only a canned demo.  I ordered mine from DataComm Warehouse.


Usually what is used is special packet sniffing hardware, which is 
very expensive.  You can rent these boxes though.  There is packet 
sniffing software but its expensive too.  And of course you need the 
skill to use and interpret it the data.  Sometimes hiring a 
consultant with packet sniffer hardware might be worth it.

With your Linux PC you can use tcpdump, ipxdump and ipxparse (these
came with our RedHat 5.0, I assume they can be used with other
Linuxes also) to do a poor man's version of some of this.

http://www.ngc.com/product_info/sna/sna_dir.html Sniffer Network Analyzer
has been one of the industry biggies for years...by the way, they will send
you a cool networking diagram with all of the layers (transport, network,
etc.) for free.