When using a network monitor program thinks involuntarily listening to the other users. But a so-called sniffer is used primarily in the diagnosis of disorders. Sniffers are often used to determine why computer is not properly communicate with each other, for example, why the mails Host A Host B by not accepting.
In the early days of the Internet before the invention of the WWW, there was often little protocol incompatibilities between programs from different manufacturers, which through the use of a sniffer could be discovered. Workarounds are often settled in the config files of the programs. Sometimes we had to depend on the analysis, however, be satisfied that you are the reason for the problems in the network knew a solution, however, the earliest with the next version was to be expected.
For established and mature protocols, for example, HTTP for the World Wide Web or SMTP for email, such incompatibilities today hardly before. Situation is different with newer protocols such as SIP, primarily for VoIP calls is used. Especially when overcome NAT limitations are difficulties.
Often new versions speak of a server program, not older protocol versions, since this has become unsafe and can be cracked. The best known example is the SMB / CIFS file sharing, Windows as the default network protocol. Modern domain controller running Windows Server 2008 does not communicate with computers running Windows NT or Windows 95 and 98, because they require that all SMB communications must be digitally signed. Otherwise, the computer simulate an attacker, even domain controllers, and in this way fake Active Directory data infiltrate. With a network monitor can be the reason to see such problems immediately. Windows, however, satisfied with a vague error message that the server was not found.
The most common reason to use a network monitor, are firewalls and other security programs, which also prevent legitimate communications, if they are not configured correctly. Such problems can be solved with a sniffer in many cases, detect and resolve. To prohibit the Enterprise versions of many antivirus software by default an outgoing communications on TCP port 25 of a public IP address. The own mail server in the company is required. This should prevent the PC in the company of a Botnet spam senders are.
A medium-sized enterprises, which his mail infrastructure to a hosting provider, has the IP address assigned by the hosting SMTP server, however, exclude what is often forgotten. Such communication problems can be with a good sniffer diagnose.
0 comments:
Post a Comment