Wireshark is a free and open-source packet analyzer. This tool is used for network troubleshooting, analysis,
communication and software protocol development and education. The original software were named Ehtereal, in May 2006.
Later it was renamed to Wireshark due to trademark issues.
Wireshark uses pcap to capture packets. It runs on several platforms like GNU/Linux, OS X, BSD, Solaris,
some other Unix-like operating systems, and Microsoft Windows.
There is also a terminal-based version (non-GUI) called TShark.
Here I’d like to introduce some important filter options in wireshark.
It’s very hard to find exactly the right packets, you are looking for, in a hugh amount of data.
The following charts are a compendium of several websites.
My aim for these post was, to bring the most important commands of one page.
&nb
Wireshark Homepage
hereby i describe how to recover from a corrupt or missing software image on
a Cisco Catalyst switch 2900XL and 3500XL. I will show you the steps and 2 examples to load
a software image with the hyperterminal software ‘tera term’ or ‘SecureCRT’.
Last few days at work, we noticed on several access-switches a mac address flapping.
I don’t know how to troubleshoot and to fix it for interim arrangement purposes.
It’s very useful to know, how a file system on a Catalyst
2970, 3550, 3560, and 3750 Flash file system
work. If you loose your password, it’s a easy way with above mentioned hardware
to set it to factory default.
As a prerequisite, a PC must be attached to the console port to the switch.
Choose a terminal software of your choice. For example putty.exe.
During my work as a network engineer, i stumble across the switchport nonegotiate command and
i never ever care about this command. There were no need for me to know and to configure this command.
But last week on doing troubleshooting i decide to get a deeper look into ‘switchport nonegotiate’.
Everytime i have to prepare a cisco switch for telnet or ssh access i wondering, what i really need to
configure proper. It’s a simple thing, but when you need this rarely, i always ‘trial and error’ and this
gets me to be aggressive.
All Cisco routers have a 16-bit software register, which is written into NVRAM. By default, the configuration register is set to load the Cisco IOS from flash memory and to look for and load the startup-config file from NVRAM.
By changing the configuration register, you can perform cisco password recovery on a Cisco router.
If you are locked out of a router because you forgot the password, you can change the configuration register to help you recover. Bit 6 in the configuration register is used to tell the router whether or not to use the contents of NVRAM to load a router configuration. The default configuration register value for bit 6 is 0x2102 (the 0 is bit 6), which means that bit 6 is off. With the default setting, the router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6, which will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0x2142.
Continue Reading →
The configuration register can be used to change router behavior in several ways, such as:
The configuration register can be set from configuration mode using the config-register command. From ROMmon, use the confreg command.
Issue the show version command to view the current setting of the configuration register:
Continue Reading →
It is useful to get familiar with the ‘sh int counters’ command, to check if the switchport/interface
(switchport-interface) generate failure on the physical or data link layer.
In some cases clients has latencies or packet loss and therefore bad network performance.
In this blog i want to explain to perform the right outputs and contrue for the troubleshooing.
This will be done with the counter command.
In general you can use the ‘sh interface counters’ for the whole device.
The output show.
You get information of all ports fo the device.
I see how many traffic is generated on each port.
Continue Reading →
To clear a vty line (telnet/ssh) connection on a cisco device you have to know, how to interpret the ‘sh line’ output.
To show the line output you can choose the following line-commands.
M | T | W | T | F | S | S |
---|---|---|---|---|---|---|
« Nov | ||||||
1 | ||||||
2 | 3 | 4 | 5 | 6 | 7 | 8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 |
16 | 17 | 18 | 19 | 20 | 21 | 22 |
23 | 24 | 25 | 26 | 27 | 28 | 29 |
30 | 31 |