\HAPbookmark{}{section.0.1}{References}{2}{section.0}
\HAPbookmark{}{section.0.2}{Focus: Basics and Standard Tools}{3}{section.0}
\HAPbookmark{}{section.0.3}{Troubleshooting}{4}{section.0}
\HAPbookmark{}{section.0.4}{Troubleshooting: Learn as you go}{5}{section.0}
\HAPbookmark{}{section.0.5}{Documentation}{6}{section.0}
\HAPbookmark{}{section.0.6}{Documentation Tools}{7}{section.0}
\HAPbookmark{}{section.1}{General Troubleshooting}{8}{}
\HAPbookmark{}{section.1.1}{Problem Solving}{9}{section.1}
\HAPbookmark{}{section.1.2}{Identify the Problem}{10}{section.1}
\HAPbookmark{}{section.1.3}{Gather the Facts}{11}{section.1}
\HAPbookmark{}{section.1.4}{Consider Possibilities}{12}{section.1}
\HAPbookmark{}{section.1.5}{Action Plan}{13}{section.1}
\HAPbookmark{}{section.1.6}{Implement Action Plan}{14}{section.1}
\HAPbookmark{}{section.1.7}{Observe Results}{15}{section.1}
\HAPbookmark{}{section.1.8}{document}{16}{section.1}
\HAPbookmark{}{section.1.9}{modify action plan}{17}{section.1}
\HAPbookmark{}{section.2}{TCP/IP}{18}{}
\HAPbookmark{}{section.2.1}{OSI---TCP/IP}{19}{section.2}
\HAPbookmark{}{section.2.2}{IP Header---Layer 3}{20}{section.2}
\HAPbookmark{}{section.2.3}{IP Header}{21}{section.2}
\HAPbookmark{}{section.2.4}{IP Header (continued)}{22}{section.2}
\HAPbookmark{}{section.2.5}{TCP Header---Layer 4}{23}{section.2}
\HAPbookmark{}{section.2.6}{TCP Header}{24}{section.2}
\HAPbookmark{}{section.2.7}{TCP Header (continued)}{25}{section.2}
\HAPbookmark{}{section.2.8}{UDP Header---Layer 4}{26}{section.2}
\HAPbookmark{}{section.3}{Troubleshooting TCP/IP}{27}{}
\HAPbookmark{}{section.3.1}{Troubleshooting TCP/IP}{28}{section.3}
\HAPbookmark{}{section.3.2}{Troubleshooting TCP/IP}{29}{section.3}
\HAPbookmark{}{section.3.3}{Host Configuration}{30}{section.3}
\HAPbookmark{}{section.3.4}{Host Configuration}{31}{section.3}
\HAPbookmark{}{section.3.5}{Boot Linux}{32}{section.3}
\HAPbookmark{}{section.3.6}{Boot Windows}{33}{section.3}
\HAPbookmark{}{section.3.7}{Determine Addresses}{34}{section.3}
\HAPbookmark{}{section.3.8}{MAC <-> IP mapping 1}{35}{section.3}
\HAPbookmark{}{section.3.9}{MAC <-> IP mapping 2}{36}{section.3}
\HAPbookmark{}{section.3.10}{Routing Table}{37}{section.3}
\HAPbookmark{}{section.3.11}{Access Controls}{38}{section.3}
\HAPbookmark{}{section.3.12}{DNS resolver}{39}{section.3}
\HAPbookmark{}{section.3.13}{Checking services provided}{40}{section.3}
\HAPbookmark{}{section.3.14}{Server Running?}{41}{section.3}
\HAPbookmark{}{section.3.15}{top}{42}{section.3}
\HAPbookmark{}{section.3.16}{netstat -tua}{43}{section.3}
\HAPbookmark{}{section.3.17}{\texttt  {lsof}: List Open Files}{44}{section.3}
\HAPbookmark{}{section.3.18}{\texttt  {ifconfig}}{45}{section.3}
\HAPbookmark{}{section.3.19}{\texttt  {route}}{46}{section.3}
\HAPbookmark{}{section.3.20}{Connectivity Testing: Cabling}{47}{section.3}
\HAPbookmark{}{section.4}{Ping}{48}{}
\HAPbookmark{}{section.4.1}{Software tools: \texttt  {ping}}{49}{section.4}
\HAPbookmark{}{section.4.2}{Good ping, Bad ping?}{50}{section.4}
\HAPbookmark{}{section.4.3}{How to Use \texttt  {ping}?}{51}{section.4}
\HAPbookmark{}{section.4.4}{\texttt  {fping}: flood ping}{52}{section.4}
\HAPbookmark{}{section.4.5}{hping}{53}{section.4}
\HAPbookmark{}{section.4.6}{\texttt  {arping}: uses ARP requests}{54}{section.4}
\HAPbookmark{}{section.4.7}{Path Discovery: \texttt  {traceroute}}{55}{section.4}
\HAPbookmark{}{section.4.8}{\texttt  {traceroute}: How it Works}{56}{section.4}
\HAPbookmark{}{section.4.9}{\texttt  {traceroute} Limitations}{57}{section.4}
\HAPbookmark{}{section.4.10}{Performance Measurements: delay}{58}{section.4}
\HAPbookmark{}{section.4.11}{bandwidth and throughput}{59}{section.4}
\HAPbookmark{}{section.4.12}{Quality of a Link}{60}{section.4}
\HAPbookmark{}{section.4.13}{Throughput: ping}{61}{section.4}
\HAPbookmark{}{section.4.14}{Throughput: ping One}{62}{section.4}
\HAPbookmark{}{section.4.15}{Throughput ping 2 remote}{63}{section.4}
\HAPbookmark{}{section.4.16}{Throughput ping 2 remote}{64}{section.4}
\HAPbookmark{}{section.4.17}{Throughput ping 2 remote}{65}{section.4}
\HAPbookmark{}{section.4.18}{Throughput ping 2 remote}{66}{section.4}
\HAPbookmark{}{section.4.19}{Throughput ping 2 remote}{67}{section.4}
\HAPbookmark{}{section.4.20}{Limitations of ping}{68}{section.4}
\HAPbookmark{}{section.4.21}{Path Performance: Other tools}{69}{section.4}
\HAPbookmark{}{section.4.22}{pathchar}{70}{section.4}
\HAPbookmark{}{section.4.23}{Measuring Throughput}{71}{section.4}
\HAPbookmark{}{section.4.24}{Measuring Throughput with \texttt  {ttcp}}{72}{section.4}
\HAPbookmark{}{section.5}{iproute}{73}{}
\HAPbookmark{}{section.5.1}{The \texttt  {ip} program, iproute}{74}{section.5}
\HAPbookmark{}{section.5.2}{iproute and \texttt  {iptables}}{75}{section.5}
\HAPbookmark{}{section.5.3}{Traffic Measurements: \texttt  {netstat -i}}{76}{section.5}
\HAPbookmark{}{section.5.4}{Measuring Traffic: \texttt  {netstat -i}}{77}{section.5}
\HAPbookmark{}{section.5.5}{Traffic measurements: \texttt  {ifconfig}, \texttt  {ip}}{78}{section.5}
\HAPbookmark{}{section.5.6}{Getting more info using \texttt  {ip}}{79}{section.5}
\HAPbookmark{}{section.5.7}{Guide to ip 1}{80}{section.5}
\HAPbookmark{}{section.5.8}{Guide to ip 2}{81}{section.5}
\HAPbookmark{}{section.6}{Packet Capture}{82}{}
\HAPbookmark{}{section.6.1}{What is Packet Capture?}{83}{section.6}
\HAPbookmark{}{section.6.2}{When Packet Capture?}{84}{section.6}
\HAPbookmark{}{section.6.3}{Warning: Don't Get Sacked!}{85}{section.6}
\HAPbookmark{}{section.6.4}{\texttt  {tcpdump}}{86}{section.6}
\HAPbookmark{}{section.6.5}{How to use \texttt  {tcpdump}}{87}{section.6}
\HAPbookmark{}{section.6.6}{\texttt  {tcpdump}: some options}{88}{section.6}
\HAPbookmark{}{section.6.7}{\texttt  {tcpdump} Filters: host and port}{89}{section.6}
\HAPbookmark{}{section.6.8}{\texttt  {tcpdump} filters: networks}{90}{section.6}
\HAPbookmark{}{section.6.9}{\texttt  {tcpdump} filters: protocol}{91}{section.6}
\HAPbookmark{}{section.6.10}{\texttt  {tcpdump} filters: combining}{92}{section.6}
\HAPbookmark{}{section.6.11}{Writing data to a file}{93}{section.6}
\HAPbookmark{}{section.6.12}{Reading a Dumped File}{94}{section.6}
\HAPbookmark{}{section.6.13}{HTTP}{95}{section.6}
\HAPbookmark{}{section.6.14}{\texttt  {tcpdump}: When reading TCP}{96}{section.6}
\HAPbookmark{}{section.6.15}{Window}{97}{section.6}
\HAPbookmark{}{section.7}{Ethereal}{98}{}
\HAPbookmark{}{section.7.1}{Ethereal}{99}{section.7}
\HAPbookmark{}{section.7.2}{Ethereal Screenshot}{100}{section.7}
\HAPbookmark{}{section.7.3}{Ethereal Screenshot}{101}{section.7}
\HAPbookmark{}{section.7.4}{You can expand any protocol:}{102}{section.7}
\HAPbookmark{}{section.7.5}{Ethereal 2}{103}{section.7}
\HAPbookmark{}{section.7.6}{Display Filters}{104}{section.7}
\HAPbookmark{}{section.7.7}{Tools $\to $ Follow TCP Stream}{105}{section.7}
\HAPbookmark{}{section.7.8}{Ntop}{106}{section.7}
\HAPbookmark{}{section.7.9}{Ntop}{107}{section.7}
\HAPbookmark{}{section.8}{Switched Networks}{108}{}
\HAPbookmark{}{section.8.1}{Port Monitoring}{109}{section.8}
\HAPbookmark{}{section.8.2}{How monitor one machine?}{110}{section.8}
\HAPbookmark{}{section.8.3}{Are switched networks secure?}{111}{section.8}
\HAPbookmark{}{section.9}{Port Scanning}{112}{}
\HAPbookmark{}{section.9.1}{What is a port scanner?}{113}{section.9}
\HAPbookmark{}{section.9.2}{How does \texttt  {nmap} identify OS?}{114}{section.9}
\HAPbookmark{}{section.9.3}{Running \texttt  {nmap}: Use \texttt  {xnmap}}{115}{section.9}
\HAPbookmark{}{section.9.4}{Uses of \texttt  {nmap}}{116}{section.9}
\HAPbookmark{}{section.10}{DNS troubleshooting}{117}{}
\HAPbookmark{}{section.10.1}{DNS troubleshooting}{118}{section.10}
\HAPbookmark{}{section.10.2}{DNS: \texttt  {dig}}{119}{section.10}
\HAPbookmark{}{section.10.3}{\texttt  {dig}: Checking forward DNS lookup}{120}{section.10}
\HAPbookmark{}{section.10.4}{\texttt  {dig}: reverse lookup 1}{121}{section.10}
\HAPbookmark{}{section.10.5}{\texttt  {dig} syntax}{122}{section.10}
\HAPbookmark{}{section.10.6}{\texttt  {dig}: axfr (Zone Transfer)}{123}{section.10}
\HAPbookmark{}{section.10.7}{\texttt  {nslookup}: an interactive program}{124}{section.10}
\HAPbookmark{}{section.10.8}{\texttt  {nslookup}: reverse lookups}{125}{section.10}
\HAPbookmark{}{section.11}{telnet}{126}{}
\HAPbookmark{}{section.11.1}{Email: testing with \texttt  {telnet}}{127}{section.11}
\HAPbookmark{}{section.11.2}{Test the VTC mail server:}{128}{section.11}
\HAPbookmark{}{section.11.3}{SMTP commands for sending mail}{129}{section.11}
\HAPbookmark{}{section.11.4}{Testing the VTC pop3 server 1}{130}{section.11}
\HAPbookmark{}{section.11.5}{Testing the pop3 server 2}{131}{section.11}
\HAPbookmark{}{section.11.6}{pop3 commands: retrieving mail}{132}{section.11}
\HAPbookmark{}{section.11.7}{\texttt  {telnet}: Testing Other Applications}{133}{section.11}
\HAPbookmark{}{section.11.8}{Conclusion}{134}{section.11}