\pcontentsline {0}{References}{2}{3}{}
\pcontentsline {1}{Introduction}{3}{3}{1}
\pcontentsline {0}{Focus: Basics and Standard Tools}{3}{4}{}
\pcontentsline {0}{Troubleshooting}{4}{5}{}
\pcontentsline {0}{Troubleshooting: Learn as you go}{5}{6}{}
\pcontentsline {1}{Dcoumentation}{6}{6}{1}
\pcontentsline {0}{Documentation}{6}{7}{}
\pcontentsline {0}{Documentation Tools}{7}{8}{}
\pcontentsline {1}{General Troubleshooting}{8}{9}{1}
\pcontentsline {0}{Problem Solving}{9}{10}{}
\pcontentsline {0}{Identify the Problem}{10}{11}{}
\pcontentsline {0}{Gather the Facts}{11}{12}{}
\pcontentsline {0}{Consider Possibilities}{12}{13}{}
\pcontentsline {0}{Action Plan}{13}{14}{}
\pcontentsline {0}{Implement Action Plan}{14}{15}{}
\pcontentsline {0}{Observe Results}{15}{16}{}
\pcontentsline {0}{document}{16}{17}{}
\pcontentsline {0}{modify action plan}{17}{18}{}
\pcontentsline {1}{TCP/IP}{18}{19}{2}
\pcontentsline {0}{OSI---TCP/IP}{19}{20}{}
\pcontentsline {0}{IP Header---Layer 3}{20}{21}{}
\pcontentsline {0}{IP Header}{21}{22}{}
\pcontentsline {0}{IP Header (continued)}{22}{23}{}
\pcontentsline {0}{TCP Header---Layer 4}{23}{24}{}
\pcontentsline {0}{TCP Header}{24}{25}{}
\pcontentsline {0}{TCP Header (continued)}{25}{26}{}
\pcontentsline {0}{UDP Header---Layer 4}{26}{27}{}
\pcontentsline {1}{Troubleshooting TCP/IP}{27}{28}{3}
\pcontentsline {0}{Troubleshooting TCP/IP}{28}{29}{}
\pcontentsline {0}{Troubleshooting TCP/IP}{29}{30}{}
\pcontentsline {1}{Host Configuration}{30}{30}{1}
\pcontentsline {0}{Host Configuration}{30}{31}{}
\pcontentsline {0}{Host Configuration}{31}{32}{}
\pcontentsline {0}{Boot Linux}{32}{33}{}
\pcontentsline {0}{Boot Windows}{33}{34}{}
\pcontentsline {0}{Determine Addresses}{34}{35}{}
\pcontentsline {0}{MAC $\leftrightarrow $ IP mapping --- 1}{35}{36}{}
\pcontentsline {0}{MAC $\leftrightarrow $ IP mapping --- 2}{36}{37}{}
\pcontentsline {0}{Routing Table}{37}{38}{}
\pcontentsline {0}{Access Controls}{38}{39}{}
\pcontentsline {0}{DNS resolver}{39}{40}{}
\pcontentsline {0}{Checking services provided}{40}{41}{}
\pcontentsline {0}{Server Running?}{41}{42}{}
\pcontentsline {0}{\texttt {top}}{42}{43}{}
\pcontentsline {0}{\texttt {netstat -tua}}{43}{44}{}
\pcontentsline {0}{\texttt {lsof}: List Open Files}{44}{45}{}
\pcontentsline {0}{\texttt {ifconfig}}{45}{46}{}
\pcontentsline {0}{\texttt {route}}{46}{47}{}
\pcontentsline {1}{Cables}{47}{47}{1}
\pcontentsline {0}{Connectivity Testing: Cabling}{47}{48}{}
\pcontentsline {1}{Ping}{48}{49}{4}
\pcontentsline {0}{Software tools: \texttt {ping}}{49}{50}{}
\pcontentsline {0}{Good \texttt {ping}, Bad \texttt {ping}?}{50}{51}{}
\pcontentsline {0}{How to Use \texttt {ping}?}{51}{52}{}
\pcontentsline {0}{\texttt {fping}: flood ping}{52}{53}{}
\pcontentsline {0}{hping2}{53}{54}{}
\pcontentsline {0}{\texttt {arping}: uses ARP requests}{54}{55}{}
\pcontentsline {1}{\texttt {traceroute}}{55}{55}{1}
\pcontentsline {0}{Path Discovery: \texttt {traceroute}}{55}{56}{}
\pcontentsline {0}{\texttt {traceroute}: How it Works}{56}{57}{}
\pcontentsline {0}{\texttt {traceroute} Limitations}{57}{58}{}
\pcontentsline {1}{Measurements}{58}{58}{1}
\pcontentsline {0}{Performance Measurements: delay}{58}{59}{}
\pcontentsline {0}{bandwidth and throughput}{59}{60}{}
\pcontentsline {0}{Quality of a Link}{60}{61}{}
\pcontentsline {0}{Throughput: \texttt {ping}}{61}{62}{}
\pcontentsline {0}{Througput: \texttt {ping} One}{62}{63}{}
\pcontentsline {0}{Throughput \texttt {ping} 2 remote}{63}{64}{}
\pcontentsline {0}{Throughput \texttt {ping} 2 remote}{64}{65}{}
\pcontentsline {0}{Throughput \texttt {ping} 2 remote}{65}{66}{}
\pcontentsline {0}{Throughput \texttt {ping} 2 remote}{66}{67}{}
\pcontentsline {0}{Throughput \texttt {ping} 2 remote}{67}{68}{}
\pcontentsline {0}{Limitations of \texttt {ping}}{68}{69}{}
\pcontentsline {0}{Path Performance: Other tools}{69}{70}{}
\pcontentsline {0}{\texttt {pathchar}}{70}{71}{}
\pcontentsline {0}{Measuring Throughput}{71}{72}{}
\pcontentsline {0}{Measuring Throughput with \texttt {ttcp}}{72}{73}{}
\pcontentsline {1}{iproute}{73}{74}{5}
\pcontentsline {0}{The \texttt {ip} program, iproute}{74}{75}{}
\pcontentsline {0}{iproute and \texttt {iptables}}{75}{76}{}
\pcontentsline {0}{Traffic Measurements: \texttt {netstat -i}}{76}{77}{}
\pcontentsline {0}{Measuring Traffic: \texttt {netstat -i}}{77}{78}{}
\pcontentsline {0}{Traffic measurements: \texttt {ifconfig}, \texttt {ip}}{78}{79}{}
\pcontentsline {0}{Getting more info using \texttt {ip}}{79}{80}{}
\pcontentsline {0}{Guide to \texttt {ip} 1}{80}{81}{}
\pcontentsline {0}{Guide to \texttt {ip} 2}{81}{82}{}
\pcontentsline {1}{Packet Capture}{82}{83}{6}
\pcontentsline {0}{What is Packet Capture?}{83}{84}{}
\pcontentsline {0}{When Packet Capture?}{84}{85}{}
\pcontentsline {0}{Warning: Don't Get Sacked!}{85}{86}{}
\pcontentsline {0}{\texttt {tcpdump}}{86}{87}{}
\pcontentsline {0}{How to use \texttt {tcpdump}}{87}{88}{}
\pcontentsline {0}{\texttt {tcpdump}: some options}{88}{89}{}
\pcontentsline {0}{\texttt {tcpdump} Filters: host and port}{89}{90}{}
\pcontentsline {0}{\texttt {tcpdump} filters: networks}{90}{91}{}
\pcontentsline {0}{\texttt {tcpdump} filters: protocol}{91}{92}{}
\pcontentsline {0}{\texttt {tcpdump} filters: combining}{92}{93}{}
\pcontentsline {0}{Writing data to a file}{93}{94}{}
\pcontentsline {0}{Reading a Dumped File}{94}{95}{}
\pcontentsline {0}{HTTP}{95}{96}{}
\pcontentsline {0}{\texttt {tcpdump}: When reading TCP}{96}{97}{}
\pcontentsline {0}{Window}{97}{98}{}
\pcontentsline {1}{Ethereal}{98}{99}{7}
\pcontentsline {0}{Ethereal}{99}{100}{}
\pcontentsline {0}{Ethereal Screenshot}{100}{101}{}
\pcontentsline {0}{Ethereal Screenshot}{101}{102}{}
\pcontentsline {0}{You can expand any protocol:}{102}{103}{}
\pcontentsline {0}{Ethereal 2}{103}{104}{}
\pcontentsline {0}{Display Filters}{104}{105}{}
\pcontentsline {0}{Tools $\to $ Follow TCP Stream}{105}{106}{}
\pcontentsline {0}{Ntop}{106}{107}{}
\pcontentsline {0}{Ntop}{107}{108}{}
\pcontentsline {1}{Switched Networks}{108}{109}{8}
\pcontentsline {0}{Port Monitoring}{109}{110}{}
\pcontentsline {0}{How monitor one machine?}{110}{111}{}
\pcontentsline {0}{Are switched networks secure?}{111}{112}{}
\pcontentsline {1}{Port Scanning}{112}{113}{9}
\pcontentsline {0}{What is a port scanner?}{113}{114}{}
\pcontentsline {0}{How does \texttt {nmap} identify OS?}{114}{115}{}
\pcontentsline {0}{Running \texttt {nmap}: Use \texttt {xnmap}}{115}{116}{}
\pcontentsline {0}{Uses of \texttt {nmap}}{116}{117}{}
\pcontentsline {1}{DNS troubleshooting}{117}{118}{10}
\pcontentsline {0}{DNS troubleshooting}{118}{119}{}
\pcontentsline {0}{DNS: \texttt {dig}}{119}{120}{}
\pcontentsline {0}{\texttt {dig}: Checking forward DNS lookup}{120}{121}{}
\pcontentsline {0}{\texttt {dig}: reverse lookup 1}{121}{122}{}
\pcontentsline {0}{\texttt {dig} syntax}{122}{123}{}
\pcontentsline {0}{\texttt {dig}: axfr (Zone Transfer)}{123}{124}{}
\pcontentsline {0}{\texttt {nslookup}: an interactive program}{124}{125}{}
\pcontentsline {0}{\texttt {nslookup}: reverse lookups}{125}{126}{}
\pcontentsline {1}{telnet}{126}{127}{11}
\pcontentsline {0}{Email: testing with \texttt {telnet}}{127}{128}{}
\pcontentsline {0}{Test the VTC mail server:}{128}{129}{}
\pcontentsline {0}{SMTP commands for sending mail}{129}{130}{}
\pcontentsline {0}{Testing the VTC pop3 server 1}{130}{131}{}
\pcontentsline {0}{Testing the pop3 server 2}{131}{132}{}
\pcontentsline {0}{pop3 commands: retrieving mail}{132}{133}{}
\pcontentsline {0}{\texttt {telnet}: Testing Other Applications}{133}{134}{}
\pcontentsline {0}{Conclusion}{134}{135}{}