\HAPbookmark{}{section.0.1}{References}{2}{section.0}
\HAPbookmark{}{section.1}{Introduction}{3}{}
\HAPbookmark{}{section.1.1}{Focus: Basics and Standard Tools}{3}{section.1}
\HAPbookmark{}{section.1.2}{Troubleshooting}{4}{section.1}
\HAPbookmark{}{section.1.3}{Troubleshooting: Learn as you go}{5}{section.1}
\HAPbookmark{}{section.2}{Dcoumentation}{6}{}
\HAPbookmark{}{section.2.1}{Documentation}{6}{section.2}
\HAPbookmark{}{section.2.2}{Documentation Tools}{7}{section.2}
\HAPbookmark{}{section.3}{General Troubleshooting}{8}{}
\HAPbookmark{}{section.3.1}{Problem Solving}{9}{section.3}
\HAPbookmark{}{section.3.2}{Identify the Problem}{10}{section.3}
\HAPbookmark{}{section.3.3}{Gather the Facts}{11}{section.3}
\HAPbookmark{}{section.3.4}{Consider Possibilities}{12}{section.3}
\HAPbookmark{}{section.3.5}{Action Plan}{13}{section.3}
\HAPbookmark{}{section.3.6}{Implement Action Plan}{14}{section.3}
\HAPbookmark{}{section.3.7}{Observe Results}{15}{section.3}
\HAPbookmark{}{section.3.8}{document}{16}{section.3}
\HAPbookmark{}{section.3.9}{modify action plan}{17}{section.3}
\HAPbookmark{}{section.4}{TCP/IP}{18}{}
\HAPbookmark{}{section.4.1}{OSI---TCP/IP}{19}{section.4}
\HAPbookmark{}{section.4.2}{IP Header---Layer 3}{20}{section.4}
\HAPbookmark{}{section.4.3}{IP Header}{21}{section.4}
\HAPbookmark{}{section.4.4}{IP Header (continued)}{22}{section.4}
\HAPbookmark{}{section.4.5}{TCP Header---Layer 4}{23}{section.4}
\HAPbookmark{}{section.4.6}{TCP Header}{24}{section.4}
\HAPbookmark{}{section.4.7}{TCP Header (continued)}{25}{section.4}
\HAPbookmark{}{section.4.8}{UDP Header---Layer 4}{26}{section.4}
\HAPbookmark{}{section.5}{Troubleshooting TCP/IP}{27}{}
\HAPbookmark{}{section.5.1}{Troubleshooting TCP/IP}{28}{section.5}
\HAPbookmark{}{section.5.2}{Troubleshooting TCP/IP}{29}{section.5}
\HAPbookmark{}{section.6}{Host Configuration}{30}{}
\HAPbookmark{}{section.6.1}{Host Configuration}{30}{section.6}
\HAPbookmark{}{section.6.2}{Host Configuration}{31}{section.6}
\HAPbookmark{}{section.6.3}{Boot Linux}{32}{section.6}
\HAPbookmark{}{section.6.4}{Boot Windows}{33}{section.6}
\HAPbookmark{}{section.6.5}{Determine Addresses}{34}{section.6}
\HAPbookmark{}{section.6.6}{MAC <-> IP mapping 1}{35}{section.6}
\HAPbookmark{}{section.6.7}{MAC <-> IP mapping 2}{36}{section.6}
\HAPbookmark{}{section.6.8}{Routing Table}{37}{section.6}
\HAPbookmark{}{section.6.9}{Access Controls}{38}{section.6}
\HAPbookmark{}{section.6.10}{DNS resolver}{39}{section.6}
\HAPbookmark{}{section.6.11}{Checking services provided}{40}{section.6}
\HAPbookmark{}{section.6.12}{Server Running?}{41}{section.6}
\HAPbookmark{}{section.6.13}{top}{42}{section.6}
\HAPbookmark{}{section.6.14}{netstat -tua}{43}{section.6}
\HAPbookmark{}{section.6.15}{\texttt  {lsof}: List Open Files}{44}{section.6}
\HAPbookmark{}{section.6.16}{\texttt  {ifconfig}}{45}{section.6}
\HAPbookmark{}{section.6.17}{\texttt  {route}}{46}{section.6}
\HAPbookmark{}{section.7}{Cables}{47}{}
\HAPbookmark{}{section.7.1}{Connectivity Testing: Cabling}{47}{section.7}
\HAPbookmark{}{section.8}{Ping}{48}{}
\HAPbookmark{}{section.8.1}{Software tools: \texttt  {ping}}{49}{section.8}
\HAPbookmark{}{section.8.2}{Good ping, Bad ping?}{50}{section.8}
\HAPbookmark{}{section.8.3}{How to Use \texttt  {ping}?}{51}{section.8}
\HAPbookmark{}{section.8.4}{\texttt  {fping}: flood ping}{52}{section.8}
\HAPbookmark{}{section.8.5}{hping}{53}{section.8}
\HAPbookmark{}{section.8.6}{\texttt  {arping}: uses ARP requests}{54}{section.8}
\HAPbookmark{}{section.9}{\texttt  {traceroute}}{55}{}
\HAPbookmark{}{section.9.1}{Path Discovery: \texttt  {traceroute}}{55}{section.9}
\HAPbookmark{}{section.9.2}{\texttt  {traceroute}: How it Works}{56}{section.9}
\HAPbookmark{}{section.9.3}{\texttt  {traceroute} Limitations}{57}{section.9}
\HAPbookmark{}{section.10}{Measurements}{58}{}
\HAPbookmark{}{section.10.1}{Performance Measurements: delay}{58}{section.10}
\HAPbookmark{}{section.10.2}{bandwidth and throughput}{59}{section.10}
\HAPbookmark{}{section.10.3}{Quality of a Link}{60}{section.10}
\HAPbookmark{}{section.10.4}{Throughput: ping}{61}{section.10}
\HAPbookmark{}{section.10.5}{Throughput: ping One}{62}{section.10}
\HAPbookmark{}{section.10.6}{Throughput ping 2 remote}{63}{section.10}
\HAPbookmark{}{section.10.7}{Throughput ping 2 remote}{64}{section.10}
\HAPbookmark{}{section.10.8}{Throughput ping 2 remote}{65}{section.10}
\HAPbookmark{}{section.10.9}{Throughput ping 2 remote}{66}{section.10}
\HAPbookmark{}{section.10.10}{Throughput ping 2 remote}{67}{section.10}
\HAPbookmark{}{section.10.11}{Limitations of ping}{68}{section.10}
\HAPbookmark{}{section.10.12}{Path Performance: Other tools}{69}{section.10}
\HAPbookmark{}{section.10.13}{pathchar}{70}{section.10}
\HAPbookmark{}{section.10.14}{Measuring Throughput}{71}{section.10}
\HAPbookmark{}{section.10.15}{Measuring Throughput with \texttt  {ttcp}}{72}{section.10}
\HAPbookmark{}{section.11}{iproute}{73}{}
\HAPbookmark{}{section.11.1}{The \texttt  {ip} program, iproute}{74}{section.11}
\HAPbookmark{}{section.11.2}{iproute and \texttt  {iptables}}{75}{section.11}
\HAPbookmark{}{section.11.3}{Traffic Measurements: \texttt  {netstat -i}}{76}{section.11}
\HAPbookmark{}{section.11.4}{Measuring Traffic: \texttt  {netstat -i}}{77}{section.11}
\HAPbookmark{}{section.11.5}{Traffic measurements: \texttt  {ifconfig}, \texttt  {ip}}{78}{section.11}
\HAPbookmark{}{section.11.6}{Getting more info using \texttt  {ip}}{79}{section.11}
\HAPbookmark{}{section.11.7}{Guide to ip 1}{80}{section.11}
\HAPbookmark{}{section.11.8}{Guide to ip 2}{81}{section.11}
\HAPbookmark{}{section.12}{Packet Capture}{82}{}
\HAPbookmark{}{section.12.1}{What is Packet Capture?}{83}{section.12}
\HAPbookmark{}{section.12.2}{When Packet Capture?}{84}{section.12}
\HAPbookmark{}{section.12.3}{Warning: Don't Get Sacked!}{85}{section.12}
\HAPbookmark{}{section.12.4}{\texttt  {tcpdump}}{86}{section.12}
\HAPbookmark{}{section.12.5}{How to use \texttt  {tcpdump}}{87}{section.12}
\HAPbookmark{}{section.12.6}{\texttt  {tcpdump}: some options}{88}{section.12}
\HAPbookmark{}{section.12.7}{\texttt  {tcpdump} Filters: host and port}{89}{section.12}
\HAPbookmark{}{section.12.8}{\texttt  {tcpdump} filters: networks}{90}{section.12}
\HAPbookmark{}{section.12.9}{\texttt  {tcpdump} filters: protocol}{91}{section.12}
\HAPbookmark{}{section.12.10}{\texttt  {tcpdump} filters: combining}{92}{section.12}
\HAPbookmark{}{section.12.11}{Writing data to a file}{93}{section.12}
\HAPbookmark{}{section.12.12}{Reading a Dumped File}{94}{section.12}
\HAPbookmark{}{section.12.13}{HTTP}{95}{section.12}
\HAPbookmark{}{section.12.14}{\texttt  {tcpdump}: When reading TCP}{96}{section.12}
\HAPbookmark{}{section.12.15}{Window}{97}{section.12}
\HAPbookmark{}{section.13}{Ethereal}{98}{}
\HAPbookmark{}{section.13.1}{Ethereal}{99}{section.13}
\HAPbookmark{}{section.13.2}{Ethereal Screenshot}{100}{section.13}
\HAPbookmark{}{section.13.3}{Ethereal Screenshot}{101}{section.13}
\HAPbookmark{}{section.13.4}{You can expand any protocol:}{102}{section.13}
\HAPbookmark{}{section.13.5}{Ethereal 2}{103}{section.13}
\HAPbookmark{}{section.13.6}{Display Filters}{104}{section.13}
\HAPbookmark{}{section.13.7}{Tools $\to $ Follow TCP Stream}{105}{section.13}
\HAPbookmark{}{section.13.8}{Ntop}{106}{section.13}
\HAPbookmark{}{section.13.9}{Ntop}{107}{section.13}
\HAPbookmark{}{section.14}{Switched Networks}{108}{}
\HAPbookmark{}{section.14.1}{Port Monitoring}{109}{section.14}
\HAPbookmark{}{section.14.2}{How monitor one machine?}{110}{section.14}
\HAPbookmark{}{section.14.3}{Are switched networks secure?}{111}{section.14}
\HAPbookmark{}{section.15}{Port Scanning}{112}{}
\HAPbookmark{}{section.15.1}{What is a port scanner?}{113}{section.15}
\HAPbookmark{}{section.15.2}{How does \texttt  {nmap} identify OS?}{114}{section.15}
\HAPbookmark{}{section.15.3}{Running \texttt  {nmap}: Use \texttt  {xnmap}}{115}{section.15}
\HAPbookmark{}{section.15.4}{Uses of \texttt  {nmap}}{116}{section.15}
\HAPbookmark{}{section.16}{DNS troubleshooting}{117}{}
\HAPbookmark{}{section.16.1}{DNS troubleshooting}{118}{section.16}
\HAPbookmark{}{section.16.2}{DNS: \texttt  {dig}}{119}{section.16}
\HAPbookmark{}{section.16.3}{\texttt  {dig}: Checking forward DNS lookup}{120}{section.16}
\HAPbookmark{}{section.16.4}{\texttt  {dig}: reverse lookup 1}{121}{section.16}
\HAPbookmark{}{section.16.5}{\texttt  {dig} syntax}{122}{section.16}
\HAPbookmark{}{section.16.6}{\texttt  {dig}: axfr (Zone Transfer)}{123}{section.16}
\HAPbookmark{}{section.16.7}{\texttt  {nslookup}: an interactive program}{124}{section.16}
\HAPbookmark{}{section.16.8}{\texttt  {nslookup}: reverse lookups}{125}{section.16}
\HAPbookmark{}{section.17}{telnet}{126}{}
\HAPbookmark{}{section.17.1}{Email: testing with \texttt  {telnet}}{127}{section.17}
\HAPbookmark{}{section.17.2}{Test the VTC mail server:}{128}{section.17}
\HAPbookmark{}{section.17.3}{SMTP commands for sending mail}{129}{section.17}
\HAPbookmark{}{section.17.4}{Testing the VTC pop3 server 1}{130}{section.17}
\HAPbookmark{}{section.17.5}{Testing the pop3 server 2}{131}{section.17}
\HAPbookmark{}{section.17.6}{pop3 commands: retrieving mail}{132}{section.17}
\HAPbookmark{}{section.17.7}{\texttt  {telnet}: Testing Other Applications}{133}{section.17}
\HAPbookmark{}{section.17.8}{Conclusion}{134}{section.17}