Академический Документы
Профессиональный Документы
Культура Документы
Troubleshooting Methods
27/09/2011
Troubleshooting Methodology
27/09/2011
Troubleshooting Overview
Proceed logically and methodically
Follow recommended steps
Use experience when necessary
Logical approach avoids wasteful, timeconsuming efforts
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
27/09/2011
Information gatheringidentify
symptoms and problems
Use proper
communications
technique
Ask questions
Answers help identify
symptoms
Information gatheringidentify
symptoms and problems
Dont jump to conclusions
about symptoms
Pay attention
Users, system and
network behaviors, and
error messages
Treat each symptom
uniquely
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
27/09/2011
27/09/2011
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
10
27/09/2011
Second-level support
Network specialist
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
11
27/09/2011
Scalability
Temporary fix organization will outgrow
Allow for future network additions, enhancements
Cost Weigh options carefully
12
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
13
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
14
27/09/2011
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
15
27/09/2011
QUICK STEPS
16
27/09/2011
Duh Stuff
Is the user login in properly
Do they have the correct permissions
Operator error - are they doing the tasks
correctly
Network cables plugged in, Double Duh
Receiving Power, Triple Duh
Software
Failure
Configuration setting
Device Driver
File corrupted
Hardware settings
Patch required
Malware
17
27/09/2011
Is It a Workstation or a Server
Problem?
A Server problem will often affect the clients
Make sure Server Services are working first
18
27/09/2011
Review
1.
2.
3.
4.
5.
6.
7.
8.
9.
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
Review
1.
2.
3.
4.
5.
6.
7.
8.
9.
Information gathering
Identify the affected areas of the network
Determine if anything has changed
Establish the most probable cause
Determine if escalation is necessary
Create an action plan
Implement and test the solution
Identify the results and effects of the solution
Document the solution and the entire process
19
27/09/2011
Troubleshooting Connectivity
20
27/09/2011
PHYSICAL ISSUES:
21
27/09/2011
Near End Cross Talk (NEXT) and PowerSum Near-End Cross Talk (PSNEXT)
Cable Certfier
22
27/09/2011
Attenuation
Signal
Signal
Strength
23
27/09/2011
Signal
Wires
24
27/09/2011
Reflected Signal
Interference
25
27/09/2011
LOGICAL ISSUES
Configuration Switch
(Speed/Duplex)
Resulting NIC
Speed/Duplex
Resulting Catalyst
Speed/Duplex
AUTO
AUTO
AUTO
Comments
AUTO
No Link
No Link
AUTO
Duplex Mismatch 1
AUTO
Duplex Mismatch 1
AUTO
10 Mbps, Half-duplex
AUTO
10 Mbps, Half-duplex
10 Mbps, Half-duplex
Link is established, but switch does not see Fast Link Pulse
(FLP) and defaults to 10 Mbps half-duplex.
10 Mbps, Half-duplex
No Link
No Link
AUTO
AUTO
10 Mbps, Half-duplex
10 Mbps, Half-duplex
10 Mbps, Half-duplex
Link is established, but NIC does not see FLP and defaults
to 10 Mbps, half-duplex.
26
27/09/2011
Routing Loop
Route Problems
Proxy Arp
27
27/09/2011
Wireless Issues:
Review
Physical issues
Logical issues
Issues that should be identified but escalated
Wireless Issues
28
27/09/2011
Hardware Tools
29
27/09/2011
Cable testers
http://commons.wikimedia.org/wiki/File:Cable-tester-0a.jpg
30
27/09/2011
Protocol analyzer
31
27/09/2011
32
27/09/2011
Toner probe
33
27/09/2011
Butt set
34
27/09/2011
Cable Crimper
Cable Stripper
35
27/09/2011
Snips
36
27/09/2011
Review
Cable testers
Protocol analyzer
Certifiers
TDR
OTDR
Multimeter
Toner probe
Butt set
Punch down tool
Cable stripper
Snips
Voltage event
recorder
Temperature
monitor
37
27/09/2011
38
27/09/2011
Traceroute
Ipconfig
Ifconfig
Ping
Arp ping
Arp
Nslookup
Hostname
Dig
Mtr
Route
Nbtstat
Netstat
Getting Help
On Windows:
Type the command followed by /? or a -?
On Unix or Linux
Type the command followed by --help
Type man followed by the command
39
27/09/2011
tracert (windows)
traceroute allspice.lcs.mit.edu.
traceroute to allspice.lcs.mit.edu (18.26.0.115), 30 hops max
1 helios.ee.lbl.gov (128.3.112.1) 0 ms 0 ms 0 ms
2 lilac-dmc.Berkeley.EDU (128.32.216.1) 19 ms 19 ms 19 ms
3 ccn-nerif22.Berkeley.EDU (128.32.168.22) 20 ms 39 ms 39 ms
4 128.32.197.4 (128.32.197.4) 59 ms 119 ms 39 ms
5 131.119.2.5 (131.119.2.5) 59 ms 59 ms 39 ms
6 129.140.70.13 (129.140.70.13) 80 ms 79 ms 99 ms
7 129.140.71.6 (129.140.71.6) 139 ms 139 ms 159 ms
8 129.140.81.7 (129.140.81.7) 199 ms 180 ms 300 ms
9 129.140.72.17 (129.140.72.17) 300 ms 239 ms 239 ms
10 * * *
11 128.121.54.72 (128.121.54.72) 259 ms 499 ms 279 ms
12 * * *
13 * * *
14 ALLSPICE.LCS.MIT.EDU (18.26.0.115) 339 ms 279 ms 279 ms
40
27/09/2011
ipconfig
Ifconfig
41
27/09/2011
Successful ping
42
27/09/2011
Failed ping
Arp ping
43
27/09/2011
44
27/09/2011
arp utility
To view and modify a hosts ARP cache/table
ARP cache/table contains mappings between
IP and MAC Addresses
Nslookup Name
Server lookup
45
27/09/2011
Nslookup Name
Hostname command
46
27/09/2011
47
27/09/2011
Linux command
Combines ping and traceroute
Similar to windows pathping
provides details of the path between two
hosts (similar to the traceroute command)
Plus, additional statistics for each node in the
path based on samples taken over a time
period (similar to the ping command).
48
27/09/2011
Route
Displays and Sets Routing information
Windows and Unix / Linux different syntax
49
27/09/2011
Summary
Traceroute
Ipconfig
Ifconfig
Ping
Arp ping
Arp
Nslookup
Hostname
Dig
Mtr
Route
Nbtstat
Netstat
50
27/09/2011
http://learnthat.com/2010/12/comptianetwork-2009-domain-5-network-tools/
Network Scanners
51
27/09/2011
Objectives
At the end of this lesson we will be able to
Explain the purpose of network scanners
Packet sniffers
Intrusion detection software
Intrusion prevention software
Port scanners
52
27/09/2011
Packet sniffers
Wireshark
Microsoft Network Monitor
Wireshark Screenshot
53
27/09/2011
Composed of:
Sensors
Console
Engine
Detect
security
events
Monitor and
control
Logs events
and generate
alerts
54
27/09/2011
Real-time
monitoring of
all network
traffic
Detects
malicious
code or
attacks
When attack
is detected
Drop the
offending
packets
Allows all other
traffic to pass
55
27/09/2011
Untangle Screenshot
Port scanners
Scan open TCP or UDP ports on a target host
or network
Used for testing for network vulnerabilities
Freeware Port Scanners
Network Mapper (Nmap)
Angry IP Scanner
56
27/09/2011
Nmap 5 Screenshot
Angry IP Screenshot
57
27/09/2011
Review
Packet sniffers
Intrusion detection software
Intrusion prevention software
Port scanners
58