Wireshark-dev: Re: [Wireshark-dev] Feedback: Wireshark User's Guide

From: Ulf Lamping <ulf.lamping@xxxxxx>
Date: Mon, 18 Sep 2006 13:01:19 +0200
> 
> As a user, I have read the user guide completely twice. I
> was hoping that the 2nd time around would make it easier. I don’t
> know that I can tell you what is missing however I can tell you what types of
> questions remain vague even after reading the manual twice, the entire WIKI
> twice and some threads on Google. Maybe this will help.
> 

At least you are taking the time to read the available docs, which is much more than most users do :-)

> 
>  
>  As you mentioned, what exactly
>  to look for after a capture is complete (how to analyze it). Oh I can
>  capture traffic but analyzing it is a different story.
>  I would ask myself what are
>  some really good examples of when I would/could use this tool? Some
>  scenarios would be fantastic. For example….users are calling you
>  telling you that your internet connection is crawling. I need to find out
>  why. Could this help? Where exactly would I capture the traffic from? The
>  web server? The Cable Modem? My machine? I have read on the WIKI about “switched
>  networks” and how certain switches can be configured to flow all
>  traffic through a port, etc. But what I’m confused on is “Isn’t
>  every business on a switched network”? It struck me odd that
>  capturing traffic on a switched network wasn’t part of the manual.
>  This made me think that maybe at my company I’m not on a switched
>  network??
>  
>  I was setting up a Wake on LAN at our company and was trying to
>  troubleshoot why certain machines didn’t work. I met all the
>  requirements…a PCI 2.1 compliant motherboard, a WOL capable network
>  card, the WOL cable connected, BIOS enabled and updated, OS set properly,
>  etc. So I figured I would try to use this tool to see what the Wake On LAN
>  packet looked like going to a machine that worked and then one when it
>  didn’t work to see if I could see a difference. Well I made the
>  capture but couldn’t find anything (not really sure what to look
>  for).
>  
>  Another one is a user is having a problem authenticating on our Domain and
>  keeps getting locked out. Could this tool help in this situation and how?
>  

All that points are basically summarized to: how to setup a capture and analyze the results

That's exactly what I was thinking about the part missing in the User's Guide. Thanks for your examples anyway.

>  
>  I downloaded many example
>  captures but then I would say to myself, OK but what types of problems
>  could I encounter where capturing these types of packets would be
>  helpful???
> 

That's basically used as a "database for capture files" so one can look at those packets if none of such available is on your own network.

> 
> I don’t know that this was helpful at all but I wanted
> to answer your question.
> 

It gave me a good idea what a user misses from the user's guide, so yes, it was helpful and much more feedback than I usually get ;-)

Having a general network troubleshooting guide using Wireshark would be really helpful, but that will require a lot more work than I currently have the time for :-( 

However, long cold nights at winter time are coming, so we'll see what the future will bring ...

Regards, ULFL

______________________________________________________________________
XXL-Speicher, PC-Virenschutz, Spartarife & mehr: Nur im WEB.DE Club!		
Jetzt gratis testen! http://freemail.web.de/home/landingpad/?mc=021130