| Product: Distinct Network Monitor | Topic: general | Last updated: 3/26/2008 |
| |
| Q.: At what layer in the protocol stack is the sniffing being done? |
A.: It is done at level 2, data link layer. Captured data includes the Ethernet header, but not the additional Ethernet frame fields. These fields, for example a check sum field after the frame, are stripped by the hardware layer.
|
| |
Do you find this information useful ?  Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/26/2008 |
| |
| Q.: Can I see the incoming packets while I run the capture? |
| A.: Yes. You can decide to watch the packets coming in - in real time - by always keeping the windows open on the last packet or you can decide to turn scrolling off and wait for the capture to finish before you start analyzing the captured packets. Of course you can also load and view off line previously captured files. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: Can Network Monitor be used to capture network traffic over serial lines? |
| A.: Yes. You can set Network Monitor to bind to the dial-up adapter to capture the traffic going over the serial line. Note that on 2000 and XP, you need to first make your serial connection before starting to monitor. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: Does Distinct Network Monitor support 802.1P and 802.1Q?
|
| A.: Yes Distinct Network Monitor parses these packets. 802.1p is embedded in 802.1q. 802.1q is used by Virtual LANs and 802.1p is the priority of the packets used by Virtual LANs. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: Does Network Monitor capture all packets all the time? |
| A.: No sniffing software can guarantee that, because network cards are typically faster to deliver the packets than hard disks are to write them out. Therefore, to increase the odds of capturing all the packets on a heavy traffic network, you should always use a dedicated system with the fastest possible hard disk and the fastest possible CPU. At the completion of a capture session, Network Monitor will show you the number and percentage of packets captured. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: Help does not bring up anything. Why? |
| A.: For help to work, you need to have IE 5.0 or above installed on your system. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: How do I uninstall Network Monitor 3.0 on ME? |
| A.: Uninstall needs Windows Installer 2.0. ME installations have old versions of Windows Installer. Download Windows Installer from the Microsoft website, install it and then uninstall Network Monitor 3.0 |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: I have a network trace captured with a competing product, but I would like to see your plain English explanation of what's happening. How can I do that? |
| A.: You are lucky. We have incorporated several format converters into Network Monitor to let you do just that. Network Monitor can read in trace files taken with the following programs: NAI NetXRay(R), Microsoft Network Monitor, Sun Snoop(R), Novell LANalyzer(R) , Precision Guesswork LANWatch(R), and Linux tcpdump. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: I started Network Monitor and clicked on Start Capture, but no packets are displayed? What's wrong? |
| A.: Most likely, you have selected a network adapter not used by your system. Another reason is that you have defined a filter that filters out all the packets. Check your filter settings and/or choose another adapter. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
| Product: Distinct Network Monitor | Topic: general | Last updated: 3/19/2008 |
| |
| Q.: I want to capture only certain type of packets between two systems. How do I do that? |
| A.: You need to set up a filter that specify the names or IP addressees of the systems that you want to monitor and the packet types that you want to see, such as all FTP and all HTTP packets. You can also save this filter and reuse it later. All this can be done within a single dialog box. |
| |
| Do you find this information useful ? Yes No Not Sure |
|
