How it works under the hood: A closer look at TCPIP and Winsock ETL tracing on Windows 7 and Windows 2008 R2 with an example

Hi there,   In this blog post, I would like to talk about TCPIP, Winsock ETL tracing a bit with an example to show you how powerful those tracing facilities could be when troubelshooting connectivity problems. Please note that it is to give you an idea about what kind of information could be retrieved from…

0

SCCM packages may be distributed slower than standard file copy (xcopy/Windows Explorer)

Hi there,   In this post, I’m going to mention about another issue where I helped a colleague of mine to troubleshoot an SCCM package distribution scenario. The problem was that package distribution to clients were visibly slower compared to standard file copy methods (like using xcopy, Windows Explorer etc). In the given setup, the…

3

SQL Browser may not be reachable through firewalls when it runs on a cluster

Hi there,   In this blog post, I would like to talk about a problem in which I was involved as a network engineer. The problem was that the SQL server instance name to port mapping wasn’t successfully done through a firewall if the SQL instance in question runs on a cluster. Let’s take a…

0

Bogus IP packets and Wireshark

Hi there,   In today’s blog post, I’m going to talk about an issue that I have come across several times while analyzing network traces with Wireshark. Let’s take the following example:   I apply the following filter on a network trace:   ip.addr==192.168.100.23 and ip.addr==192.168.121.51 and tcp.port==3268 and tcp.port==8081   And I get the…

6

How to decrypt an SSL or TLS session by using Wireshark

[Updated on 26th October 2013] The following blog post is the newer version of this blog post: http://blogs.technet.com/b/nettracer/archive/2013/10/12/decrypting-ssl-tls-sessions-with-wireshark-reloaded.aspx Hi there,   In this blog post, I would like to talk about decrypting SSL/TLS sessions by using Wireshark provided that you have access to the server certificate’s private key. In some cases it may be quite useful…

10